[go: up one dir, main page]

WO2002046941A1 - Portable information apparatus, personal authentication system, and method for erasing authentication data - Google Patents

Portable information apparatus, personal authentication system, and method for erasing authentication data Download PDF

Info

Publication number
WO2002046941A1
WO2002046941A1 PCT/JP2001/010649 JP0110649W WO0246941A1 WO 2002046941 A1 WO2002046941 A1 WO 2002046941A1 JP 0110649 W JP0110649 W JP 0110649W WO 0246941 A1 WO0246941 A1 WO 0246941A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
authentication
authentication data
portable information
information device
Prior art date
Application number
PCT/JP2001/010649
Other languages
French (fr)
Japanese (ja)
Inventor
Akinori Kosaka
Original Assignee
Citizen Watch Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Citizen Watch Co., Ltd. filed Critical Citizen Watch Co., Ltd.
Publication of WO2002046941A1 publication Critical patent/WO2002046941A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Definitions

  • the present invention relates to a portable personal authentication system used for services such as introduction to a research institute, ticket gates, log-in to a computer, credit processing, cashing processing, merchandise sales, use of rental equipment, and the like.
  • This is related to information devices, especially portable information devices for personal authentication, and personal authentication systems that improve the security and efficiency of personal authentication systems, especially for system providers and users of personal authentication systems. It relates to a system and an authentication data erasing method.
  • the personal authentication system is a security system that confirms that the user is an authorized user when using the service. Introduction to laboratories, ticket gates, login to computers, credit processing
  • Personal authentication Authenticating users in an information processing system that manages services such as cashing, buying and selling goods, using rental equipment, and downloading information is called "personal authentication.”
  • User authentication is an information processing handbook as a security measure for information processing systems.
  • IPSJ (1st edition, 1989, IPSJ), refers to external security, internal security, and user authentication, as well as user authentication to confirm that the user is an authorized and authorized user.
  • the most widely used method is that the system management device refers to something that only the user has at the time of getting started, purchasing a product, logging in to the computer, etc., so that the user is the user himself. Certified and service available It is a function.
  • the authentication method using an IC card can be used legitimately because the authentication data containing a large amount of personal information is stored on a single storage medium. Is determined to be a person. It is a relatively simple, safe, and reliable method based on the premise that biometric features that only individuals can possess are used. Also, with the spread of portable information devices such as mobile phones connected to the Internet, a method of storing authentication data in these devices and performing personal authentication on the go is being considered. By using a portable information device that the user carries everyday with multiple personal authentication systems, the convenience for the user is improved, and the user is free from the inconvenience of holding multiple cards and storing multiple passwords. You. The system provider can also improve the efficiency of systems used by multiple users by quickly performing personal authentication of multiple portable information devices by data communication.
  • Authentication data is data that is used to identify a user who is authorized to use the personal authentication system and a person who is not authorized to use it, or to identify another user and perform personal authentication. Has a means of identification after issuance.
  • internal security controls to prevent duplication and unauthorized use such as encryption, password information, information such as signatures, biological information such as biometrics, information read from storage media, It contains merchandise sales proof information, and possesses these to identify the user himself / herself.
  • the means for identifying after issuance may be, for example, an electronic key using encryption technology or a part of the electronic key.
  • a system provider is a person or organization that provides services to users using a personal authentication system. Because it is data, it can be stored in a single portable information device, erased conveniently, or updated to a new one.
  • a system that performs personal authentication simply by referring to authentication data enables quick authentication at sites with many users.
  • IC force illegal use prevention device Japanese Patent Application No. 8-274136 It has a receiving unit that receives a wireless signal, and a storage unit that stores data for identifying the owner. When the receiving unit cannot receive a predetermined wireless signal for a predetermined time, the authentication data stored in the storage unit To make them unusable or unusable. This makes it impossible to use the IC card immediately if it is lost or stolen.
  • the information device and the input device of the personal authentication system have means for detecting the state of wearing of the human body in the portable information device. Disable the authentication data stored in the portable information device. Although these are considered to be safe, the authentication data is simply erased by the configuration provided on the IC card and the portable information device, and the user or the system provider can use the specific authentication data. It is difficult to improve convenience such as arbitrarily deleting. Furthermore, the document does not describe improving the security of multiple stored authentication data individually, so that the authentication data can be efficiently managed, the storage capacity of the portable information device can be effectively used, and the personal authentication system can be used. It is difficult to respond to the diversification of fields.
  • An object of the present invention has been made in view of the above problems, It is an object of the present invention to provide a portable information device in which service providers and users individually increase the efficiency and security of an authentication system.
  • authentication data input means for externally inputting authentication data
  • authentication data storage means for storing authentication data
  • conditions for erasing authentication data
  • Condition data input means for inputting condition data externally or internally
  • condition data storage means for storing condition data
  • control data input means for inputting control data externally or internally
  • control data and conditions The apparatus includes a processing determining unit that determines by processing the data and an authentication data erasing unit that erases the authentication data, and erases the authentication data based on a determination result of the processing determining unit.
  • the system provider and the user can arbitrarily set the conditions for erasing the authentication data and input them in advance, so that when the conditions are satisfied
  • additional controllability is added to each authentication data and individual management is possible, preventing inadvertent leakage and improving safety Secure.
  • efficiency can be ensured by improving the convenience by eliminating the trouble of securing the storage capacity of the portable information device and managing the authentication data.
  • FIG. 1 is a configuration diagram of an example of a portable information device of the present invention and a personal authentication system including the same.
  • FIG. 2 explains the correspondence between authentication data and condition data in the present invention.
  • FIG. 3 is a configuration diagram of another example of the portable information device of the present invention and a personal authentication system including the same.
  • FIG. 4 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same.
  • FIG. 5 is an explanatory diagram showing the relationship between the control data type and the configuration required for the control data input means of the present invention.
  • FIG. 6 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same.
  • FIG. 7 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the portable information device.
  • FIG. 8 is a flowchart showing a method of erasing authentication data in the portable information device of the present invention.
  • FIG. 9 to FIG. 13 are explanatory diagrams of a fourth embodiment according to the present invention.
  • FIG. 14 is a supplementary explanatory diagram of the second embodiment according to the present invention.
  • FIG. 15 is a supplementary explanatory diagram of the third embodiment according to the present invention. BEST MODE FOR CARRYING OUT THE INVENTION
  • FIG. 1 is a configuration diagram of an example of a portable information device of the present invention and a personal authentication system including the same.
  • the user When the user carries the portable information device in which the authentication data is stored in advance to the service receiving site and the device managed by the system provider identifies the authentication data, the user is permitted to use the service.
  • sharing personal information with one portable information device may create new problems in the efficiency and security of the personal authentication system. You. In other words, when a plurality of authentication data are stored and used in one portable information device, the efficiency of the user is considered to decrease due to the storage capacity of the portable information device and the troublesome management of the authentication data. In addition, there is a problem in safety that authentication data including personal information is frequently leaked due to theft of portable information devices.
  • the conditions for deleting the authentication data are arbitrarily set by the system provider or the user and are input in advance to the portable information device, so that the conditions are stored in the portable information device when the conditions are satisfied.
  • Specific authentication data is erased from multiple authentication data to be added, controllability is added to each authentication data, and individual management becomes possible. As a result, it is possible to prevent undesired information leakage caused by storing the authentication data used after the theft in the portable information device.
  • authentication data can be greatly complicated to increase security, or multiple authentication data can be used but automatically deleted after use, thereby increasing the storage capacity of portable information devices.
  • the portable information device 1, a personal authentication device 102, a user 101, and information transmission paths 103 and 104 between the portable information device 1 and the personal authentication device 102 are provided.
  • the personal authentication device 102 has a user identification unit 105, an information processing unit 106, and an authentication data reference unit 107.
  • the user identification unit 105 communicates with the portable information device 1 via the information transmission path 104.
  • Use The user reference unit 113 communicates with the portable information device 1 via the information transmission path 103.
  • a plurality of user identification units 105, information processing units 106, and authentication data reference units 107 may be installed separately, and each may be connected by an information transmission path and used as one device.
  • the portable information device 1 is lightweight and power saving so that it can be carried by an individual. Mainly mobile phones, PHS, portable computers, wristwatches, wristwatch-type information devices, portable information terminals, portable game machines, portable devices that function by inserting an IC card, and these devices Since the portable information device 1 stores the authentication data, the personal information is authenticated at the service receiving site, and the user 101 is permitted to receive the service.
  • Reference numeral 2 denotes authentication data storage means for storing authentication data.
  • a storage medium such as an easy-to-distribute IC card may be inserted into the portable information device 1 like a cassette card to form a storage medium.
  • the storage device stores data using electricity, magnetism, light, etc.
  • Reference numeral 3 denotes authentication data input means, which is input from outside the portable information device 1.
  • the information is input from the user identification unit 105 to the portable information device 1 via the information transmission path 10.
  • the identification method of the portable information device 1 is based on the portable information based on the unique identification number referred to when the user 101 was identified.
  • the method for specifying the device 1 and the method for inputting to the portable information device 1 communicating with the user specifying unit 109 and the information transmission path 104 when specifying the user 101, and the user specifying unit 109 for specifying the user 101 For example, there is a method of inputting to a specific portable information device 1 that has been connected to and has not been confirmed to be disconnected.
  • the condition data storage means 4 stores condition data in the portable information device 1 for use in erasing specific authentication data.
  • the authentication data is stored in the same manner as the authentication data, and the storage device may be the same, but can be freely read out by processing the condition data.
  • the condition data is data that can be processed, and includes at least a condition for deleting the corresponding specific authentication data. When the condition is satisfied, the specific authentication data in the portable information device 1 is deleted.
  • an authentication data processing procedure for erasing specific authentication data and a condition data processing procedure for processing and judging whether or not the conditions are satisfied are described.
  • the included program may be included in the condition data.
  • condition data may be added with specific control data that is arbitrarily input to delete the authentication data and a control data processing procedure for processing.
  • the condition data may be deleted at the same time as the authentication data.
  • the erasing procedure may be included in the condition data processing procedure.
  • the control information processing means 8 of the portable information device 1 or the personal authentication device 102 is checked, and the control data processing procedure is automatically performed to process specific control data.
  • the user 101 sets the conditions appropriate for the control data, and adds them.
  • authentication data that cannot be erased freely may be erased by using the authentication data processing procedure.
  • 5 is a condition data input means, a portable information device. 1 Input from outside. The condition data may be input inside the portable information device 1.
  • the authentication data is input from the external user identification unit 105 via the information transmission path 104 at the same time as or before or after the authentication data.
  • Reference numeral 6 denotes an authentication data erasing unit, which erases the authentication data stored in the authentication data storage unit 2 after the processing determining unit 7 determines that the authentication data is to be erased.
  • an authentication method such as a magnetic card that erases authentication data by holding the portable information device 1 over the electromagnetic field generated by the personal authentication device 102, or authentication by irradiating the portable information device 1 with ultraviolet rays
  • An erasing method for erasing data may be used.
  • the erasure is to erase the information or to overwrite it with other information so that the authentication data cannot be read from the portable information device 1 using any means.
  • the erasure is performed by the erasure. Therefore, personal authentication becomes impossible, that is, not only the user 101 but also a criminal who steals the portable information device 1 is not permitted to use the service. Further, by automatically deleting the condition data after satisfying the condition data, the storage capacity of the portable information device 1 can be efficiently secured, and the user 101 can save the trouble of deleting after using the service.
  • the processing determining means 7 determines by processing condition data and control data. Processing is a series of operations performed on data to obtain necessary information. For example, reading data, creating data, erasing data, correcting data, identifying data with other data, comparing or comparing data with other data, Collation or ratio Before the comparison, the data change amount, error amount, constant value, average value is calculated, and the result of the comparison or comparison is obtained as to whether or not they match.
  • the necessary information in the processing determination means 7 is information on whether or not to erase the authentication data. In this embodiment, in particular, the input control data and the previously stored condition data are processed, and whether or not the authentication data is to be deleted is mainly determined by the control data satisfying or not satisfying the condition. Is determined.
  • control data input means 8 the control data is data for triggering deletion of the authentication data, and a repair procedure may be included in the condition data as a control data processing procedure or the like.
  • specific authentication data is deleted by inputting data satisfying the condition of the condition data as control data into the portable information device 1 and processing the condition data. It may be input only when necessary, may be input continuously, or may be input intermittently, and may be selected according to the type of authentication data and the configuration of the portable information device 1. For example, control data received by electromagnetic waves may be input only when received, and control data based on biological information is based on the amount of change in control data that is data obtained by periodically sampling biological information of the user 101. Intermittent input is needed to know if it is met. In FIG. 1, the input is made inside the portable information device 1. There are several types of control data as shown in FIG.
  • the authentication data is input to the specific portable information device 1 of the identified user 101, and later, at the service site, by referring to and identifying the authentication data stored in the portable information device 1, It is a device for personal authentication.
  • user identification means 108 for identifying user 101 authentication data issuing means 110 for issuing authentication data that can be identified later, authentication data input means 3, and authentication stored in portable information device 1.
  • Authentication data identifying means 111 for identifying whether the service is used, and service use permitting means 113 for permitting use of the service.
  • the user specifying unit 105 has at least a user specifying unit 108 and an authentication data input unit 3.
  • the user specifying unit 105 further includes a condition data input unit 5 and a condition data setting unit 109.
  • the user can prepare to automatically erase the authentication data in advance by selecting conditions while looking at the screen on the spot, improving convenience.
  • the user identification means 108 identifies that the user 101 who uses the authentication data is a valid user authorized by the system provider, and confirms, for example, that collection is possible. By starting to identify the user, the user 101 is associated with the authentication data to be used later, and the use of the personal authentication system is started.
  • the method of identifying the user 101 is to know the password, or to identify the user by using the identification number or password of the portable information device 1 owned by the user, or to identify the user.
  • the user identification unit 105 is installed on a large terminal such as a convenience store, measures biological information such as biometrics, and compares it with past measurement data.
  • a convenient method such as using a method, identification by a storage medium such as a credit card or IC card, or simply identifying a person who has purchased a product or a usage right, all of which require the necessary efficiency and reliability You can select it with.
  • the condition data setting means 109 automatically executes the authentication data processing procedure, the condition data processing procedure, the control data processing procedure, and the like in addition to the conditions that need to be set at least, or User 101 ⁇ ⁇ Set by the system provider.
  • the control data processing procedure is automatically set according to the type of the control data input means 8 of the portable information device 1.
  • the conditions are set by the user 101 selecting from a plurality of conditions preset by the system provider from the panel on the user specifying unit 105.
  • the information processing unit 106 uses at least the authentication data identification unit 111. Personal information such as usage status may be stored in a database and managed by a computer. At this time, the authentication data issued by the authentication data issuing means 110 and the authentication data identification data may be centrally managed in the database.
  • the authentication data issuing means 110 issues authentication data that can be identified later while the identification of the user 101 and the identification of the portable information device 1 are certain.
  • the identification method of the authentication data by the authentication data identification means 111 is such that a part necessary for personal authentication such as an electronic key by the authentication data issuing means 110 is input to the portable information device 1 as authentication data, Authentication data identification data, which is a part, may be issued at the same time, and the authentication data referred to by the portable information device 1 may be used by the authentication data identification means 111 when performing personal authentication.
  • the authentication data issuing means 110 issues information for identifying the user 101 and the identification number of the portable information device 1 with the authentication data included. There is a method of identifying the portable information device 1 and using it in the authentication data identification means 111, and a method of issuing authentication data more suitable for the system configuration and the like may be used.
  • the authentication data reference unit 107 has at least an authentication data reference unit 112, and may additionally have a service use permission unit 113.
  • the authentication data reference unit 112 refers to the authentication data stored in the portable information device 1 using the information transmission path 103. Referencing is a series of operations performed to obtain information that identifies the authentication data stored in the authentication data storage means 2.It establishes a data transmission / reception means for the authentication data storage means 2, detects data, and stores data. Check for presence, read data, compare or Is a series of matching operations.
  • the authentication data is data of a special pattern such as a bar code
  • the park code is projected on the display screen of the portable information device 1
  • the camera of the authentication data reference section 107 reads the pattern of the park code
  • An information transmission path that converts data after image processing may be used, and any information transmission path that can send information reliably is acceptable.
  • the information transmission path 103 and the information transmission path 104 may use the same communication method.
  • the portable information device 1 has a wireless cellular phone connection means and an Internet connection means and communicates using the same, a short-range wireless communication, a communication using electromagnetic waves such as infrared rays, and a wired connection. However, the leakage of the authentication data may be suppressed as much as possible by communicating by contacting the devices.
  • the service use permission unit 113 permits the use of the service when the referred authentication data is identified as valid authentication data issued when the user 101 is specified. For example, if you ’re using a ticket gate or an entrance,
  • the service will be indicated by displaying the identity of the person or by logging in to the computer.
  • opening and closing the door, opening and closing the door, ticketing the vehicle, starting operation of the computer, inputting a personal signature by the computer, sending a contract by the computer, displaying proof of identity, and purchasing goods It depends on the field of use, such as settlement, depositing cash, paying cash, refunding cash, and starting operation of equipment.
  • FIG. 2 is an explanatory diagram of a correspondence relationship between authentication data and condition data stored in the portable information device 1. Since the portable information device 1 stores a plurality of authentication data, the user 101 uses a plurality of personal authentication systems. Authentication data A is used for personal authentication in personal authentication system A, authentication data B is used in personal authentication system B, and authentication data C is used for personal authentication in personal authentication system C. When the authentication data A and the authentication data D (205) are aligned, it is also possible to use the personal authentication system D for personal authentication. Personal authentication system Each of the systems A to D has its own personal authentication device, and may be managed by different system providers. Although the size of the authentication data is different in the figure, it shows the size of the authentication data. Data with sufficient internal security will generally be large, but not all personal authentication systems will require the use of large authentication data, and the system provider may choose to use it as needed. The size varies depending on conditions and procedures including condition data.
  • the condition data A (201) is stored for the purpose of deleting the authentication data A.
  • the authentication data B is deleted when the condition of the condition data B (202) is satisfied, but is deleted even when the condition of the condition data C (203) is satisfied.
  • the condition of the condition data C is satisfied, the authentication data B and the authentication data C are deleted.
  • the authentication data C is downloaded just before receiving the service using the authentication data B, the authentication data C is stored as the latest authentication data in the portable information device 1, and the authentication data C is used on site.
  • the authentication data D has no corresponding condition data because the user 101 sets the condition data on the portable information device 1 after the authentication data is input. Also, condition data may not be set for insignificant authentication data as in the past.
  • the condition data D (204) is the condition data that has already been entered at the time of shipment of the portable information device 1, and the user 101 is set to erase specific authentication data stored on the portable information device 1. I do. The operability is improved by preparing the condition data in advance in accordance with the type of the control data input means 8 provided in the portable information device 1.
  • FIG. 3 is a configuration diagram of another example of the portable information device of the present invention and a personal authentication system including the same, and is a configuration diagram of a personal authentication system provided by a system provider different from the personal authentication system of FIG. is there.
  • the portable information device 1 used by the user 101 is the same.
  • a personal authentication device 301 different from the personal authentication device 102 is used, but the means to be used are the same as those of the personal authentication device 102.
  • the difference is that the user identification unit 304, the information processing unit 305, and the authentication data reference unit 306 are separated and installed at different locations. Each may have a different owner, but acts as a single device for personal authentication.
  • the user identification unit 304, the information processing unit 305, and the authentication data reference unit 306 are connected by information transmission paths 302, 303, respectively. For example, diversifying the system by placing the user identification unit 304 in a private home, placing the authentication data reference unit 306 in a retail store at the service site, and placing the information processing unit 305 in the system provider company It becomes easy to respond to.
  • a plurality of user identification units 304 and authentication data reference units 306 may be present, and at least one information processing unit 305 performs unified management.
  • the user identification unit 304 includes at least the user identification unit 311 and the authentication data input unit 309
  • the information processing unit 305 includes at least the authentication data identification unit 312
  • the authentication data reference unit 306 includes at least the authentication data reference unit 313. Have.
  • the user specifying unit 304 further has condition input means 310
  • the authentication data reference unit 306 further has control data input means 314.
  • the selection may be made according to the operation method of the road system.
  • the personal authentication device 306 must be a device that is sufficiently managed by the system provider or a device that has been certified at the desired level. For example, set up in a private home If the user identification unit 306 is not reliable for the system provider, the reliability of the authentication data is also lost.
  • FIG. 4 is a block diagram showing still another example of a portable information device of the present invention and a personal authentication system including the same, and is a detailed block diagram of the portable information device.
  • the identification information stored in the identification number storage means 407 of the portable information device 1 is used to identify the identified portable information device 1 of the user 101 from the plurality of portable information devices, and the authentication data is obtained. input.
  • the identification number is a number by which the portable information device 1 can be identified, and if the portable information device 1 has a wired telephone connection means or a wireless telephone connection means, a telephone number or the like, If you have an Internet connection means, it is an address number or equivalent. By using a reliable identification number for the system provider, it is possible to collect money efficiently.
  • condition data is input inside the portable information device 1. This is how you enter it.
  • the portable information device 1 has condition data setting means 406, specifies authentication data to be deleted from a plurality of stored authentication data, and automatically or under what conditions the deletion is performed. Set by user 101.
  • a program including an authentication data processing procedure, a condition data processing procedure, a control data processing procedure, and a condition data erasing procedure are added.
  • There is also a method in which some conditions, condition data processing procedures and control data processing procedures are set when the portable information device 1 is shipped, authentication data is stored, and then the authentication data processing procedure is set and input as condition data. .
  • the portable information device 1 notifies the user 101 of the following: There may be means. Authentication data erasure condition notification means 403 for notifying under what conditions the stored authentication data is to be erased, and personal authentication service notification means for notifying which personal authentication system the stored authentication data can be used for personal authentication. 404 and authentication data erasure notice means 405 for giving notice of erasure of authentication data.
  • FIG. 5 is an explanatory diagram showing the relationship between the control data type and the configuration required for the control data input means of the present invention.
  • the control data input means 8 inputs control data from the described configuration.
  • the input means includes a control data input means 8 in the portable information device 1 as shown in FIG. 1, and a control data input means 704 from outside the portable information device 1 as shown in FIG.
  • the types of control data include control data obtained from externally received electromagnetic waves, control data input from an input unit, control data obtained from time information, control data obtained from biological information, and signal information. There is control data available. Each is described below.
  • Control data obtained from externally received electromagnetic waves is input using electromagnetic waves using a wireless telephone network or short-range communication method.
  • the information is input from the outside of the portable information device 1 or from the communication unit provided in the portable information device 1.
  • the system provider can arbitrarily delete the authentication data in the communicable area. If the authentication data A is deleted by receiving the control data A, the system provider inputs the control data A and the condition data A corresponding to the authentication data A to be processed from the personal authentication device 102 in advance.
  • the control data input from the input unit is input by the user 101 or a system provider from input buttons and an input interface provided in the portable information device 1, and is used for arbitrary deletion.
  • the control data obtained from time information is portable information equipment. Input from the time information generator provided in unit 1 and optionally delete by date and time.
  • the control data obtained from the biological information is erased by detecting that the user 101 has died or is ill due to an input from the biological information sampling unit provided in the portable information device 1.
  • the control data obtained from the position information is deleted when the position data exceeds a certain position due to the vast position information input from the position information acquisition unit provided in the portable information device 1.
  • the control data obtained by the signal information is input from a sensor unit provided in the portable information device 1, and is deleted when another person comes into contact with the information device, attaches / detaches the information device, and detects poor physical condition.
  • a temperature sensor, a pressure sensor, a humidity sensor, a barometric pressure sensor, a photo sensor, a pressure sensor, an image sensor, a biosensor, a magnetic sensor, Distance sensors, etc. for measuring the body temperature, biological pulse, pulse, body fluid components, blood flow, etc.
  • the portable information device 1 has a means for directly measuring the situation, and the user 101 or the portable information device 1 at the authentication site can be set by arbitrarily setting conditions for deleting the authentication data based on the condition data. Improve security by preventing leakage of authentication data according to the situation.
  • the portable information device 1 has a time information generating unit as the authentication data input unit 8, and has a control data input unit 8 for inputting control data based on time information, and further has a communication unit. Then, the control data is input from the personal authentication device 102 to the portable information device 1 by the control data input means 704.
  • FIG. 6 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same, and shows a configuration diagram of an authentication data erasing method. It is a configuration that changes the condition data and finally deletes the authentication data .
  • the portable information device 1 only needs to have the condition data changing means 601.
  • the condition data is changed by inputting the control data by the input unit as the control data input means 8.
  • the condition data includes information on the service use limit number
  • the control data is input by the control data input means & for each service use, and the service use is performed by the condition data changing means 601 of the processing determination means 7.
  • the limit number is subtracted and the result becomes “0”, it is judged that the condition is satisfied, and specific authentication data is erased by the authentication data erasing means 6. And it can be used like a free card.
  • FIG. 7 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same, and shows a configuration diagram of the authentication data erasing method of the first embodiment.
  • the authentication data erasure system configuration is the same as that shown in FIG. Figure 7 shows the result.
  • the authentication data erasing method using FIG. 1 and the authentication data erasing method using FIG. 7 are used. It comprises a portable information device 1, an individual authentication device 102, an information transmission line 103, and an information transmission line 104 using a wireless telephone communication network 701.
  • Reference numeral 703 denotes a communication unit of the personal authentication device 102
  • reference numeral 702 denotes a communication unit of the information device, which may have a wireless telephone connection means and an Internet connection means.
  • the communication unit is used for communication over a wireless telephone network.
  • the portable information device 1 of the user 101 is specified from a large number of portable information devices by the identification number that was clarified when the user was specified.
  • the received electromagnetic wave is transmitted from the personal authentication device 102. If it is determined that the received control data is arbitrary control data, the condition of the condition data is satisfied and the authentication data is deleted. It is necessary to set and add in advance control data processing procedures for processing any control data to be transmitted to the condition data.
  • the information transmission path 103 is used by the authentication data reference means 112, and does not use electromagnetic waves, but uses another secure communication method with a low risk of leakage such as contact.
  • FIG. 8 is a flowchart showing the authentication data erasing method in the portable information device of the present invention. Embodiment 1 will be described below with reference to FIGS. 1 to 7 described above.
  • the configuration in Fig. 1 is a personal authentication system used at the event site.
  • the user identification unit 105, the information processing unit 106, and the authentication data reference unit 107 are installed separately and communicate via an information transmission path connecting them during operation. And managed and owned by the system provider.
  • authentication data B is presented by communication with the authentication data reference section 107, and personal authentication is performed to begin.
  • Fig. 8 includes a personal authentication preparation stage, an individual authentication stage, and an authentication data deletion stage.
  • Input of condition data 801 from condition identification 801 in Fig. 8 is in preparation for personal authentication 806, authentication data B can be referred to Service start from 807 810 is in personal authentication execution stage, service usage right expires from control data input 811 814 is the authentication data erasing stage.
  • the user 101 uses the portable information device 1 storing the authentication data B at the entrance site of the event venue to receive the service. This is the preparation stage for personal authentication.
  • the user 101 identified by the authentication data B is associated with the portable information device 1, and authentication data that can be identified at the time of personal authentication is issued.
  • condition data is entered to arbitrarily delete authentication data B.
  • the user identification 801 identifies the user 101 and, at the same time, checks whether the personal authentication system can be used.
  • the user 101 operates the portable information device 1 having the wireless telephone connection means and the Internet connection means, and the system provider inputs a unique identification number of the portable information device 1 such as a telephone number and an address number.
  • the user 101 purchases the right to use the event venue from the system provider by providing the identification number.
  • this is a simple user identification means 108 for making the user 101 operating the portable information device 1 a valid purchaser.
  • the issuance of authentication data 802 simultaneously issues authentication data B and authentication data identification data, and the authentication data identification data is stored in the personal authentication device 102.
  • the authentication data input 804 inputs the authentication data B issued to the portable information device 1 specified by the unique identification number referred to in the user specification 801.
  • the service use right occurrence 805 indicates that if the user 101 has the portable information device 1 that stores the authentication data B, personal authentication is performed.
  • the condition data setting 803 sets conditions and procedures for the condition data.
  • two types of condition data B and C are input to the portable information device 1.
  • User 101 selects the entry deadline until 19:00 on September 8 from the selection frame set by the system provider, and sets the condition data B to delete the authentication data B when the time expires at 19:00 on September 8 I do.
  • the control data B indicating 19:00 on September 8 is input, and the added procedure is recognized by the authentication data erasing means 6 according to the result of the processing determining means 7.
  • Authentication data processing procedure for erasing authentication data B, condition data processing procedure for processing condition data B by processing determination means 7 and processing it as control data, and time information input from time information generator The control data processing procedure for processing the control data B by the processing determination means 7 and the procedure for erasing the condition data B after erasing the authentication data B are included in the condition data processing procedure.
  • the condition is selected by the user 101, but the procedure is as follows.
  • the personal authentication is performed by checking the configuration, processing determining means, and authentication data erasing means necessary for the authentication data input means of FIG. 5 provided in the portable information device 1.
  • Device 102 sets automatically. Further, using the system in FIG. 7, the control data C is transmitted from the personal authentication device 102 through the information transmission path of the wireless telephone communication network 701, and the condition data C is set to delete the authentication data. .
  • condition data C is that any control data C determined by the system provider is input, and the authentication data processing procedure and condition data erasing procedure are the same as condition data B, but the condition data processing procedure and control data processing The procedure is different because the type of control data and the configuration required for the control data input means differ as shown in Fig. 5.
  • Condition data B and condition data C are input to the portable information device 1 by the condition data input means 5 and stored in the condition data storage means 4.
  • the user 101 may confirm the stored authentication data B by the personal authentication possible service notifying means 404, and may set arbitrary condition data D by the condition data setting means 406 of FIG. Although authentication data B is not supported in Fig. 4, authentication data processing procedure for erasing authentication data B is added to correspond.
  • the personal authentication execution stage is a stage in which the user 101 is personally authenticated using the authentication data at the event entry site to receive the service.
  • the authentication data is referred to by the authentication data reference means 112 807, and the authentication data identification means 111 is referred to.
  • the authentication data issuance 802 is processed by the authentication data identification data and the authentication data B issued by the authentication data issuance 802, and the authentication data is identified 808 to perform the personal authentication 809 of the user.
  • the user 101 is opened by the service permission means 113 and is allowed to enter, and the service is started 810.
  • control data input 811 control data is input by control data input means 8 or control data input means 704.
  • the condition data and the authentication data are processed by the processing determining means 7 to determine 812 whether or not the condition of the condition data is satisfied.
  • the authentication data is erased 813.
  • the authentication data erasing method will be described separately for condition data B and condition data C.
  • the configuration shown in Fig. 1 is used to erase authentication data B using condition data B.
  • the control data B is input to the portable information device 1 from the time information generating unit, and the control data B is processed according to the authentication data processing procedure in the processing determination means 7, and the condition data B is processed according to the condition data processing procedure. Is being processed.
  • the authentication data B is erased by the authentication data erasing means 6 according to the authentication data processing procedure.
  • the configuration shown in Fig. 7 is used to delete authentication data B using condition data C.
  • the control data C is input from the personal authentication device 102 to the portable information device 1 using the information transmission path 104 at any time of the system provider.
  • the control data C is processed by the processing determination means 7 according to the authentication data processing procedure, and the condition data B is processed according to the condition data processing procedure. A judgment is made that the control data B contains arbitrary data and satisfies the condition of the condition data C.
  • the authentication data erasing means 6 erases the authentication data B.
  • the authentication data B When the authentication data B is deleted, personal authentication becomes impossible and the service usage right expires. Further, the authentication data B may be automatically erased according to the number of uses by using the configuration of FIG.
  • the authentication data B is automatically erased from the portable information device 1 by expiration of the expiration date set by the system provider or the user 101, or by receiving arbitrary control data through the wireless telephone network, thereby causing theft. Unnecessary leakage of authentication data can be prevented beforehand, management can be reduced, and the storage capacity of the information device can be used effectively.
  • the present embodiment is composed of a personal authentication system of a home security system used for unlocking a front door of a home, and an individual authentication system of an in-house security system used for opening a front door of a company.
  • the second embodiment will be described below with reference to FIGS.
  • the two authentication data are used independently in each personal authentication system.
  • the authentication data A used in the company security system is automatically deleted at the company exit after use in the company to secure the storage capacity, and the user is not bothered by the management of the authentication data.
  • the authentication data B used in the home security system is erased by detecting the explosion of the portable information device 1 or by inputting an incorrect password, thereby preventing leakage of the authentication data due to theft and unauthorized use.
  • the personal authentication system of the company security system uses the system configuration shown in Figure 3.
  • the personal authentication device 301 is separately installed in a user identification unit 304, an information processing unit 305, and an authentication data reference unit 306, and uses the authentication data A.
  • the personal authentication system of the home security system uses the authentication data B using the system configuration shown in Fig. 1. You.
  • the difference from the first embodiment is that the personal authentication device 102 and the personal authentication device 301 are different devices, and two independent personal authentication systems use one portable information device 1 owned by the user 101. This is the point of personal authentication.
  • the system configuration of the personal authentication system of the company security system will be described with reference to FIG. It comprises a portable information device 1 carried by the user and a personal authentication device 301 installed in the company.
  • the personal authentication device 301 includes a user identification unit 304 installed in front of the gate, a plurality of authentication data reference units 306 installed at each door inside the company, and an information processing unit 303 for identifying issued authentication data. Be composed.
  • the user identification unit 304 and the information processing unit 305, and the authentication data reference unit 306 and the information processing unit 305 are connected by wired information transmission paths 302 and 303, respectively.
  • the portable information device 1 and the user identification unit 304, and the portable information device 1 and the user reference unit 306 both have information transmission paths 307 and 308 that employ the same communication method by contact.
  • the user specifying unit 304 includes at least a user specifying unit 304 and an authentication data input unit 309, and further includes a condition data input unit 310.
  • the information processing unit 305 has at least authentication data identification means 312, and simultaneously issues authentication data A, and centrally manages and stores the authentication data identification data together with personal information of the user using a database or the like. May be.
  • Authentication data reference section 306 has at least authentication data reference means 313, and the door is opened when authentication data A is identified by authentication data identification means 312. Further, of the plurality of authentication data reference units 306, only the authentication data reference unit 306 installed at the door of the company exit has the control data input means 314.
  • the user 101 brings the portable information device 1 into contact with the user identification section 304 installed in front of the company, and is further identified by the user identification means 311 by using a fingerprint or other biometrics. . If it matches the biometric information of the employee measured in the past stored in the information processing unit 305, the authentication data A that can be identified later is sent to the portable information device 1 in contact with the user identification unit 304 by the authentication data input unit 309. input .
  • the portable information device 1 stores the authentication data A in the authentication data storage means 4.
  • control data A is input through communication with the user reference section 306, an authentication data processing procedure for deleting the authentication data A using the processing determination means 7 and the authentication data erasing means 6 And a control data processing procedure for processing the control data A and a condition data processing procedure for processing the condition data A and the control data A are automatically set as the condition data A, and the condition data input means 310 is used. Input to portable information device 1.
  • the portable information device 1 stores the condition data A in the condition data storage means 4.
  • the user 101 is personally authenticated by contacting the portable information device 1 with the authentication data reference unit 306 in the company, and passes by opening the door.
  • the control data A is input by the control data input unit 314.
  • the control data A is processed by the condition data A and the processing judging means 7, and when the condition for inputting the control data A of the condition data A is satisfied, the authentication data erasing means 6 causes the portable information device 1 to receive the control data A. Delete the stored authentication data A.
  • the exit door opens, and the user 101 goes to his home with the portable information device 1 from which the authentication data A has been deleted.
  • the authentication data A for the company is changed and updated every day, so that security can be improved.
  • the configuration of the personal authentication system of the home security system will be described with reference to Fig. 1. It comprises a portable information device 1 carried by a user, a personal authentication device 102 installed at home, and information transmission lines 103 and 104 employing the same communication method by contact.
  • the personal authentication device 102 is installed at the door of the house. Place.
  • the user identification unit 103 in the personal authentication device 102 has user identification means 108, authentication data input means 3, condition data setting means 109, and condition data input means 5.
  • the information processing unit 106 includes an authentication data issuing unit 110 and an authentication data identification unit 111.
  • the user identification unit 105 and the information processing unit 106 are located inside the house and cannot be operated from outside the house.
  • the condition data setting means 109, the condition data input means 5, and the authentication data issuing means 110 may be located in either the user specifying unit 105 or the information processing unit 106.
  • the authentication data reference unit 107 has authentication data reference means 112 and service use permission means 113.
  • the authentication data reference ⁇ 107 is arranged outside the door, and opens the door by referring to and identifying the authentication data in the portable information device 1 outside the house. How to use will be described.
  • the user 101 contacts the portable information device 1 with the user identification section 105.
  • the personal authentication device 102 matches the stored identification number
  • the personal authentication device 102 inputs the authentication data; B to the portable information device 1.
  • the control data input means 8 of the portable information device 1 is checked, and the condition data B, which is a condition for detecting crushing and impact, is automatically set by the condition data setting means 109, and the condition data input means 5 input.
  • the condition data B includes a control data processing procedure for processing a signal of the shock sensor 1 of the portable information device 1 as control data, a condition data processing procedure, and a program including an authentication data processing procedure. Further, the user 101 sets condition data C on condition that data other than the password is input to the portable information device 1 by the condition data setting means 406, and inputs the condition data C by the condition data input means 402. .
  • the condition data C includes a control data processing procedure for processing an input from the input unit of the portable information device 1 as control data, a condition data processing procedure, and a program including an authentication data processing procedure.
  • Condition data B and condition data C are stored in condition data storage means 4. As shown in FIG. 2, the authentication data B is deleted when the condition data B or the condition data C is satisfied. In the company, the authentication data A and the condition data A are also stored, and a plurality of authentication data and condition data exist in the portable information device 1.
  • the portable information device 1 After returning home, the portable information device 1 is brought into contact with the authentication data reference section 107 outside the door, and a password for instructing the start of communication is input to the portable information device 1, and the personal authentication device 102 refers to the authentication data B and performs authentication.
  • the data B is identified by the authentication data identification means 111
  • the door is opened by the service use permission means 113.
  • the processing determining means 7 processes the condition data B.
  • the authentication data B is erased by the authentication data erasing means 4 based on the determination that the condition of the condition data B of sensing the destructive impact is satisfied.
  • the processing judging means 7 processes the condition data C and judges that the condition for inputting data other than the password is satisfied.
  • Authentication data B is erased by data erasing means 4.
  • control data is input from the personal authentication device 301 by the control data input means 314. It also has an identification number storage means 407 used for security at home, and an input button and a pressure sensor or a displacement sensor for sensing an impact as the control data input means 8.
  • Authentication data can be erased by receiving it, at a certain time, by not being able to measure the biometric information of the user 101, or by going out of a certain area.
  • the portable information device 1 has condition data setting means 406 and condition data input means 402 therein, and specifies and erases any authentication data from the stored authentication data.
  • the portable information device 1 may include an authentication data erasure condition notification unit 403, a personal authentication enabled service notification unit 40, an authentication data erasure notification unit 405, and the like.
  • FIG. 14 is a supplementary explanatory diagram of Embodiment 2 described above.
  • the personal authentication system includes a portable information device 1 in which a user 10 1 is mobile and a personal authentication device 102.
  • the personal authentication device 102 includes a user identification unit 105 built in computers of a plurality of private homes performing e-commerce, an authentication data reference unit 107 installed in a plurality of retail stores, a bank as a system provider, It consists of one or more information processing units 106 located in a card company, etc., separated as in the case of the personal authentication device 301 in Fig. 3, but connected via a wired information transmission path. It works as
  • the line information transmission path 104 has a wired information transmission path 103 for transmitting and receiving data by connecting to the portable information device 1 and the authentication data reference unit 107.
  • the user specifying unit 105 belonging to the personal authentication device 102 has a user specifying unit 108, an authentication data input unit 3, a condition data setting unit 109, and a condition data input unit 5, and after specifying the user 101, The issued authentication data and the set condition data are input to the portable information device 1.
  • the authentication data reference section 107 has authentication data reference means 112 and service use permission means 113. When the authentication data reference section 107 contacts the portable information device 1, the authentication data reference section 107 refers to the authentication data A via the information transmission path 103.
  • the information processing unit 106 includes an authentication data issuing unit 110 and an authentication data identification unit 111, and uses a database or the like to centrally manage personal information, authentication data identification data, the use status of the personal authentication system, and the like.
  • the authentication data identification means 111 can be managed efficiently.
  • the system provider also manages the issuance of the authentication data at hand, and always uses the authentication data by the latest encryption technology.
  • the portable information device 1 includes an authentication data storage unit 2, a condition storage unit 4 and a storage unit, an authentication data erasing unit 6, a processing determination unit 7, and a control data input unit 8. Further, in order to input control data as the control data input means 8, it has a biological information sampling unit for measuring biological information and a position information acquiring unit for measuring position information, as shown in FIG.
  • the processing determining means 7 has condition data changing means 601. It has a configuration according to the control data type shown in Fig. 5, and can be arbitrarily received by receiving an arbitrary electromagnetic wave, entering an arbitrary date and time, inputting a password other than an arbitrary password, or detecting an impact caused by an arbitrary burst. In addition, the authentication data may be deleted. Further, as shown in FIG.
  • It may include data setting means 406, condition data input means 402, authentication data erasure condition notification means 403, personal authentication enabled service notification means 404, authentication data deletion advance notification means 405, and the like.
  • the user 101 inserts an IC card into an electronic commerce computer at home and starts communication between the portable information device 1 and the user identification unit 105 via the information transmission path 104.
  • the user 101 is specified by the user specifying means 108.
  • the authentication data B issued by the authentication data issuing means 110 is input to the portable information device 1 communicating with the user specifying unit 105 by using the information transmission path 104.
  • the authentication data B. is stored in the authentication data storage means 2 of the portable information device 1.
  • the IC card memorizes one and only biological information, so you should not carry it when you go out.
  • condition data setting means 109 allows the condition data B to delete the authentication data B when a certain change occurs in the control data B including the biological information measured value, and the retail store to be purchased selected by the e-commerce computer.
  • condition data B and the condition data C are input to the portable information device 1 using the information transmission path 104 by the condition data input means 5 and stored in the condition data storage means 4.
  • the condition data setting means 406 in the portable information device 1 sets the usage limit amount as a condition.
  • Set as conditions for data D The condition data D is stored in the condition data storage means 5.
  • Several types of condition data D are set in the portable information device 1 having the condition data changing means 601 at the time of shipment. In this way, the maximum transaction amount for one authentication data using the portable information device 1 is restricted to enhance security.
  • condition data D does not correspond to the authentication data B as shown in FIG. 2, the condition data D for deleting the authentication data B by adding an authentication data processing procedure for deleting the authentication data B by the condition data setting means 406 is added. And In this way, a plurality of condition data are stored corresponding to one authentication data.
  • the portable information device 1 comes into contact with the user reference section 105 at the cash register at the retail store, communication with the authentication data storage means 2 is started by the authentication data reference means 112, and the authentication data B is sent by the authentication data identification means 111. Process and identify authentication data identification data.
  • the authentication data B is identified, an indication that the user 101 is the user is displayed on the panel of the user reference section 105 as the service use permitting means 113, and the clerk passes the product to the user 101.
  • the account is settled from the bank account of user 101.
  • the settlement may be made when the authentication data is input to the portable information device 1.
  • the control data B including the biological information of the user 101 input by the control data input means 8 is processed by the processing determination means 7 together with the condition data B. If the portable information device 1 is stolen while away from home and is away from the user 101, the control data B changes.For example, if the control data B falls below a certain voltage value, the condition data B
  • the authentication data B is erased inside the portable information device 1 by the authentication data erasing means 6 operated according to the authentication data processing procedure added to the condition data B when the condition is satisfied.
  • the control data B is processed by the processing determining means 7 in accordance with the control data processing procedure, and the condition data B is processed in accordance with the condition data processing procedure.
  • the location information of the retail store other than the setting is input as control data C and the condition data is entered.
  • Authentication data B is erased by satisfying data C.
  • the used amount is input to the portable information device 1 as the control data D, and is subtracted from the usage limit amount, which is the condition of the condition data D, by the condition data changing means 601 in FIG. When the value is close to 0, the condition data D is satisfied, and the authentication data B is erased by the authentication data erasing means 4.
  • FIG. 15 is a supplementary explanatory diagram of Embodiment 3 described above.
  • FIG. 9 are explanatory diagrams of the fourth embodiment.
  • the user purchases authentication data to be used when entering the event venue in a ticket-like manner by using the Internet from a digital mobile phone as the portable information device 1.
  • the use of the personal authentication system of the embodiment includes three stages: a personal authentication preparation stage, a personal authentication execution stage, and an authentication data erasing stage.
  • the user is a person who uses the service of entering the event of the event company, and the system provider is the event company that provides the service and the communication company that provides the communication of the portable information device 1 and the system. If two or more such organizations are system providers, determine in advance how to collect fees from users, and when coordination between devices is working, set up the settings to function as a single system. I just need.
  • the user is required to collect the service charge from the user at the same time as the communication fee based on the user purchase information exchanged between the communication company and the event company when the service is purchased.
  • the customer selects and purchases the service provided by the event company on the e-commerce page of the communication company.
  • the portable information device 1 receives the encrypted authentication data B, stores the user purchase information in the customer database 105c of the communication company, and is billed at a later date together with the communication fee.
  • Fig. 13 (A) using encrypted authentication data B will be described as an example of a method of using an electronic key in the personal authentication execution stage.
  • the encrypted authentication data B cannot be decrypted in plaintext by anyone other than the system provider, and no information is leaked.
  • the system provider decrypts the authentication data B sent from the user into plaintext with a secret key that is not disclosed, and performs personal authentication using the plaintext authentication data B.
  • a public key is used so that the identification number is not leaked.
  • the public key may be included in the authentication data B or a part of the condition data B.
  • Even when the authentication data B is encrypted as in (C), a part of the authentication data B and the condition data B may include a public key. In any case, prevent the leakage of information when performing individual case authentication.
  • FIG. 10 shows a specific configuration of the portable information device 1 according to the fourth embodiment.
  • Figures 11 (A) to (H) show the pages displayed on the portable device, (A) shows the event company page, (B) shows the user confirmation page, and (C) shows the expiration date.
  • the selection page, (D) is the date selection page, (E) is the purchase confirmation page, (F) is the user purchase information confirmation notification page, and (G) and (H) are the authentication data B erasure condition confirmation page.
  • FIG. 12 shows an example of a communication packet structure in digital mobile phones and short-range wireless communication.
  • the first to fourth embodiments of the present invention provide various effects as described below. That is, according to the present invention, the authentication data stored in the portable information device is arbitrarily erased. Therefore, unnecessary leakage of authentication data and a shortage of storage capacity of the portable information device can be prevented, and users and system providers can individually improve safety and efficiency.
  • the specific authentication data stored in the portable information device is arbitrarily erased. Therefore, controllability of authentication data stored in a plurality of portable information devices is improved, and the personal authentication system is diversified.
  • the specific authentication data stored in the portable information device is automatically deleted. Therefore, the user does not have to manage a plurality of authentication data in the management of the portable information device, and the efficiency of the personal authentication system is improved.
  • the effects of the first, second, and fourth embodiments are that the management of authentication data is facilitated, and that the system provider mainly arbitrarily increases the convenience and security of the portable information device and the personal authentication system. Can be improved.
  • the condition data must include data to be compared with control data obtained from the communication unit.
  • the system provider deletes the data arbitrarily. For example, if the data specified in the condition data is obtained as control data, the authentication data is deleted. After that, new authentication data may be transmitted and updated without bothering the user. It may also be used as an emergency measure in case of theft or loss.
  • a means for erasing authentication data may be secured over a wide area using a mobile phone communication network, or a device that simply transmits control data may be placed near the exit and used for vehicles, buildings, theme parks, etc. You may.
  • the condition data is the data to be compared with the control data input with the input button. Must be included. For example, if the authentication data is made available only after the password specified in the condition data is input, the authentication data will be deleted if a different password is entered multiple times. This is particularly effective for unauthorized use when the portable information device can be easily used without permission by a person close to the user.
  • the condition data must include data to be compared with the time information included in the acquired control data.
  • the condition data When using a clock provided in a portable information device to erase authentication data, it is not expected to improve security for system providers because many have a time adjustment function. The convenience is improved by deleting the authentication data without bothering the user. It is possible for users to voluntarily use it to improve safety. At this time, the system provider expects that the authentication data will be automatically deleted for authentication data that does not cause a serious problem even if it leaks. In order to improve safety, it is necessary to automatically and properly correct the time by using an electromagnetic clock or communication for a certain period of time, and to erase the authentication data based on the appropriate time. is there.
  • the authentication data is erased according to the state of the user and the state of the user and the portable information device, so that mainly the user can improve the safety.
  • the condition data must include data to be compared with control data obtained from the biological information sampling unit. For example, by specifying a pulse value in the condition data, the user dies and the pulse stops, or the distance between the user and the portable information device is so large that the pulse cannot be measured, and the value obtained by the biological information sampling unit is reduced. If the value is less than the specified value, the authentication data will be deleted. Other than pulse, body temperature and blood flow may be used.
  • the condition data needs to include data to be compared with the control data acquired from the position information acquisition unit. For example, the location data within a building, site, Tokyo, Japan, etc. can be arbitrarily specified in the condition data, and the authentication data is deleted if the location information obtained from the location information acquisition unit deviates from the specified location.
  • the condition data needs to include data to be compared with control data obtained from the signal output unit. For example, specify a numerical value in the condition data, and delete the authentication data whose control data obtained from the impact sensor is larger than the specified value. Detecting the impact of destroying the portable information device, detecting the removal of the exterior force par, detecting unauthorized reading and copying of the data stored in the authentication data storage means, etc. Authentication data may be deleted. Further, it may be possible to detect the push / pull of a button necessary for the work of detaching the portable information device from the user, or to detect a change in the distance or a distance from the user.
  • the condition data must include data to be compared with the control data obtained from the signal output unit. For example, if the control data obtained from the signal output unit falls below the specified value, the authentication data is deleted.
  • the convenience in storing a plurality of pieces of authentication data in a portable information device can be improved.
  • any authentication data or specific authentication data stored in the portable information device can be erased, so that unnecessary authentication data is leaked and the storage capacity of the portable information device is reduced.
  • Prevent shortage, etc. and improve the security and efficiency of users and system providers individually, improve the controllability of multiple authentication data stored in portable information devices, and respond to the diversification of personal authentication systems
  • the user does not need to manage multiple authentication data, and the efficiency of the personal authentication system can be improved. Is great.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

For the storage of sets of authentication data are stored in one portable information apparatus while application fields of a personal authentication system diversify, this invention purposes to solve the problem that convenience decreases by the complexity of a management means, that the storage capacity of an information apparatus runs short, and that the expansion of the risk of authentication information leakage is worried about. This invention comprises a means for storing the condition to erase authentication data as conditional data, a means for arbitrarily erasing authentication data by utilizing the conditional data.

Description

明 細 書 携帯型情報装置、 個人認証システム及び認証データ消去方法 技術分野  Description Portable information device, personal authentication system and authentication data erasing method
本発明は、 研究所等への入門、 改札、 コ ンピュータへのログイン 、 ク レジッ ト処理、 キャ ッシング処理、 商品売買、 レンタル機器利 用などのサービスに利用される個人認証システムで使用する携帯型 情報装置に関するものであり、 特に、 個人認証システムのシステム 提供者や使用者にとつて特に個人認証システムの安全性や、 効率性 を高めることを実現する個人認証用の携帯型情報装置、 個人認証シ ステム及び認証データ消去方法に関するものである。 背景技術  The present invention relates to a portable personal authentication system used for services such as introduction to a research institute, ticket gates, log-in to a computer, credit processing, cashing processing, merchandise sales, use of rental equipment, and the like. This is related to information devices, especially portable information devices for personal authentication, and personal authentication systems that improve the security and efficiency of personal authentication systems, especially for system providers and users of personal authentication systems. It relates to a system and an authentication data erasing method. Background art
個人認証システムは、 サービスを利用する際に、 許可された正当 な使用者であることを確認するセキュリティシステムである。 研究 所等への入門、 改札、 コンピュータへのログイン、 クレジッ ト処理 The personal authentication system is a security system that confirms that the user is an authorized user when using the service. Introduction to laboratories, ticket gates, login to computers, credit processing
、 キヤッシング、 商品売買、 レンタル機器利用、 情報のダウンロー ドなどのサービスを管理する情報処理システムにおいて、 使用者を 認証することを 「個人認証」 という。 そして使用者の認証とは、 情 報処理システムのセキュリティ対策と して、 情報処理ハンドプックAuthenticating users in an information processing system that manages services such as cashing, buying and selling goods, using rental equipment, and downloading information is called "personal authentication." User authentication is an information processing handbook as a security measure for information processing systems.
( 1989年 第 1版 情報処理学会編) に記載の外部セキュリティ と 、 内部セキュリティ と、 使用者の認証の內、 許可された正当な使用 者であることを確認する使用者の認証をいう。 最も普及している利 用方法は、 入門、 商品購入、 コ ンピュータへのログインなどの際に 、 本人しか持っていないものをシステム管理装置が参照することで 、 使用者を使用者本人であると認定し、 サービスを受けることが可 能となるものである。 (1st edition, 1989, IPSJ), refers to external security, internal security, and user authentication, as well as user authentication to confirm that the user is an authorized and authorized user. The most widely used method is that the system management device refers to something that only the user has at the time of getting started, purchasing a product, logging in to the computer, etc., so that the user is the user himself. Certified and service available It is a function.
現在、 パスワー ドや、 クレジッ トカードを利用する方法が一般的 である。 しかし、 これらの個人認証方法は、 本来の使用者であるこ とを特定する手段が少なく、 他人に使われやすく安全性に問題があ る。 しかし、 その利便性から、 個人認証システムを利用するサービ スは社会に広がっており、 イ ンターネッ トを利用した電子商取引で はさらに個人認証システムの安全性が問われている。  At present, it is common to use a password or a credit card. However, these personal authentication methods have few means to identify the original user, and are easily used by others, and have security problems. However, because of its convenience, services using the personal authentication system have spread to society, and the security of the personal authentication system is further questioned in electronic commerce using the Internet.
近年、 比較的大きな記憶容量を有す I Cカー ドを利用してパスヮー ドなどを複雑なデータに置き換えて利用する個人認証方法が普及し 始めている。 例えばカー ド内に記憶する個人の生体情報を含むデー タと、 認証する現場で実際に取得した生体情報とを処理し、 一致す るか否か判定して個人認証する安全性の高く、 汎用性ある個人認証 システムが提案されている。  In recent years, personal authentication methods using an IC card having a relatively large storage capacity and replacing passwords and the like with complex data have begun to spread. For example, data including personal biometric information stored in a card and biometric information actually acquired at the site of authentication are processed, and whether or not they match is highly secure. Various personal authentication systems have been proposed.
個人認証に必要とするデータを認証データと呼ぶと、 I Cカー ドを 利用した認証方法は、 大量の個人情報を含む認証データが 1枚の記 憶媒体に記憶されていることで、 正当な使用者であると判定する。 個人しか持ち得ない生体的特徴を利用するという前提の下、 比較的 簡便かつ安全性や、 信頼性の高い方法である。 また、 イ ンターネッ トに接続する携帯電話など携帯型情報装置の普及によ り、 認証デー タをこれらに記憶させ外出先にて個人認証する利用方法も考えられ ている。 使用者が日常携帯する携帯型情報装置を複数の個人認証シ ステムで利用することで使用者の利便性は向上し複数のカードを所 持し、 複数のパスワー ドを記憶する不便さから解放される。 システ ムを提供する側も複数の携帯型情報装置をデータ通信によ り素早く 個人認証することによ り複数の使用者が利用するシステムについて 効率化をはかることが可能となる。  If the data required for personal authentication is called authentication data, the authentication method using an IC card can be used legitimately because the authentication data containing a large amount of personal information is stored on a single storage medium. Is determined to be a person. It is a relatively simple, safe, and reliable method based on the premise that biometric features that only individuals can possess are used. Also, with the spread of portable information devices such as mobile phones connected to the Internet, a method of storing authentication data in these devices and performing personal authentication on the go is being considered. By using a portable information device that the user carries everyday with multiple personal authentication systems, the convenience for the user is improved, and the user is free from the inconvenience of holding multiple cards and storing multiple passwords. You. The system provider can also improve the efficiency of systems used by multiple users by quickly performing personal authentication of multiple portable information devices by data communication.
しかし、 携帯型情報装置を利用した個人認証システムの普及と同 時に、 携帯型情報装置の紛失によ り詳細かつ大量の個人情報や、 変 更不可能な個人の身体的特徴の情報が流出する危険性があり、 安全 性に課題を生じる可能性も高い。 また、 データで個人認証する時、 古い認証データを新しい認証データに頻繁に更新して安全性を確保 する必要も生じるとともに効率的な認証データの管理も必要となる However, with the spread of personal authentication systems using portable information devices, At times, the loss of a portable information device may result in the leakage of detailed and large amounts of personal information and information on unchangeable physical characteristics of individuals, which is likely to pose a safety issue. Also, when performing personal authentication with data, it is necessary to frequently update old authentication data with new authentication data to ensure security, and it is also necessary to manage authentication data efficiently.
I Cカードゃ携帯型情報装置などにおいて、 認証データを消去し、 使用不可能にして安全性を確保する方法が提案されている。 認証デ ータとは、 個人認証システムで使用を許可された使用者と使用を許 可されていない者、 もしく は他の使用者とを識別して個人認証する ために利用するデータで、 発行の後に識別する手段を有する。 例え ば、 暗号化などの複製防止や不正利用防止の内部セキュリティ制御 され、 パスワード情報や、 署名などの行動による情報や、 パイオメ ト リ クスなど生物学的情報や、 記憶媒体から読み取った情報や、 商 品売買証明情報を含み、 これらを所持することで使用者本人を識別 する。 For IC cards and portable information devices, there has been proposed a method of erasing authentication data and making it unusable to ensure security. Authentication data is data that is used to identify a user who is authorized to use the personal authentication system and a person who is not authorized to use it, or to identify another user and perform personal authentication. Has a means of identification after issuance. For example, internal security controls to prevent duplication and unauthorized use such as encryption, password information, information such as signatures, biological information such as biometrics, information read from storage media, It contains merchandise sales proof information, and possesses these to identify the user himself / herself.
また、 発行後に識別する手段とは、 例えば暗号技術を使用した電 子鍵や、 電子鍵の一部などを利用すればよい。 利用方法としては、 使用者が認証データを予め記憶した携帯型情報装置をサービスを受 ける現場へ携帯し、 システム提供者の管理する装置が認証データを 識別すると、 使用者はサービスの利用が許可される。 システム提供 者とは個人認証システムを利用してサービスを使用者へ提供する者 や組織である。 データであることから 1つの携帯型情報装置に複数 記憶したり、 都合良く消去したり、 新しいものに更新可能である。 さ らに、 認証データを参照するだけで個人認証するシステムは利用 者が多い現場での迅速な認証が可能となる。  The means for identifying after issuance may be, for example, an electronic key using encryption technology or a part of the electronic key. As a usage method, when a user carries a portable information device in which authentication data is stored in advance to a service receiving site and a device managed by a system provider identifies the authentication data, the user is permitted to use the service. Is done. A system provider is a person or organization that provides services to users using a personal authentication system. Because it is data, it can be stored in a single portable information device, erased conveniently, or updated to a new one. In addition, a system that performs personal authentication simply by referring to authentication data enables quick authentication at sites with many users.
I C力一ドの不正使用防止装置(特願平 8—274136 )は、 IC力一ドに 無線信号を受信する受信部と、 所有者を識別するためのデータを記 憶する記憶部を有し、 受信部に所定の無線信号が所定時間受信でき ないときに、 記憶部に記憶した認証データを消去又は使用不可能に する。 これによ り、 I Cカー ドを紛失しあるいは盗難に遭ったときに 速やかに使用できなくする。 IC force illegal use prevention device (Japanese Patent Application No. 8-274136) It has a receiving unit that receives a wireless signal, and a storage unit that stores data for identifying the owner. When the receiving unit cannot receive a predetermined wireless signal for a predetermined time, the authentication data stored in the storage unit To make them unusable or unusable. This makes it impossible to use the IC card immediately if it is lost or stolen.
また、 個人認証システムの情報装置及び入力装置 (特開平 11— 28 2981) は、 携帯型情報装置に人体装着状態を検出する手段を有し、 使用者からの携帯型情報装置の離脱を検知すると、 携帯型情報装置 に格納した認証データを使用不可能にする。 これらは、 安全性につ いては考えられているが、 I Cカー ドゃ携帯型情報装置に備わる構成 によ り単純に認証データが消去され、 使用者やシステム提供者が特 定の認証データを任意に消去するなど利便性の向上は困難である。 さらに、 複数記憶した認証データを個々に対して安全性を向上する ことについて記載されておらず、 認証データの効率的管理や、 携帯 型情報装置の記憶容量の有効利用や、 個人認証システムの利用分野 の多様化には対応困難である。  In addition, the information device and the input device of the personal authentication system (Japanese Patent Laid-Open No. 11-28 2981) have means for detecting the state of wearing of the human body in the portable information device. Disable the authentication data stored in the portable information device. Although these are considered to be safe, the authentication data is simply erased by the configuration provided on the IC card and the portable information device, and the user or the system provider can use the specific authentication data. It is difficult to improve convenience such as arbitrarily deleting. Furthermore, the document does not describe improving the security of multiple stored authentication data individually, so that the authentication data can be efficiently managed, the storage capacity of the portable information device can be effectively used, and the personal authentication system can be used. It is difficult to respond to the diversification of fields.
従来の問題点と して、 上述のように、 個人認証システムの利用分 野が多様化する状況においては、 効率性と安全性に新たな問題が生 じることが考えられる。 特に、 複数の認証データを、 個人が所有す る 1つの携帯型情報装置に記憶し、 複数のサービス現場で利用する のに認証に利用するデータの管理手段の複雑化による利便性の低下 や、 利用後に不必要な認証データが残ることで携帯型情報装置の記 憶容量の不足や認証用情報流出の危険性拡大とから、 システムの効 率性と、 安全性に課題を生じる。 発明の開示  As a conventional problem, as described above, when the field of use of the personal authentication system is diversified, new problems may arise in efficiency and security. In particular, storage of multiple authentication data in a single portable information device owned by an individual and reduced convenience due to the complexity of the data management method used for authentication for use at multiple service sites, Unnecessary authentication data remains after use, resulting in a shortage of storage capacity of the portable information device and an increase in the risk of leakage of authentication information, which raises issues with system efficiency and security. Disclosure of the invention
本発明の目的は、 前記問題点に鑑みてなされたもので、 特に個人 認証システムの効率性と、 安全性をサービス提供者や使用者が個々 に高める携帯型情報装置を提供することにある。 An object of the present invention has been made in view of the above problems, It is an object of the present invention to provide a portable information device in which service providers and users individually increase the efficiency and security of an authentication system.
また、 本発明の他の目的は、 新規な機能を有し、 安全性と、 効率 性を高める携帯型情報装置、 個人認証システム及び認証データ消去 方法を提供することにある。  It is another object of the present invention to provide a portable information device, a personal authentication system, and an authentication data erasing method having a novel function and improving security and efficiency.
本発明によれば、 個人認証に利用する携帯型情報装置において、 認証データを外部から入力する認証データ入力手段と、 認証データ を記憶する認証データ記憶手段と、 認証データを消去するための条 件を設定する条件データを外部もしくは内部から入力する条件デー タ入力手段と、 条件データを記憶する条件データ記憶手段と、 制御 データを外部もしくは内部から入力する制御データ入力手段と、 制 御データと条件データとを処理して判定する処理判定手段と、 認証 データを消去する認証データ消去手段とを備え、 処理判定手段の判 定結果に基づいて認証データを消去する。  According to the present invention, in a portable information device used for personal authentication, authentication data input means for externally inputting authentication data, authentication data storage means for storing authentication data, and conditions for erasing authentication data. Condition data input means for inputting condition data externally or internally, condition data storage means for storing condition data, control data input means for inputting control data externally or internally, control data and conditions The apparatus includes a processing determining unit that determines by processing the data and an authentication data erasing unit that erases the authentication data, and erases the authentication data based on a determination result of the processing determining unit.
このよ うな構成を携帯型情報装置が備えることによ り、 システム 提供者や、 使用者が認証データを消去する条件を任意に設定し、 前 もって入力しておく ことで、 条件を満足した時点で記憶する複数の 認証データから特定の認証データを消去することで、 個々の認証デ ータに制御性を付加し、 個別管理が可能となることで、 不用意な流 出を防ぎ安全性を確保する。 さらに、 携帯型情報装置の記憶容量確 保や、 認証データの管理に煩わされなくなり、 利便性を向上するこ とで、 効率性を確保することが可能となる。 図面の簡単な説明  By providing such a configuration in the portable information device, the system provider and the user can arbitrarily set the conditions for erasing the authentication data and input them in advance, so that when the conditions are satisfied By deleting specific authentication data from multiple authentication data stored in the, additional controllability is added to each authentication data and individual management is possible, preventing inadvertent leakage and improving safety Secure. Furthermore, efficiency can be ensured by improving the convenience by eliminating the trouble of securing the storage capacity of the portable information device and managing the authentication data. BRIEF DESCRIPTION OF THE FIGURES
図 1 は本発明の携帯型情報装置とこれを含んだ個人認証システム の一例構成図である。  FIG. 1 is a configuration diagram of an example of a portable information device of the present invention and a personal authentication system including the same.
図 2は本発明における認証データと条件データの対応関係の説明 図である。 Fig. 2 explains the correspondence between authentication data and condition data in the present invention. FIG.
図 3は本発明の携帯型情報装置とこれを含んだ個人認証システム の他の例構成図である。  FIG. 3 is a configuration diagram of another example of the portable information device of the present invention and a personal authentication system including the same.
図 4は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図である。  FIG. 4 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same.
図 5は本発明の制御データ種類と制御データ入力手段に必要な構 成の関係を示した説明図である。  FIG. 5 is an explanatory diagram showing the relationship between the control data type and the configuration required for the control data input means of the present invention.
図 6は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図である。  FIG. 6 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same.
図 7は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図である。  FIG. 7 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the portable information device.
図 8は本発明の携帯型情報装置における認証データ消去方法を示 すフローチヤ一トである。  FIG. 8 is a flowchart showing a method of erasing authentication data in the portable information device of the present invention.
図 9〜図 1 3は本発明による第 4の実施形態の説明図である。 図 1 4は本発明による第 2の実施形態の補足説明図である。  FIG. 9 to FIG. 13 are explanatory diagrams of a fourth embodiment according to the present invention. FIG. 14 is a supplementary explanatory diagram of the second embodiment according to the present invention.
図 1 5は本発明による第 3の実施形態の補足説明図である。 発明を実施するための最良の形態  FIG. 15 is a supplementary explanatory diagram of the third embodiment according to the present invention. BEST MODE FOR CARRYING OUT THE INVENTION
以下、 本発の種々の実施形態を図面に沿って説明する。  Hereinafter, various embodiments of the present invention will be described with reference to the drawings.
(実施形態 1 )  (Embodiment 1)
図 1 は本発明の携帯型情報装置とこれを含んだ個人認証システム の一例構成図である。 使用者が認証データを予め記憶した携帯型情 報装置をサービスを受ける現場へ携帯し、 システム提供者の管理す る装置が認証データを識別すると、 使用者はサービスの利用を許可 される。 このよ うな個人認証システムの利用分野が多様化する場合 において、 1つの携帯型情報装置を共用して利用するのに個人認証 システムの効率性と、 安全性に新たな問題が生じることが考えられ る。 つま り、 1つの携帯型情報装置に複数の認証データを記憶して 利用する場合において、 使用者は携帯型情報装置の記憶容量確保や 、 認証データの管理に煩わされるなど効率性の低下が考えられるほ か、 携帯型情報装置の盗難などによ り個人情報を含んだ認証データ の流出頻度が多くなるという安全性に課題がある。 FIG. 1 is a configuration diagram of an example of a portable information device of the present invention and a personal authentication system including the same. When the user carries the portable information device in which the authentication data is stored in advance to the service receiving site and the device managed by the system provider identifies the authentication data, the user is permitted to use the service. When the fields of use of such personal authentication systems are diversified, sharing personal information with one portable information device may create new problems in the efficiency and security of the personal authentication system. You. In other words, when a plurality of authentication data are stored and used in one portable information device, the efficiency of the user is considered to decrease due to the storage capacity of the portable information device and the troublesome management of the authentication data. In addition, there is a problem in safety that authentication data including personal information is frequently leaked due to theft of portable information devices.
本発明では、 システム提供者や、 使用者が認証データを消去する 条件を任意に設定し、 前もって携帯型情報装置へ入力しておく こと で、 条件を満足した時点で携帯型情報装置内に記憶する複数の認証 データから特定の認証データを消去し、 個々の認証データに制御性 を付加し、 個別管理が可能となる。 これによ り、 盗難時に使用後の 認証データを携帯型情報装置内に記憶していたためになされる不用 意な情報流出を防止する。 さ らに、 目的に応じて認証データを大き く複雑にして安全性を高めたり、 複数の認証データを利用するが利 用後に自動的に消去するこ とで、 携帯型情報装置の記憶容量を効率 よく確保し、 さらに複数の認証データを利用するのに管理の煩わし さを使用者が受けることがなくなり、 さ らに常に新しい認証データ に更新して利用するのが可能となる。 このよ う に、 1つの携帯型情 報装置を複数の個人認証システムで利用したり、 データ通信のみで 個人認証するなど個人認証システムの利用分野の多様化に対応し、 使用者及びシステム管理者にとって安全性と、 効率性に優れた携帯 型情報装置と、 個人認証システムと、 認証データ消去方法とを提供 する。  According to the present invention, the conditions for deleting the authentication data are arbitrarily set by the system provider or the user and are input in advance to the portable information device, so that the conditions are stored in the portable information device when the conditions are satisfied. Specific authentication data is erased from multiple authentication data to be added, controllability is added to each authentication data, and individual management becomes possible. As a result, it is possible to prevent undesired information leakage caused by storing the authentication data used after the theft in the portable information device. In addition, depending on the purpose, authentication data can be greatly complicated to increase security, or multiple authentication data can be used but automatically deleted after use, thereby increasing the storage capacity of portable information devices. Efficiency is ensured, and users do not have to worry about management when using multiple authentication data, and it is possible to always update and use new authentication data. In this way, users and system administrators can respond to the diversification of fields of use of personal authentication systems, such as using one portable information device with multiple personal authentication systems or performing personal authentication using only data communication. It provides a portable information device with high security and efficiency, a personal authentication system, and a method for deleting authentication data.
図 1において、 携帯型情報装置 1 と、 個人認証装置 102 と、 使用 者 101 と、 携帯型情報装置 1 と個人認証装置 102 との情報伝送路 10 3 , 104 とで構成される。 さ らに、 個人認証装置 102 は使用者特定 部 105 と、 情報処理部 106 と、 認証データ参照部 107 を有し、 使用 者特定部 105 は携帯型情報装置 1 と情報伝送路 104 で通信し、 使用 者参照部 113 は携帯型情報装置 1 と情報伝送路 103 で通信する。 個 人認証装置 102 をこのような構成にすることで、 家庭のドアの内側 に使用者特定部 105 と情報処理部 106 を設置し、 ドアの外側に認証 データ参照部 107 だけを設置して個人認証システムの安全性を確保 するなどシステムの多様化に対応する。 また使用者特定部 105 と情 報処理部 106 と認証データ参照部 107 を分離して複数台設置し、 そ れぞれを情報伝送路で接続して 1つの装置として利用してもよい。 携帯型情報装置 1は、 個人が携帯するよう軽量化、 省電力化され ている。 主に携帯電話や、 PHS や、 携帯型コンピュータや、 腕時計 や、 腕時計型情報機器や、 携帯型情報端末や、 携帯型ゲーム機や、 I Cカー ドを差し込んで機能する携帯型機器や、 これら機器を複合化 した機器であり、 携帯型情報装置 1が認証データを記憶しているこ とで、 サービスを受ける現場にて個人認証し、 使用者 101 はサービ スを受けることを許可される。 2は認証データ記憶手段で、 認証デ ータを記憶する。 記憶装置は半導体素子や、 磁気ドライブや、 光デ イスクなど各種あるが、 安全に認証データを記憶することを重視し 、 個人認証システムの気密性を考慮し、 携帯型情報装置 1 の省電力 性や、 軽量性や、 耐久性や、 コス トによ り選択すればよい。 配布が 容易な I Cカー ドなど記憶媒体をカセッ トゃカー ドのよ うに携帯型情 報装置 1 に差し込んで記憶媒体と してもよい。 記憶装置によ り電気 や、 磁気や、 光などを利用して記憶する。 3は認証データ入力手段 で、 携帯型情報装置 1外部から入力する。 In FIG. 1, the portable information device 1, a personal authentication device 102, a user 101, and information transmission paths 103 and 104 between the portable information device 1 and the personal authentication device 102 are provided. Further, the personal authentication device 102 has a user identification unit 105, an information processing unit 106, and an authentication data reference unit 107. The user identification unit 105 communicates with the portable information device 1 via the information transmission path 104. , Use The user reference unit 113 communicates with the portable information device 1 via the information transmission path 103. With this configuration of the personal identification device 102, the user identification unit 105 and the information processing unit 106 are installed inside the door of the home, and only the authentication data reference unit 107 is installed outside the door, and the personal identification device 102 is installed. Respond to diversification of the system, such as ensuring the security of the authentication system. Alternatively, a plurality of user identification units 105, information processing units 106, and authentication data reference units 107 may be installed separately, and each may be connected by an information transmission path and used as one device. The portable information device 1 is lightweight and power saving so that it can be carried by an individual. Mainly mobile phones, PHS, portable computers, wristwatches, wristwatch-type information devices, portable information terminals, portable game machines, portable devices that function by inserting an IC card, and these devices Since the portable information device 1 stores the authentication data, the personal information is authenticated at the service receiving site, and the user 101 is permitted to receive the service. Reference numeral 2 denotes authentication data storage means for storing authentication data. There are various types of storage devices such as semiconductor devices, magnetic drives, optical disks, etc., but the emphasis is on securely storing authentication data, and the air-tightness of the personal authentication system is taken into account. It should be selected according to the weight, lightness, durability and cost. A storage medium such as an easy-to-distribute IC card may be inserted into the portable information device 1 like a cassette card to form a storage medium. The storage device stores data using electricity, magnetism, light, etc. Reference numeral 3 denotes authentication data input means, which is input from outside the portable information device 1.
図 1 では、 使用者特定部 105 から携帯型情報装置 1 へ情報伝送路 10 によ り入力する。 認証データで使用者 101 と携帯型情報装置 1 を対応させるために、 特定した使用者 101 が指定する特定の携帯型 情報装置 1へ入力する必要がある。 携帯型情報装置 1 の特定方法は 、 使用者 101 の特定時に参照した固有の識別番号による携帯型情報 装置 1 の特定方法や、 使用者 101 の特定時に使用者特定部 109 と情 報伝送路 104 で通信している携帯型情報装置 1 へ入力する方法や、 使用者 101 特定において使用者特定部 109 へ接続し離脱を確認して いない特定の携帯型情報装置 1 へ入力する方法などがある。 In FIG. 1, the information is input from the user identification unit 105 to the portable information device 1 via the information transmission path 10. In order for the user 101 to correspond to the portable information device 1 with the authentication data, it is necessary to input the information to the specific portable information device 1 specified by the specified user 101. The identification method of the portable information device 1 is based on the portable information based on the unique identification number referred to when the user 101 was identified. The method for specifying the device 1 and the method for inputting to the portable information device 1 communicating with the user specifying unit 109 and the information transmission path 104 when specifying the user 101, and the user specifying unit 109 for specifying the user 101 For example, there is a method of inputting to a specific portable information device 1 that has been connected to and has not been confirmed to be disconnected.
条件データ記憶手段 4は、 特定の認証データを消去するのに利用 するため条件データを携帯型情報装置 1内に記憶する。 認証データ と同様な方法で記憶され、 記憶装置は同一であってもよいが、 条件 データを処理することから自由に読み出し可能である。 条件データ とは、 処理可能なデータであり、 少なく とも、 対応する特定の認証 データを消去する条件を含み、 条件を満足すると、 携帯型情報装置 1内の特定の認証データは消去される。 携帯型情報装置 1内で認証 データを消去するために、 条件の他に、 特定の認証データを消去す る認証データ処理手順や、 条件を満たしたかどうかを処理し判定す る条件データ処理手順を含むプログラムを条件データに含めてよい 。 その他に条件データは認証データを消去するために任意に入力す る特定の制御データと処理する制御データ処理手順を付加したり、 条件データは認証データと同時に消去されてよいため使用後に条件 データを消去する手順を条件データ処理手順に含めてもよい。  The condition data storage means 4 stores condition data in the portable information device 1 for use in erasing specific authentication data. The authentication data is stored in the same manner as the authentication data, and the storage device may be the same, but can be freely read out by processing the condition data. The condition data is data that can be processed, and includes at least a condition for deleting the corresponding specific authentication data. When the condition is satisfied, the specific authentication data in the portable information device 1 is deleted. In order to erase the authentication data in the portable information device 1, in addition to the conditions, an authentication data processing procedure for erasing specific authentication data and a condition data processing procedure for processing and judging whether or not the conditions are satisfied are described. The included program may be included in the condition data. In addition, the condition data may be added with specific control data that is arbitrarily input to delete the authentication data and a control data processing procedure for processing.The condition data may be deleted at the same time as the authentication data. The erasing procedure may be included in the condition data processing procedure.
条件データに含まれる条件や手順などのプログラムは携帯型情報 装置 1 の制御データ入力手段 8によ り入力される制御データの種類 に合わせて内容を設定する必要がある。 例えば、 認証データを入力 し記憶する前後に携帯型情報装置 1、 もしく は個人認証装置 102 が 有する制御データ入力手段 8を確認し特定の制御データを処理する よう制御データ処理手順を自動的に付加し、 さらに制御データにふ さわしい条件を使用者 101 などが設定し付加する。 その他に自由に 消去できない認証データを認証データ処理手順を利用することによ つて消去してもよい。 5は条件データ入力手段で、 携帯型情報装置 1外部から入力する。 条件データは携帯型情報装置 1内部で入力し てもよい。 It is necessary to set the contents of the program such as the conditions and procedures included in the condition data according to the type of control data input by the control data input means 8 of the portable information device 1. For example, before and after the authentication data is input and stored, the control information processing means 8 of the portable information device 1 or the personal authentication device 102 is checked, and the control data processing procedure is automatically performed to process specific control data. The user 101 sets the conditions appropriate for the control data, and adds them. In addition, authentication data that cannot be erased freely may be erased by using the authentication data processing procedure. 5 is a condition data input means, a portable information device. 1 Input from outside. The condition data may be input inside the portable information device 1.
図 1では、 外部である使用者特定部 105 から情報伝送路 104 によ り認証データと同時又は前後に入力する。 6は認証データ消去手段 で、 処理判定手段 7による認証データを消去する判定後に認証デー タ記憶手段 2で記憶する認証データを消去する。 半導体素子や磁気 ドライブのように記憶装置単体で消去できるものは携帯型情報装置 1内部に全て消去機構がある。 外部の電磁場や外部の電磁波を利用 して消去する場合には、 携帯型情報装置 1の外部のみ、 もしく は外 部と内部の構成を組み合わせて消去する。 例えば、 個人認証装置 10 2 の発生する電磁場へ携帯型情報装置 1 をかざすことで認証データ を消去する磁気カー ドのよ うな消去方法や、 紫外線を携帯型情報装 置 1 に照射することで認証データを消去する消去方法を利用しても よい。  In FIG. 1, the authentication data is input from the external user identification unit 105 via the information transmission path 104 at the same time as or before or after the authentication data. Reference numeral 6 denotes an authentication data erasing unit, which erases the authentication data stored in the authentication data storage unit 2 after the processing determining unit 7 determines that the authentication data is to be erased. There is an erasing mechanism in the portable information device 1 for all devices that can be erased by a single storage device such as a semiconductor element or a magnetic drive. When erasing is performed using an external electromagnetic field or an external electromagnetic wave, erasing is performed only on the outside of the portable information device 1, or on a combination of the outside and inside configurations. For example, an authentication method such as a magnetic card that erases authentication data by holding the portable information device 1 over the electromagnetic field generated by the personal authentication device 102, or authentication by irradiating the portable information device 1 with ultraviolet rays An erasing method for erasing data may be used.
ここで消去とは、 認証データを携帯型情報装置 1からあらゆる手 段を使用しても読み出せないよう、 情報を消したり、 他の情報で上 書きすることで、 実施形態では、 消去によ り、 個人認証不可能とな り、 つまり、 使用者 101 のみならず、 携帯型情報装置 1 を盗すんだ 犯罪者もサービス利用が許可されない。 さ らに、 条件データを満足 した後に自動で消去することによ り、 携帯型情報装置 1の記憶容量 を効率よく確保したり使用者 101 がサービス利用後消去する手間も 省ける。  Here, the erasure is to erase the information or to overwrite it with other information so that the authentication data cannot be read from the portable information device 1 using any means. In the embodiment, the erasure is performed by the erasure. Therefore, personal authentication becomes impossible, that is, not only the user 101 but also a criminal who steals the portable information device 1 is not permitted to use the service. Further, by automatically deleting the condition data after satisfying the condition data, the storage capacity of the portable information device 1 can be efficiently secured, and the user 101 can save the trouble of deleting after using the service.
処理判定手段 7は、 条件データや制御データを処理して判定する 。 処理とは必要な情報を得るためにデータに対して行う一連の作業 である。 例えば、 データを読み込んだり、 データを作成したり、 デ ータを消去したり、 データを補正したり、 データが他のデータを識 別したり、 データと他のデータを照合又は比較したり、 照合又は比 較する前にデータの変化量や、 誤差量や、 一定値や、 平均値を算出 したり、 照合又は比較した結果一致したか否かの結果を得ることで ある。 処理判定手段 7における必要な情報とは認証データを消去す るか否かの情報である。 本実施形態では特に、 入力した制御データ と先に記憶する条件データとを処理し、 主に制御データが条件を満 たすもしく は満たさないことによ り、 認証データを消去するか否か の情報を得たことを判定する。 The processing determining means 7 determines by processing condition data and control data. Processing is a series of operations performed on data to obtain necessary information. For example, reading data, creating data, erasing data, correcting data, identifying data with other data, comparing or comparing data with other data, Collation or ratio Before the comparison, the data change amount, error amount, constant value, average value is calculated, and the result of the comparison or comparison is obtained as to whether or not they match. The necessary information in the processing determination means 7 is information on whether or not to erase the authentication data. In this embodiment, in particular, the input control data and the previously stored condition data are processed, and whether or not the authentication data is to be deleted is mainly determined by the control data satisfying or not satisfying the condition. Is determined.
制御データ入力手段 8において、 制御データとは認証データを消 去するきつかけとなるデータで、 修理する手順を制御データ処理手 順などとして条件データに含めてよい。 本実施形態では特に条件デ ータの条件を満足するデータを制御データと して携帯情報装置 1内 へ入力し条件データと処理することによ り、 特定の認証データを消 去する。 必要なときだけ入力しても、 切れ間なく入力しても、 断続 的に入力してもよく、 認証データの種類や携帯型情報装置 1の構成 によ り選択すればよい。 例えば電磁波によ り受信する制御データは 受信したときのみ入力すればよく、 生体情報による制御データは使 用者 101 の生体情報を定期的にサンプリ ングしたデータである制御 データの変化量が条件を満たすか知るために断続的な入力が必要で ある。 図 1では携帯型情報装置 1内部で入力する。 制御データは図 5に示すとおり複数の種類がある。  In the control data input means 8, the control data is data for triggering deletion of the authentication data, and a repair procedure may be included in the condition data as a control data processing procedure or the like. In the present embodiment, in particular, specific authentication data is deleted by inputting data satisfying the condition of the condition data as control data into the portable information device 1 and processing the condition data. It may be input only when necessary, may be input continuously, or may be input intermittently, and may be selected according to the type of authentication data and the configuration of the portable information device 1. For example, control data received by electromagnetic waves may be input only when received, and control data based on biological information is based on the amount of change in control data that is data obtained by periodically sampling biological information of the user 101. Intermittent input is needed to know if it is met. In FIG. 1, the input is made inside the portable information device 1. There are several types of control data as shown in FIG.
個人認証装置 102において、 特定した使用者 101 の特定の携帯型 情報装置 1へ認証データを入力し、 後にサービス現場で、 携帯型情 報装置 1に記憶する認証データを参照し識別することで、 個人認証 する装置である。 このとき、 使用者 101 を特定する使用者特定手段 108 と、 後で識別可能な認証データを発行する認証データ発行手段 110 と、 認証データ入力手段 3 と、 携帯型情報装置 1 に記憶する認 証データを参照する認証データ参照手段 112 と、 正当な認証データ か識別する認証データ識別手段 111 と、 サービス利用を許可するサ 一ビス利用許可手段 113 を備える。 個人認証装置 102 がこれら手段 を有することで、 携帯型情報装置 1 を利用して使用者 101 とその他 使用者や使用を許可していない者とをサービス現場にて識別する。 使用者特定部 105は、 少なく とも使用者特定手段 108 と、 認証デ ' ータ入力手段 3 とを有し、 その他に条件データ入力手段 5や条件デ ータ設定手段 109 を有すると使用者 101 がその場で画面を見ながら 条件を選択するなど事前に認証データを自動的に消去する準備がで き利便性が向上する。 使用者特定手段 108 は、 認証データを利用す る使用者 101 が、 システム提供者に許可された正当な使用者である ことを特定し、 例えば集金が可能なことを確認する。 使用者の特定 を始めることによ り、 使用者 101 と後に使用する認証データを対応 させ個人認証システムの利用を開始する。 In the personal authentication device 102, the authentication data is input to the specific portable information device 1 of the identified user 101, and later, at the service site, by referring to and identifying the authentication data stored in the portable information device 1, It is a device for personal authentication. At this time, user identification means 108 for identifying user 101, authentication data issuing means 110 for issuing authentication data that can be identified later, authentication data input means 3, and authentication stored in portable information device 1. Authentication data reference means 112 for referring to data, and valid authentication data Authentication data identifying means 111 for identifying whether the service is used, and service use permitting means 113 for permitting use of the service. With the personal authentication device 102 having these means, the user 101 and the other users or those who are not permitted to use are identified at the service site using the portable information device 1. The user specifying unit 105 has at least a user specifying unit 108 and an authentication data input unit 3. The user specifying unit 105 further includes a condition data input unit 5 and a condition data setting unit 109. However, the user can prepare to automatically erase the authentication data in advance by selecting conditions while looking at the screen on the spot, improving convenience. The user identification means 108 identifies that the user 101 who uses the authentication data is a valid user authorized by the system provider, and confirms, for example, that collection is possible. By starting to identify the user, the user 101 is associated with the authentication data to be used later, and the use of the personal authentication system is started.
使用者 101 の特定方法と しては、 パスワー ドを知っていること、 もしくは、 所有する携帯型情報装置 1の識別番号、 もしくは、 暗証 番号を利用し使用者を特定する方法や、 その外に、 コ ンピュータや The method of identifying the user 101 is to know the password, or to identify the user by using the identification number or password of the portable information device 1 owned by the user, or to identify the user. , Computers and
、 コ ンビニエンスス トアの大型の端末などに使用者特定部 105 を設 置し、 パイオメ ト リ クスなど生物学的情報を測定し、 過去の測定デ ータと照合する方法など、 各種信頼性の高い方法を利用したり、 ク レジッ トカー ド、 I Cカー ドなど記憶媒体による特定、 単に商品や利 用権利を購入した者としての特定など、 利便性のある方法、 いずれ も必要な効率性、 信頼性で選択すればよい。 The user identification unit 105 is installed on a large terminal such as a convenience store, measures biological information such as biometrics, and compares it with past measurement data. A convenient method, such as using a method, identification by a storage medium such as a credit card or IC card, or simply identifying a person who has purchased a product or a usage right, all of which require the necessary efficiency and reliability You can select it with.
条件データ設定手段 109 は、 少なく とも設定する必要のある条件 の外に、 認証データ処理手順や、 条件データ処理手順や、 制御デー タ処理手順などを手順によ り 自動的に、 もしく は、 使用者 101 ゃシ ステム提供者が設定する。 例えば、 制御データ処理手順は携帯型情 報装置 1が有する制御データ入力手段 8 の種類によ り 自動的に設定 され、 条件は使用者特定部 105 上のパネルからシステム提供者が予 め設定した複数の条件から使用者 101 が選択することで設定される 情報処理部 106は、 少なく とも認証データ識別手段 111 を有し、 コンピュータなどで利用状況など個人情報をデータベース化し管理 していてもよい。 この時、 認証データ発行手段 110 も有して発行し た認証データや認証データ識別用データもデータベース内で一元管 理してもよい。 認証データ発行手段 110 は使用者 101 の特定と携帯 型情報装置 1の特定が確かである間に、 後で識別可能な認証データ を発行する。 認証データ識別手段 111 による認証データの識別方法 は、 認証データ発行手段 110 により電子鍵のように個人認証するの に必要な一部を認証データと して携帯型情報装置 1へ入力し、 他の 一部である認証データ識別用データを同時に発行し、 個人認証する 時に携帯型情報装置 1 で参照した認証データを認証データ識別手段 111 で利用してもよい。 その他の方法と して、 認証データ発行手段 110 において使用者 101 を特定するための情報や携帯型情報装置 1 の識別番号を認証データに含ませて発行し、. 個人認証時に再度使用 者 101 や携帯型情報装置 1 の特定を行い認証データ識別手段 111 で 利用する方法などがあり、 システムの構成などにより適した認証デ ータの発行方法を利用すればよい。 The condition data setting means 109 automatically executes the authentication data processing procedure, the condition data processing procedure, the control data processing procedure, and the like in addition to the conditions that need to be set at least, or User 101 す る Set by the system provider. For example, the control data processing procedure is automatically set according to the type of the control data input means 8 of the portable information device 1. The conditions are set by the user 101 selecting from a plurality of conditions preset by the system provider from the panel on the user specifying unit 105. The information processing unit 106 uses at least the authentication data identification unit 111. Personal information such as usage status may be stored in a database and managed by a computer. At this time, the authentication data issued by the authentication data issuing means 110 and the authentication data identification data may be centrally managed in the database. The authentication data issuing means 110 issues authentication data that can be identified later while the identification of the user 101 and the identification of the portable information device 1 are certain. The identification method of the authentication data by the authentication data identification means 111 is such that a part necessary for personal authentication such as an electronic key by the authentication data issuing means 110 is input to the portable information device 1 as authentication data, Authentication data identification data, which is a part, may be issued at the same time, and the authentication data referred to by the portable information device 1 may be used by the authentication data identification means 111 when performing personal authentication. As another method, the authentication data issuing means 110 issues information for identifying the user 101 and the identification number of the portable information device 1 with the authentication data included. There is a method of identifying the portable information device 1 and using it in the authentication data identification means 111, and a method of issuing authentication data more suitable for the system configuration and the like may be used.
認証データ参照部 107は、 少なく とも認証データ参照手段 112 を 有し、 その他にサービス利用許可手段 113 を有してもよい。 認証デ ータ参照手段 112 は携帯型情報装置 1 に記憶する認証データを情報 伝送路 103 を利用して参照する。 参照とは認証データ記憶手段 2に 記憶する認証データを識別する情報を得るために行う一連の作業で あり、 認証データ記憶手段 2へのデータ送受信手段の確立や、 デー タの検出や、 データの存在の確認や、 データの読み取りや、 比較又 は照合する一連の作業である。 認証データがバーコ一 ドなどのよ う な特殊な模様のデータであり、 携帯型情報装置 1の表示画面にパー コー ドを映し出し、 認証データ参照部 107 のカメラにてパーコー ド の模様を読み取り、 画像処理してからデータ化するよ うな情報伝送 路を利用してもよく、 情報が確実に送られる情報伝送路であればよ い。 情報伝送路 103 と情報伝送路 104 は同じ通信方法でもよい。 携帯型情報装置 1が無線携帯電話接続手段ゃィンターネッ ト接続 手段を有してこれを利用して通信したり、 近距離無線通信や赤外線 など電磁波を利用して通信したり、 有線により接続したり、 装置同 士を接触するこ とで通信するよ うにして認証データの流出を極力抑 えてもよい。 サービス利用許可手段 113 は、 参照した認証データを 使用者 101 の特定時に発行した正当な認証データと識別するとサー ビスを利用を許可する。 例えば、 改札や入門ならばドアが開いたりThe authentication data reference unit 107 has at least an authentication data reference unit 112, and may additionally have a service use permission unit 113. The authentication data reference unit 112 refers to the authentication data stored in the portable information device 1 using the information transmission path 103. Referencing is a series of operations performed to obtain information that identifies the authentication data stored in the authentication data storage means 2.It establishes a data transmission / reception means for the authentication data storage means 2, detects data, and stores data. Check for presence, read data, compare or Is a series of matching operations. The authentication data is data of a special pattern such as a bar code, the park code is projected on the display screen of the portable information device 1, and the camera of the authentication data reference section 107 reads the pattern of the park code, and An information transmission path that converts data after image processing may be used, and any information transmission path that can send information reliably is acceptable. The information transmission path 103 and the information transmission path 104 may use the same communication method. The portable information device 1 has a wireless cellular phone connection means and an Internet connection means and communicates using the same, a short-range wireless communication, a communication using electromagnetic waves such as infrared rays, and a wired connection. However, the leakage of the authentication data may be suppressed as much as possible by communicating by contacting the devices. The service use permission unit 113 permits the use of the service when the referred authentication data is identified as valid authentication data issued when the user 101 is specified. For example, if you ’re using a ticket gate or an entrance,
、 商品の受け渡しならば本人であることを表示したり、 コ ンビユー タのログインがなされたり してサービスを受ける。 このように、 ド ァの開鍵、 開閉、 乗り物の改札、 コ ンピュータの動作開始、 コ ンビ ユータによる個人署名入力、 コ ンピュータによる契約書送付、 使用 者本人であるこ との証明表示、 商品購入の精算、 現金の預け入れ、 現金の支払い、 現金の払い戻し、 機器の動作開始など利用分野によ る。 If the product is delivered, the service will be indicated by displaying the identity of the person or by logging in to the computer. In this way, opening and closing the door, opening and closing the door, ticketing the vehicle, starting operation of the computer, inputting a personal signature by the computer, sending a contract by the computer, displaying proof of identity, and purchasing goods It depends on the field of use, such as settlement, depositing cash, paying cash, refunding cash, and starting operation of equipment.
図 2は携帯型情報装置 1 に記憶する認証データと条件データの対 応関係の説明図である。 携帯型情報装置 1が複数の認証データを記 憶することで、 使用者 101 は複数の個人認証システムを利用する。 認証データ Aは個人認証システム Aで、 認証データ Bは個人認証シ ステム Bで、 認証データ Cは個人認証システム Cで個人認証に使用 する。 また、 認証データ Aと認証データ D ( 205 ) を揃えると、 個 人認証システム Dで個人認証をする利用方法もよい。 個人認証シス テム Aから Dはそれぞれ独自の個人認証装置を備えており 、 別々の システム提供者が管理してよい。 図中で認証データの大きさが異な るが、 認証データの大きさを表す。 内部セキュリティが十分になさ れたデータは一般的に大きくなるが、 全ての個人認証システムで大 きい認証データを利用する必要とする訳ではなく システム提供者が 必要に応じて選択すればよい。 条件データも含む条件や手順によつ てその大きさも異なる。 FIG. 2 is an explanatory diagram of a correspondence relationship between authentication data and condition data stored in the portable information device 1. Since the portable information device 1 stores a plurality of authentication data, the user 101 uses a plurality of personal authentication systems. Authentication data A is used for personal authentication in personal authentication system A, authentication data B is used in personal authentication system B, and authentication data C is used for personal authentication in personal authentication system C. When the authentication data A and the authentication data D (205) are aligned, it is also possible to use the personal authentication system D for personal authentication. Personal authentication system Each of the systems A to D has its own personal authentication device, and may be managed by different system providers. Although the size of the authentication data is different in the figure, it shows the size of the authentication data. Data with sufficient internal security will generally be large, but not all personal authentication systems will require the use of large authentication data, and the system provider may choose to use it as needed. The size varies depending on conditions and procedures including condition data.
条件データ A ( 201 ) は認証データ Aを消去する目的で記憶して おり、 条件データ Aの条件を満足すると認証データ Aのみを携帯型 情報装置 1 より消去する。 認証データ Bは条件データ B ( 202 ) の 条件を満足すると消去されるが、 条件データ C ( 203 ) の条件を満 足しても消去される。 条件データ Cの条件を満足すると認証データ Bとともに、 認証データ Cも消去される。 認証データ Bを用いてサ 一ビスを受ける直前に認証データ Cをダウンロー ドし、 携帯型情報 装置 1へ最新の認証データと して認証データ Cを保存して、 現場に て認証データ Cを用いてサービスを受ける場合などは、 認証データ Cの受信にて条件データ Bの条件を満たし認証データ Bを消去した り、 条件データ Cの条件を満たし認証データ Bと認証データ Cを同 時に消去してもよい。 認証データ Dは認証データ入力後、 使用者 10 1 が携帯型情報装置 1上で条件データを設定するため対応する条件 データが存在しない。 また、 重要でない認証データでは従来と同様 に条件データを設定しないでもよい。 条件データ D ( 204 ) は携帯 型情報装置 1 の出荷時にすでに入力されている条件データで、 使用 者 101 は携帯型情報装置 1上で記憶する特定の認証デ一タを消去す るよ う設定する。 携帯型情報装置 1が備える制御データ入力手段 8 の種類と合わせて条件データを事前に用意することで操作性が向上 する。 図 3は本発明の携帯型情報装置とこれを含んだ個人認証システム の他の例構成図であり、 図 1の個人認証システムとは異なるシステ ム提供者が提供する個人認証システムの構成図である。 使用者 101 が利用する携帯型情報装置 1は同じである。 この個人認証システム では個人認証装置 102 と異なる個人認証装置 301 を利用するが有す る手段は個人認証装置 102 と同様である。 異なるのは使用者特定部 304 と情報処理部 305 と認証データ参照部 306 を分離して別の場所 に設置する点である。 それぞれ所有者は異なってもよいが、 個人認 証するのに 1つの装置と して動作する。 使用者特定部 304 と情報処 理部 305 と認証データ参照部 306 はそれぞれ情報伝送路 302 , 303 で接続してある。 例えば使用者特定部 304 を個人宅に配置し、 認証 データ参照部 306 をサービス現場の小売店などに配置し、 情報処理 部 305 をシステム提供者の会社に配置するこ とで、 システムの多様 化に対応しやすくなる。 使用者特定部 304 や認証データ参照部 306 は複数存在してもよく、 少なく とも 1つの情報処理部 305 で一元管 理する。 使用者特定部 304 は少なく とも使用者特定手段 311 と認証 データ入力手段 309 を、 情報処理部 305 は少なく とも認証データ識 別手段 312 を、 認証データ参照部 306 は少なく とも認証データ参照 手段 313 を有する。 The condition data A (201) is stored for the purpose of deleting the authentication data A. When the condition of the condition data A is satisfied, only the authentication data A is deleted from the portable information device 1. The authentication data B is deleted when the condition of the condition data B (202) is satisfied, but is deleted even when the condition of the condition data C (203) is satisfied. When the condition of the condition data C is satisfied, the authentication data B and the authentication data C are deleted. The authentication data C is downloaded just before receiving the service using the authentication data B, the authentication data C is stored as the latest authentication data in the portable information device 1, and the authentication data C is used on site. When receiving authentication data C, authentication data C is received and the condition of condition data B is satisfied and authentication data B is erased, or the condition of condition data C is satisfied and authentication data B and authentication data C are erased at the same time. Is also good. The authentication data D has no corresponding condition data because the user 101 sets the condition data on the portable information device 1 after the authentication data is input. Also, condition data may not be set for insignificant authentication data as in the past. The condition data D (204) is the condition data that has already been entered at the time of shipment of the portable information device 1, and the user 101 is set to erase specific authentication data stored on the portable information device 1. I do. The operability is improved by preparing the condition data in advance in accordance with the type of the control data input means 8 provided in the portable information device 1. FIG. 3 is a configuration diagram of another example of the portable information device of the present invention and a personal authentication system including the same, and is a configuration diagram of a personal authentication system provided by a system provider different from the personal authentication system of FIG. is there. The portable information device 1 used by the user 101 is the same. In this personal authentication system, a personal authentication device 301 different from the personal authentication device 102 is used, but the means to be used are the same as those of the personal authentication device 102. The difference is that the user identification unit 304, the information processing unit 305, and the authentication data reference unit 306 are separated and installed at different locations. Each may have a different owner, but acts as a single device for personal authentication. The user identification unit 304, the information processing unit 305, and the authentication data reference unit 306 are connected by information transmission paths 302, 303, respectively. For example, diversifying the system by placing the user identification unit 304 in a private home, placing the authentication data reference unit 306 in a retail store at the service site, and placing the information processing unit 305 in the system provider company It becomes easy to respond to. A plurality of user identification units 304 and authentication data reference units 306 may be present, and at least one information processing unit 305 performs unified management. The user identification unit 304 includes at least the user identification unit 311 and the authentication data input unit 309, the information processing unit 305 includes at least the authentication data identification unit 312, and the authentication data reference unit 306 includes at least the authentication data reference unit 313. Have.
図 3では使用者特定部 304 はさらに条件入力手段 310 を有し、 認 証データ参照部 306 はさらに制御データ入力手段 314 を有する。 図 1の個人認証装置 102 が有する条件データ設定手段 109 や、 認証デ ータ発行手段 110 や、 サービス利用許可手段 113 などと同様な手段 は個人認証装置 301 のどこに内蔵してよく利用する情報伝送路ゃシ ステムの運用方法によ り選択すればよい。 ただし、 個人認証装置 30 6 は、 システム提供者が充分管理する装置、 もしく は希望したレべ ルで認定された装置である必要がある。 例えば、 個人宅に設置する 使用者特定部 306 がシステム提供者にと り信頼性のないものであれ ば、 認証データの信頼性も失われる。 In FIG. 3, the user specifying unit 304 further has condition input means 310, and the authentication data reference unit 306 further has control data input means 314. The same means as the condition data setting means 109, the authentication data issuing means 110, and the service use permission means 113 of the personal authentication apparatus 102 shown in FIG. The selection may be made according to the operation method of the road system. However, the personal authentication device 306 must be a device that is sufficiently managed by the system provider or a device that has been certified at the desired level. For example, set up in a private home If the user identification unit 306 is not reliable for the system provider, the reliability of the authentication data is also lost.
図 4は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図であり、 携帯型情報装置の詳細ブロック図で ある。 図 4では携帯型情報装置 1 の識別番号記憶手段 407 に記憶す る識別番号を利用して、 特定した使用者 101 の携帯型情報装置 1 を 複数の携帯型情報装置より特定し、 認証データを入力する。 識別番 号はこれによ り携帯型情報装置 1 を特定可能な番号であり、 携帯型 情報装置 1が有線電話接続手段や無線電話接続手段や有するなら電 話番号やこれに準ずるものであり、 イ ンターネッ ト接続手段を有す るならァドレス番号やこれに準ずるものである。 システム提供者に 信頼のある識別番号を利用することで集金も効率的に行うことが可 能となる。  FIG. 4 is a block diagram showing still another example of a portable information device of the present invention and a personal authentication system including the same, and is a detailed block diagram of the portable information device. In FIG. 4, the identification information stored in the identification number storage means 407 of the portable information device 1 is used to identify the identified portable information device 1 of the user 101 from the plurality of portable information devices, and the authentication data is obtained. input. The identification number is a number by which the portable information device 1 can be identified, and if the portable information device 1 has a wired telephone connection means or a wireless telephone connection means, a telephone number or the like, If you have an Internet connection means, it is an address number or equivalent. By using a reliable identification number for the system provider, it is possible to collect money efficiently.
条件データ入力手段 402において、 条件データ入力手段 5のよ う に携帯型情報装置 1外部である個人認証装置 102 から入力する方法 の他の入力方 ¾として、 携帯型情報装置 1内部で条件データを入力 する方法である。 同時に、 携帯型情報装置 1 は条件データ設定手段 406 を有し、 記憶している複数の認証データから消去する認証デー タを特定し、 どのような条件で消去するか自動的に、 もしく は使用 者 101 が設定する。 条件の他に認証データ処理手順や、 条件データ 処理手順を含むプログラムや、 制御データ処理手順や、 条件データ 消去手順を付加する。 特に携帯型情報装置 1が備える制御データ入 力手段 8に合わせて条件データを設定する必要がある。 携帯型情報 装置 1の出荷時に条件や条件データ処理手順や制御データ処理手順 をいくつか設定しておき認証データを記憶した後に認証データ処理 手順を設定して条件データと して入力する方法もある。  In the condition data input means 402, as another method of inputting from the personal authentication device 102 external to the portable information device 1 as in the condition data input means 5, condition data is input inside the portable information device 1. This is how you enter it. At the same time, the portable information device 1 has condition data setting means 406, specifies authentication data to be deleted from a plurality of stored authentication data, and automatically or under what conditions the deletion is performed. Set by user 101. In addition to the conditions, a program including an authentication data processing procedure, a condition data processing procedure, a control data processing procedure, and a condition data erasing procedure are added. In particular, it is necessary to set condition data according to the control data input means 8 provided in the portable information device 1. There is also a method in which some conditions, condition data processing procedures and control data processing procedures are set when the portable information device 1 is shipped, authentication data is stored, and then the authentication data processing procedure is set and input as condition data. .
その外に、 携帯型情報装置 1 は使用者 101 へ次のことを通知する 手段を有してよい。 記憶する認証データをどのような条件で消去す るか通知する認証データ消去条件通知手段 403 や、 記憶する認証デ ータがどの個人認証システムで個人認証可能か通知する個人認証可 能サービス通知手段 404 や、 認証データを消去する予告をする認証 データ消去予告手段 405 などである。 これら手段を携帯型情報装置 1が有することで携帯型情報装置を利用した個人認証システムにお ける使用者 101 の利便性は向上する。 In addition, the portable information device 1 notifies the user 101 of the following: There may be means. Authentication data erasure condition notification means 403 for notifying under what conditions the stored authentication data is to be erased, and personal authentication service notification means for notifying which personal authentication system the stored authentication data can be used for personal authentication. 404 and authentication data erasure notice means 405 for giving notice of erasure of authentication data. By providing these means in the portable information device 1, the convenience of the user 101 in the personal authentication system using the portable information device is improved.
図 5は本発明の制御データ種類と制御データ入力手段に必要な構 成の関係を示した説明図である。 制御データ入力手段 8は記載した 構成から制御データを入力する。 入力手段は図 1 のように携帯型情 報装置 1内の制御データ入力手段 8、 図 7のよ うに携帯型情報装置 1外部からの制御データ入力手段 704 がある。 制御データの種類は 、 外部から受信した電磁波よ りえる制御データや、 入力部よ り入力 する制御データや、 時間情報よ りえる制御データや、 生体情報によ りえる制御データや、 信号情報によ りえる制御データがある。 以下 にそれぞれ説明する。  FIG. 5 is an explanatory diagram showing the relationship between the control data type and the configuration required for the control data input means of the present invention. The control data input means 8 inputs control data from the described configuration. The input means includes a control data input means 8 in the portable information device 1 as shown in FIG. 1, and a control data input means 704 from outside the portable information device 1 as shown in FIG. The types of control data include control data obtained from externally received electromagnetic waves, control data input from an input unit, control data obtained from time information, control data obtained from biological information, and signal information. There is control data available. Each is described below.
外部から受信した電磁波よ りえる制御データは、 無線電話網や近 距離通信方法などを利用し電磁波を利用して入力する。 携帯型情報 装置 1外部から入力する、 もしく は携帯型情報装置 1 に備わる通信 部から入力することになる。 例えばシステム提供者が通信可能ェリ ァ内で任意に認証データを消去することが可能となる。 制御データ Aを受信することで認証データ Aを消去するならば、 システム提供 者が個人認証装置 102 から制御データ Aと処理する認証データ Aに 対応した条件データ Aを事前に入力しておく。 入力部から入力する 制御データは携帯型情報装置 1に備わる入力ボタン、 入カインター フェースから使用者 101や、 システム提供者が入力し、 任意に消去 するのに利用する。 時間情報により える制御データは携帯型情報装 置 1に備わる時間情報発生部からの入力で、 日付、 時間によ り任意 に消去する。 生体情報によりえる制御データは、 携帯型情報装置 1 に備わる生体情報サンプリ ング部からの入力で使用者 101 が死亡、 体調不良などを感知して消去する。 Control data obtained from externally received electromagnetic waves is input using electromagnetic waves using a wireless telephone network or short-range communication method. The information is input from the outside of the portable information device 1 or from the communication unit provided in the portable information device 1. For example, the system provider can arbitrarily delete the authentication data in the communicable area. If the authentication data A is deleted by receiving the control data A, the system provider inputs the control data A and the condition data A corresponding to the authentication data A to be processed from the personal authentication device 102 in advance. The control data input from the input unit is input by the user 101 or a system provider from input buttons and an input interface provided in the portable information device 1, and is used for arbitrary deletion. The control data obtained from time information is portable information equipment. Input from the time information generator provided in unit 1 and optionally delete by date and time. The control data obtained from the biological information is erased by detecting that the user 101 has died or is ill due to an input from the biological information sampling unit provided in the portable information device 1.
位置情報によ りえる制御データは携帯型情報装置 1 に備わる位置 情報取得部からの入力で広大な位置情報によりある位置を超える と 消去する。 信号情報によ りえる制御データは、 携帯型情報装置 1 に 備わるセンサー部からの入力で、 他の人間が接触、 情報装置を脱着 し体調不良を感知すると消去する。 例えば、 携帯型情報装置 1の置 かれた状況を示す温度センサーや、 圧力センサーや、 湿度センサー や、 気圧センサーや、 フォ トセンサーや、 圧力センサーやイメージ センサーや、 バイオセンサーや、 磁気センサーや、 距離センサーな ど、 使用者 101 の体温、 生体パルス、 脈拍、 体液成分、 血流などに 関連した生体パラメータ測定機構や、 体温などで発電している電流 値や電圧値を測定する、 各種センサーである。 携帯型情報装置 1 が 状況を直接測定する手段を有し、 条件データによ り任意に認証デー タを消去する条件を設定することによ り認証現場での使用者 101 や 携帯型情報装置 1の状況に即した認証データ流出防止によ り安全性 を向上する。  The control data obtained from the position information is deleted when the position data exceeds a certain position due to the vast position information input from the position information acquisition unit provided in the portable information device 1. The control data obtained by the signal information is input from a sensor unit provided in the portable information device 1, and is deleted when another person comes into contact with the information device, attaches / detaches the information device, and detects poor physical condition. For example, a temperature sensor, a pressure sensor, a humidity sensor, a barometric pressure sensor, a photo sensor, a pressure sensor, an image sensor, a biosensor, a magnetic sensor, Distance sensors, etc., for measuring the body temperature, biological pulse, pulse, body fluid components, blood flow, etc. of the user 101, and various sensors for measuring the current and voltage values generated by the body temperature, etc. is there. The portable information device 1 has a means for directly measuring the situation, and the user 101 or the portable information device 1 at the authentication site can be set by arbitrarily setting conditions for deleting the authentication data based on the condition data. Improve security by preventing leakage of authentication data according to the situation.
実施形態では携帯型情報装置 1が認証データ入力手段 8 と して時 間情報発生部を有し、 制御データを時間情報によ り入力する制御デ ータ入力手段 8 と、 さらに通信部を有し、 制御データは個人認証装 置 102 から制御データ入力手段 704 により携帯型情報装置 1 へ入力 する。  In the embodiment, the portable information device 1 has a time information generating unit as the authentication data input unit 8, and has a control data input unit 8 for inputting control data based on time information, and further has a communication unit. Then, the control data is input from the personal authentication device 102 to the portable information device 1 by the control data input means 704.
図 6は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図であり、 認証データ消去方法の構成図を示す 。 条件データを変化させ最終的に認証データを消去する構成である 。 携帯型情報装置 1 は条件データ変更手段 601 を有すればよく、 例 えば、 制御データ入力手段 8 と して入力部により制御データを入力 することによ り、 条件データを変更する。 その外に、 条件データが サービス利用限界数の情報を含み、 制御データ入力手段 &でサービ ス利用ごとに制御データを入力し、 処理判定手段 7 の条件データ変 更手段 601 によ り前記サービス利用限界数を減算して 「 0」 になる と条件を満たした判定をし、 認証データ消去手段 6によ り特定の認 証データを消去するなど、 携帯型情報装置 1 を利用して、 回数券や 、 プリぺー ドカー ドのよ うな利用を可能とする。 FIG. 6 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same, and shows a configuration diagram of an authentication data erasing method. It is a configuration that changes the condition data and finally deletes the authentication data . The portable information device 1 only needs to have the condition data changing means 601. For example, the condition data is changed by inputting the control data by the input unit as the control data input means 8. In addition, the condition data includes information on the service use limit number, the control data is input by the control data input means & for each service use, and the service use is performed by the condition data changing means 601 of the processing determination means 7. When the limit number is subtracted and the result becomes “0”, it is judged that the condition is satisfied, and specific authentication data is erased by the authentication data erasing means 6. And it can be used like a free card.
図 7は本発明の携帯型情報装置とこれを含んだ個人認証システム のさらに他の例構成図であり、 実施形態 1の認証データ消去方法の 構成図を示す。 通信部 702 よ りの制御データの入力とすると図 1 と 同様な認証データ消去システム構成になるが、 制御データ入力手段 70 が個人認証装置 102 に有するとし電磁波による制御データの入 力もとを明確にすると図 7のようになる。 実施形態では図 1 を利用 した認証データ消去方法と図 7を利用した認証データ消去方法とを 利用する。 携帯型情報装置 1 と、 個人認証装置 102 と、 情報伝送路 103 と、 無線電話通信網 701 を利用した情報伝送路 104 とからなる 。 703 は個人認証装置 102 の通信部、 702 は情報装置の通信部で無 線電話接続手段ゃィンターネッ ト接続手段を有してもよく、 実施形 態では無線電話網の通信に利用する。 個人認証装置 102 の内部に携 帯型情報装置 1 と同様な一定の条件を満たすと携帯型情報装置に制 御データを入力するシステムを構成しておき、 制御データを個人認 証装置 102 の制御データ入力手段 704 によ り入力する。  FIG. 7 is a configuration diagram of still another example of the portable information device of the present invention and a personal authentication system including the same, and shows a configuration diagram of the authentication data erasing method of the first embodiment. When the control data is input from the communication unit 702, the authentication data erasure system configuration is the same as that shown in FIG. Figure 7 shows the result. In the embodiment, the authentication data erasing method using FIG. 1 and the authentication data erasing method using FIG. 7 are used. It comprises a portable information device 1, an individual authentication device 102, an information transmission line 103, and an information transmission line 104 using a wireless telephone communication network 701. Reference numeral 703 denotes a communication unit of the personal authentication device 102, and reference numeral 702 denotes a communication unit of the information device, which may have a wireless telephone connection means and an Internet connection means. In the embodiment, the communication unit is used for communication over a wireless telephone network. When a certain condition similar to the portable information device 1 is satisfied inside the personal authentication device 102, a system for inputting control data to the portable information device is configured, and the control data is controlled by the personal authentication device 102. The data is input by the data input unit 704.
この時、 使用者の特定のとき明らかにした識別番号により多数の 携帯型情報装置から使用者 101 の携帯型情報装.置 1 を特定する。 携 帯型情報装置 1では受信した電磁波が個人認証装置 102 から送信さ れた任意の制御データであると判定すると、 条件データの条件を満 たし認証データを消去する。 条件データには送信予定の任意の制御 データを処理する制御データ処理手順を事前に設定し付加する必要 がある。 情報伝送路 103 は認証データ参照手段 112 で利用し、 電磁 波を利用せず、 接触など流出の危険性の低い安全な別の通信方法を 利用する。 At this time, the portable information device 1 of the user 101 is specified from a large number of portable information devices by the identification number that was clarified when the user was specified. In the portable information device 1, the received electromagnetic wave is transmitted from the personal authentication device 102. If it is determined that the received control data is arbitrary control data, the condition of the condition data is satisfied and the authentication data is deleted. It is necessary to set and add in advance control data processing procedures for processing any control data to be transmitted to the condition data. The information transmission path 103 is used by the authentication data reference means 112, and does not use electromagnetic waves, but uses another secure communication method with a low risk of leakage such as contact.
図 8は本発明の携帯型情報装置における認証データ消去方法を示 すフローチャー トである。 上記した図 1〜図 7を参照して以下に実 施形態 1 の説明をする。  FIG. 8 is a flowchart showing the authentication data erasing method in the portable information device of the present invention. Embodiment 1 will be described below with reference to FIGS. 1 to 7 described above.
例えば、 図 1 の構成をィベント会場で利用される個人認証システ ムとする。 ただし個人認証装置 102 は図 3の個人認証装置 301 のよ うに使用者特定部 105 と情報処理部 106 と認証データ参照部 107 は 分離して設置され動作時にそれぞれを結ぶ情報伝送路によ り通信し 、 システム提供者が管理し所有する。 使用者 101 が所有する携帯型 情報装置 1 の画面上で使用者特定部 105 との通信によりイベン トの 有効期限つきの入場権利を購入し、 携帯型情報装置 1 へ認証データ Bを記憶する。 さ らにイベン ト会場で認証データ参照部 107 との通 信によ り認証データ Bを提示して個人認証して入門する。  For example, the configuration in Fig. 1 is a personal authentication system used at the event site. However, in the personal authentication device 102, as in the personal authentication device 301 in FIG. 3, the user identification unit 105, the information processing unit 106, and the authentication data reference unit 107 are installed separately and communicate via an information transmission path connecting them during operation. And managed and owned by the system provider. On the screen of the portable information device 1 owned by the user 101, the user purchases the entry right with the expiration date of the event by communicating with the user identification unit 105, and stores the authentication data B in the portable information device 1. In addition, at the event site, authentication data B is presented by communication with the authentication data reference section 107, and personal authentication is performed to begin.
さ らに、 有効期限を過ぎるか、 もしく は特定の制御データを受信 することで、 携帯型情報装置 1に記憶する認証データ Bを自動的に 消去する。 図 8には個人認証準備段階と、 個人認証段階と、 認証デ ータ消去段階がある。 図 8の使用煮の特定 801 から条件データの入 力 806 が個人認証準備段階で、 認証データ B参照可能 807 からサー ビス開始 810 は個人認証実行段階で、 制御データ入力 811 からサー ビス利用権利失効 814 が認証データ消去段階である。  Further, the authentication data B stored in the portable information device 1 is automatically erased when the expiration date has passed or when specific control data has been received. Fig. 8 includes a personal authentication preparation stage, an individual authentication stage, and an authentication data deletion stage. Input of condition data 801 from condition identification 801 in Fig. 8 is in preparation for personal authentication 806, authentication data B can be referred to Service start from 807 810 is in personal authentication execution stage, service usage right expires from control data input 811 814 is the authentication data erasing stage.
個人認証準備段階は、 サービスを受けるィベント会場の入場現場 で、 使用者 101 が認証データ Bを記憶した携帯型情報装置 1 を利用 して、 個人認証をする準備段階である。 認証データ Bによ り特定し た使用者 101 と携帯型情報装置 1 を対応させると ともに、 個人認証 時に識別可能な認証データを発行する。 さ らに認証データ Bを任意 に消去するため条件データを入力する。 In the personal authentication preparation stage, the user 101 uses the portable information device 1 storing the authentication data B at the entrance site of the event venue to receive the service. This is the preparation stage for personal authentication. The user 101 identified by the authentication data B is associated with the portable information device 1, and authentication data that can be identified at the time of personal authentication is issued. In addition, condition data is entered to arbitrarily delete authentication data B.
使用者の特定 801 は使用者 101 を特定し、 同時に個人認証システ ムを利用してよいかを調べる。 実施形態では、 使用者 101 が無線電 話接続手段ゃィンターネッ ト接続手段を有する携帯型情報装置 1 を 操作し、 システム提供者が電話番号ゃァ ドレス番号など携帯型情報 装置 1の固有の識別番号を使用する使用者 101 から料金の徴収手段 を有することを前提に、 使用者 101 は識別番号の提示によ りィベン ト会場の利用権利をシステム提供者より購入する。 購入した時点で 、 携帯型情報装置 1 を操作している使用者 101 を正当な購入者する 簡易的な使用者特定手段 108 である。  The user identification 801 identifies the user 101 and, at the same time, checks whether the personal authentication system can be used. In the embodiment, the user 101 operates the portable information device 1 having the wireless telephone connection means and the Internet connection means, and the system provider inputs a unique identification number of the portable information device 1 such as a telephone number and an address number. Assuming that the user 101 has a means of collecting fees from the user 101, the user 101 purchases the right to use the event venue from the system provider by providing the identification number. At the time of purchase, this is a simple user identification means 108 for making the user 101 operating the portable information device 1 a valid purchaser.
認証データの発行 802 は、 認証データ Bと認証データ識別用デー タを同時に発行し、 認証データ識別用データは個人認証装置 102 内 部で記憶する。 認証データの入力 804 は使用者の特定 801 で参照し た固有の識別番号によ り特定した携帯型情報装置 1 へ発行した認証 データ Bを入力する。 サービス利用権利発生 805 は、 使用者 101 が 認証データ Bを記憶する携帯型情報装置 1 を所持すれば個人認証さ れることを示す。  The issuance of authentication data 802 simultaneously issues authentication data B and authentication data identification data, and the authentication data identification data is stored in the personal authentication device 102. The authentication data input 804 inputs the authentication data B issued to the portable information device 1 specified by the unique identification number referred to in the user specification 801. The service use right occurrence 805 indicates that if the user 101 has the portable information device 1 that stores the authentication data B, personal authentication is performed.
条件データの設定 803 は条件データの条件や手順を設定する。 実 施形態では 2種類の条件データ B, Cを携帯型情報装置 1 へ入力す る。 システム提供者が設定した選択枠から、 使用者 101 が 9月 8 日 19時までの入場期限を選択し、 9月 8 日 19時に時間がなると認証デ ータ Bを消去する条件データ Bを設定する。 条件データ Bの条件は 9月 8 日 19時を示す制御データ Bが入力されることで、 付加される 手順は処理判定手段 7の結果に従い認証データ消去手段 6によ り認 証データ Bを消去する認証データ処理手順や、 処理判定手段 7によ り条件データ Bを処理し制御データと処理判定する条件データ処理 手順や、 時間情報発生部よ り入力される時間情報を含む制御データ Bを処理判定手段 7によ り処理する制御データ処理手順や、 認証デ ータ Bを消去後条件データ Bも消去する手順は条件データ処理手順 に含める。 The condition data setting 803 sets conditions and procedures for the condition data. In the embodiment, two types of condition data B and C are input to the portable information device 1. User 101 selects the entry deadline until 19:00 on September 8 from the selection frame set by the system provider, and sets the condition data B to delete the authentication data B when the time expires at 19:00 on September 8 I do. As for the condition of the condition data B, the control data B indicating 19:00 on September 8 is input, and the added procedure is recognized by the authentication data erasing means 6 according to the result of the processing determining means 7. Authentication data processing procedure for erasing authentication data B, condition data processing procedure for processing condition data B by processing determination means 7 and processing it as control data, and time information input from time information generator The control data processing procedure for processing the control data B by the processing determination means 7 and the procedure for erasing the condition data B after erasing the authentication data B are included in the condition data processing procedure.
本実施形態では、 条件は使用者 101 が選択するが、 手順は携帯型 情報装置 1に備わる図 5の認証データ入力手段に必要な構成や処理 判定手段や認証データ消去手段を確認して個人認証装置 102 が自動 的に設定する。 さ らに、 図 7 のシステムを利用し、 個人認証装置 10 2 から無線電話通信網 701 の情報伝送路を利用して制御データ Cを 送信し認証データを消去するために条件データ Cを設定する。  In this embodiment, the condition is selected by the user 101, but the procedure is as follows. The personal authentication is performed by checking the configuration, processing determining means, and authentication data erasing means necessary for the authentication data input means of FIG. 5 provided in the portable information device 1. Device 102 sets automatically. Further, using the system in FIG. 7, the control data C is transmitted from the personal authentication device 102 through the information transmission path of the wireless telephone communication network 701, and the condition data C is set to delete the authentication data. .
条件データ Cの条件はシステム提供者が決めた任意の制御データ Cが入力されることで、 認証データ処理手順や条件データ消去手順 は条件データ Bと同じ内容だが、 条件データ処理手順や制御データ 処理手順は図 5 の様に制御データの種類と制御データ入力手段に必 要な構成が異なるため別の内容となる。 条件データ入力手段 5によ り条件データ Bと条件データ Cは携帯型情報装置 1 へ入力され、 条 件データ記憶手段 4で記憶する。 使用者 101 は記憶済みの認証デー タ Bを個人認証可能サービス通知手段 404 で確認し、 図 4の条件デ ータ設定手段 406 によ り任意の条件データ Dを設定してもよい。 図 4では認証データ Bに対応していないが、 認証データ Bを消去する 認証データ処理手順を付加して対応させる。  The condition of condition data C is that any control data C determined by the system provider is input, and the authentication data processing procedure and condition data erasing procedure are the same as condition data B, but the condition data processing procedure and control data processing The procedure is different because the type of control data and the configuration required for the control data input means differ as shown in Fig. 5. Condition data B and condition data C are input to the portable information device 1 by the condition data input means 5 and stored in the condition data storage means 4. The user 101 may confirm the stored authentication data B by the personal authentication possible service notifying means 404, and may set arbitrary condition data D by the condition data setting means 406 of FIG. Although authentication data B is not supported in Fig. 4, authentication data processing procedure for erasing authentication data B is added to correspond.
個人認証実行段階は、 サービスを受けるイベン ト入場現場で、 認 証データを利用して使用者 101 の個人認証をする段階である。 認証 データ参照部 107 に携帯型情報装置 1 を接触すると認証データ参照 手段 112 によ り認証データを参照し 807 、 認証データ識別手段 111 により認証データの発行 802 で発行した認証データ識別用データと 認証データ Bを処理し認証データの識別 808 をすることで使用者の 個人認証 809 をする。 個人認証をすると、 使用者 101はサービス利 用許可手段 113 によ り門が開き入門を許され、 サービスの開始 810 となる。 The personal authentication execution stage is a stage in which the user 101 is personally authenticated using the authentication data at the event entry site to receive the service. When the portable information device 1 is brought into contact with the authentication data reference section 107, the authentication data is referred to by the authentication data reference means 112 807, and the authentication data identification means 111 is referred to. Then, the authentication data issuance 802 is processed by the authentication data identification data and the authentication data B issued by the authentication data issuance 802, and the authentication data is identified 808 to perform the personal authentication 809 of the user. After the personal authentication, the user 101 is opened by the service permission means 113 and is allowed to enter, and the service is started 810.
認証データ消去段階は、 サービスを受けた後、 使用者 101 やシス テム提供者にとって、 不要となった認証データ Bを消去する段階で ある。 サービスを受けないで消去するケースもある。 制御データの 入力 811 は制御データ入力手段 8もしくは制御データ入力手段 704 により制御データを入力する。 条件データと認証データは処理判定 手段 7によ り処理され条件データの条件を満たすか判定 812 され、 条件を満たすと認証データの消去 813 となる。 条件データ Bと条件 データ Cによ り別に認証データ消去方法を説明する。 条件データ B を利用した認証データ Bの消去は図 1 の構成を利用する。 携帯型情 報装置 1 には時間情報発生部よ り制御データ Bを入力しており、 処 理判定手段 7において認証データ処理手順に従って制御データ Bは 処理され、 条件データ処理手順に従って条件データ Bは処理されて いる。  In the authentication data erasing step, after receiving the service, the user 101 and the system provider delete the authentication data B that is no longer needed. In some cases, they are deleted without receiving service. In control data input 811, control data is input by control data input means 8 or control data input means 704. The condition data and the authentication data are processed by the processing determining means 7 to determine 812 whether or not the condition of the condition data is satisfied. When the condition is satisfied, the authentication data is erased 813. The authentication data erasing method will be described separately for condition data B and condition data C. The configuration shown in Fig. 1 is used to erase authentication data B using condition data B. The control data B is input to the portable information device 1 from the time information generating unit, and the control data B is processed according to the authentication data processing procedure in the processing determination means 7, and the condition data B is processed according to the condition data processing procedure. Is being processed.
制御データ Bに任意の時刻を示すデータを含むことで条件データ Bの条件を満たす判定がなされると、 認証データ処理手順に従い認 証データ消去手段 6によ り認証データ Bを消去する。 条件データ C を利用した認証データ Bの消去は図 7の構成を利用する。 システム 提供者の任意な時に情報伝送路 104 を利用して個人認証装置 102 か ら携帯型情報装置 1へ制御データ Cを入力する。 処理判定手段 7に おいて認証データ処理手順に従って制御データ Cは処理され、 条件 データ処理手順に従って条件データ Bは処理される。 制御データ B に任意のデータを含み条件データ Cの条件を満たす判定がなされる と、 認証データ処理手順に従い認証データ消去手段 6により認証デ ータ Bを消去する。 認証データ Bの消去によ り、 個人認証できなく なりサービス利用権利失効 814 する。 また、 図 6の構成を利用して 利用回数によ り 自動的に認証データ Bを消去するようにしてもよい 。 システム提供者や使用者 101 が設定した有効期限を過ぎたり、 任 意の制御データを無線電話網により受信することで認証データ Bを 携帯型情報装置 1から自動的に消去することで、 盗難による不必要 な認証データの流出を未然に防止し、 管理の煩わしさを軽減し、 さ らに、 情報装置の記憶容量を有効に活用することが可能となる。 If it is determined that the condition of the condition data B is included by including data indicating an arbitrary time in the control data B, the authentication data B is erased by the authentication data erasing means 6 according to the authentication data processing procedure. The configuration shown in Fig. 7 is used to delete authentication data B using condition data C. The control data C is input from the personal authentication device 102 to the portable information device 1 using the information transmission path 104 at any time of the system provider. The control data C is processed by the processing determination means 7 according to the authentication data processing procedure, and the condition data B is processed according to the condition data processing procedure. A judgment is made that the control data B contains arbitrary data and satisfies the condition of the condition data C. In accordance with the authentication data processing procedure, the authentication data erasing means 6 erases the authentication data B. When the authentication data B is deleted, personal authentication becomes impossible and the service usage right expires. Further, the authentication data B may be automatically erased according to the number of uses by using the configuration of FIG. The authentication data B is automatically erased from the portable information device 1 by expiration of the expiration date set by the system provider or the user 101, or by receiving arbitrary control data through the wireless telephone network, thereby causing theft. Unnecessary leakage of authentication data can be prevented beforehand, management can be reduced, and the storage capacity of the information device can be used effectively.
(実施形態 2 )  (Embodiment 2)
次に実施形態 2について以下に説明する。 本実施形態は、 自宅の 玄関の開鍵に使用する自宅セキュリティシステムの個人認証システ ムと、 会社の玄関の開鍵に使用する社内セキュリティシステムの個 人認証システム とで構成される。  Next, a second embodiment will be described below. The present embodiment is composed of a personal authentication system of a home security system used for unlocking a front door of a home, and an individual authentication system of an in-house security system used for opening a front door of a company.
図 1〜図 5を使用して以下に実施形態 2を説明をする。 2つの認 証データをそれぞれの個人認証システムで独立して使用する。 会社 セキュリティシステムで利用する認証データ Aは社内で利用後に会 社出口にて自動的に消去され記憶容量の確保がなされるとともに、 使用者が認証データ管理に煩わされることもない。 自宅セキユリテ ィシステムで利用する認証データ Bは携帯型情報装置 1 の破壌感知 や、 誤ったパスワー ドの入力によ り消去され、 盗難による認証デー タの流出や不正利用を防止する。  The second embodiment will be described below with reference to FIGS. The two authentication data are used independently in each personal authentication system. The authentication data A used in the company security system is automatically deleted at the company exit after use in the company to secure the storage capacity, and the user is not bothered by the management of the authentication data. The authentication data B used in the home security system is erased by detecting the explosion of the portable information device 1 or by inputting an incorrect password, thereby preventing leakage of the authentication data due to theft and unauthorized use.
会社セキユ リティシステムの個人認証システムは、 図 3 のシステ ム構成を利用する。 個人認証装置 301 は、 使用者特定部 304 と、 情 報処理部 305 と、 認証データ参照部 306 とに分離して設置しており 、 認証データ Aを使用する。 自宅セキュリティシステムの個人認証 システムは、 図 1のシステム構成を利用し、 認証データ Bを使用す る。 実施形態 1 と異なるのは個人認証装置 102 と、 個人認証装置 30 1 がそれぞれ違う装置であり、 2つの独立した個人認証システムで 使用者 101 が所持する 1台の携帯型情報装置 1 を利用して個人認証 する点である。 The personal authentication system of the company security system uses the system configuration shown in Figure 3. The personal authentication device 301 is separately installed in a user identification unit 304, an information processing unit 305, and an authentication data reference unit 306, and uses the authentication data A. The personal authentication system of the home security system uses the authentication data B using the system configuration shown in Fig. 1. You. The difference from the first embodiment is that the personal authentication device 102 and the personal authentication device 301 are different devices, and two independent personal authentication systems use one portable information device 1 owned by the user 101. This is the point of personal authentication.
会社セキュリティシステムの個人認証システムのシステム構成を 図 3に沿って説明する。 使用者携帯の携帯型情報装置 1 と、 会社に 設置されている個人認証装置 301 とからなる。 個人認証装置 301 は 、 門前に設置された使用者特定部 304 と、 会社内部各 ドアに設置さ れた複数の認証データ参照部 306 と、 発行した認証データを識別す る情報処理部 303 とで構成される。 使用者特定部 304 と情報処理部 305 、 さらに認証データ参照部 306 と情報処理部 305 はそれぞれ有 線の情報伝送路 302 , 303 で接続してある。 携帯型情報装置 1 と使 用者特定部 304 と、 携帯型情報装置 1 と使用者参照部 306 はともに 接触による同じ通信方法を採用した情報伝送路 307 , 308 を有する 。 使用者特定部 304 は少なく とも使用者特定手段 304 と、 認証デー タ入力手段 309 を有し、 その他に条件データ入力手段 310 を有する 。 情報処理部 305 は少なく とも認証データ識別手段 312 を有し、 同 時に認証データ Aを発行し認証データ識別用データを使用者の個人 情報などと共にデータベースなどを利用して一元的に管理し記憶し てよい。 認証データ参照部 306 は、 少なく とも認証データ参照手段 313 を有し、 認証データ識別手段 312 によ り認証データ Aを識別す ると ドアが開く。 さらに、 複数の認証データ参照部の 306 の内、 会 社出口の ドアに設置する認証データ参照部 306 のみが制御データ入 力手段 314 を有する。  The system configuration of the personal authentication system of the company security system will be described with reference to FIG. It comprises a portable information device 1 carried by the user and a personal authentication device 301 installed in the company. The personal authentication device 301 includes a user identification unit 304 installed in front of the gate, a plurality of authentication data reference units 306 installed at each door inside the company, and an information processing unit 303 for identifying issued authentication data. Be composed. The user identification unit 304 and the information processing unit 305, and the authentication data reference unit 306 and the information processing unit 305 are connected by wired information transmission paths 302 and 303, respectively. The portable information device 1 and the user identification unit 304, and the portable information device 1 and the user reference unit 306 both have information transmission paths 307 and 308 that employ the same communication method by contact. The user specifying unit 304 includes at least a user specifying unit 304 and an authentication data input unit 309, and further includes a condition data input unit 310. The information processing unit 305 has at least authentication data identification means 312, and simultaneously issues authentication data A, and centrally manages and stores the authentication data identification data together with personal information of the user using a database or the like. May be. Authentication data reference section 306 has at least authentication data reference means 313, and the door is opened when authentication data A is identified by authentication data identification means 312. Further, of the plurality of authentication data reference units 306, only the authentication data reference unit 306 installed at the door of the company exit has the control data input means 314.
次に利用方法について説明する。 使用者 101 は携帯型情報装置 1 を会社の門前に設置してある使用者特定部 304 へ接触させ、 さ らに 指紋などパイオメ ト リ によ り使用者特定手段 311 によ り特定される 。 情報処理部 305 に記憶する過去に測定した社員の生体情報と一致 すると、 使用者特定部 304 に接触している携帯型情報装置 1へ後で 識別可能な認証データ Aを認証データ入力手段 309 により入力する 。 携帯型情報装置 1は認証データ Aを認証データ記憶手段 4で記憶 する。 同時に、 使用者参照部 306 との通信によ り制御データ Aを入 力することを条件と し、 処理判定手段 7 と認証データ消去手段 6を 利用して認証データ Aを消去する認証データ処理手順や、 制御デー タ Aを処理する制御データ処理手順や、 条件データ Aと制御データ Aを処理する条件データ処理手順を付加し条件データ Aとして自動 的に設定し、 条件データ入力手段 310 によ り携帯型情報装置 1へ入 力する。 Next, a usage method will be described. The user 101 brings the portable information device 1 into contact with the user identification section 304 installed in front of the company, and is further identified by the user identification means 311 by using a fingerprint or other biometrics. . If it matches the biometric information of the employee measured in the past stored in the information processing unit 305, the authentication data A that can be identified later is sent to the portable information device 1 in contact with the user identification unit 304 by the authentication data input unit 309. input . The portable information device 1 stores the authentication data A in the authentication data storage means 4. At the same time, provided that control data A is input through communication with the user reference section 306, an authentication data processing procedure for deleting the authentication data A using the processing determination means 7 and the authentication data erasing means 6 And a control data processing procedure for processing the control data A and a condition data processing procedure for processing the condition data A and the control data A are automatically set as the condition data A, and the condition data input means 310 is used. Input to portable information device 1.
携帯型情報装置 1は条件データ Aを条件データ記憶手段 4で記憶 する。 使用者 101 は会社内で携帯型情報装置 1 を認証データ参照部 306 に接触することで個人認証され、 ドアが開く ことで通過する。 退社時に、 出口の門に設置した認証データ参照部 306 に接触すると 、 制御データ入力手段 314 によ り制御データ Aが入力される。 制御 データ Aは条件データ Aと処理判定手段 7により処理され、 条件デ ータ Aの制御データ Aを入力される条件を満たすことで、 認証デー タ消去手段 6によ り携帯型情報装置 1に記憶する認証データ Aを消 去する。 この前後、 出口 ドアが開き、 使用者 101 は認証データ Aが 消去された携帯型情報装置 1 を所持して自宅へ向かう。 会社用の認 証データ Aは毎日変更し、 更新するため、 安全性を向上することが 可能になる。  The portable information device 1 stores the condition data A in the condition data storage means 4. The user 101 is personally authenticated by contacting the portable information device 1 with the authentication data reference unit 306 in the company, and passes by opening the door. At the time of leaving the company, when the user touches the authentication data reference unit 306 installed at the exit gate, the control data A is input by the control data input unit 314. The control data A is processed by the condition data A and the processing judging means 7, and when the condition for inputting the control data A of the condition data A is satisfied, the authentication data erasing means 6 causes the portable information device 1 to receive the control data A. Delete the stored authentication data A. Before or after this, the exit door opens, and the user 101 goes to his home with the portable information device 1 from which the authentication data A has been deleted. The authentication data A for the company is changed and updated every day, so that security can be improved.
自宅セキュリティシステムの個人認証システムの構成について図 1 に沿って説明する。 使用者携帯の携帯型情報装置 1 と、 自宅に設 置する個人認証装置 102 と、 接触による同じ通信方法を採用した情 報伝送路 103 , 104 とからなる。 個人認証装置 102 は家の ドアに設 置する。 個人認証装置 102 内の使用者特定部 103 は使用者特定手段 108 と、 認証データ入力手段 3 と、 条件データ設定手段 109 と、 条 件データ入力手段 5 とを有する。 情報処理部 106 は認証データ発行 手段 110 と認証データ識別手段 111 とを有する。 The configuration of the personal authentication system of the home security system will be described with reference to Fig. 1. It comprises a portable information device 1 carried by a user, a personal authentication device 102 installed at home, and information transmission lines 103 and 104 employing the same communication method by contact. The personal authentication device 102 is installed at the door of the house. Place. The user identification unit 103 in the personal authentication device 102 has user identification means 108, authentication data input means 3, condition data setting means 109, and condition data input means 5. The information processing unit 106 includes an authentication data issuing unit 110 and an authentication data identification unit 111.
使用者特定部 105 と情報処理部 106 は家の内側に配置され、 家の 外からは操作できない。 条件データ設定手段 109 や、 条件データ入 力手段 5や、 認証データ発行手段 110 は使用者特定部 105 、 もしく は情報処理部 106 のどちらにあってもよい。 認証データ参照部 107 は認証データ参照手段 112 と、 サービス利用許可手段 113 を有する 。 認証データ参照^ 107 はドアの外側に配置され、 家の外で携帯型 情報装置 1内の認証データを参照し、 識別するこ とで ドアを開く。 利用方法について説明する。 使用者 101 は外出前、 使用者特定部 105 に携帯型情報装置 1 を接触する。 個人認証装置 102 は記憶する 識別番号に一致すると、 携帯型情報装置 1 へ認証データ ; Bを入力す る。 同時に、 携帯型情報装置 1の制御データ入力手段 8を確認して 破壌と衝撃を感知することを条件とする条件データ Bを条件データ 設定手段 109 が自動的に設定し条件データ入力手段 5により入力す る。  The user identification unit 105 and the information processing unit 106 are located inside the house and cannot be operated from outside the house. The condition data setting means 109, the condition data input means 5, and the authentication data issuing means 110 may be located in either the user specifying unit 105 or the information processing unit 106. The authentication data reference unit 107 has authentication data reference means 112 and service use permission means 113. The authentication data reference ^ 107 is arranged outside the door, and opens the door by referring to and identifying the authentication data in the portable information device 1 outside the house. How to use will be described. Before going out, the user 101 contacts the portable information device 1 with the user identification section 105. When the personal authentication device 102 matches the stored identification number, the personal authentication device 102 inputs the authentication data; B to the portable information device 1. At the same time, the control data input means 8 of the portable information device 1 is checked, and the condition data B, which is a condition for detecting crushing and impact, is automatically set by the condition data setting means 109, and the condition data input means 5 input.
条件データ Bは携帯型情報装置 1 の有する衝撃センサ一の信号を 制御データと して処理する制御データ処理手順や、 条件データ処理 手順や、 認証データ処理手順を含むプログラムも同時に付加される 。 さらに、 使用者 101 は条件データ設定手段 406 によ りパスワー ド 以外のデータを携帯型情報装置 1へ入力することを条件とする条件 データ Cを設定し、 条件データ入力手段 402 によ り入力する。  The condition data B includes a control data processing procedure for processing a signal of the shock sensor 1 of the portable information device 1 as control data, a condition data processing procedure, and a program including an authentication data processing procedure. Further, the user 101 sets condition data C on condition that data other than the password is input to the portable information device 1 by the condition data setting means 406, and inputs the condition data C by the condition data input means 402. .
条件データ Cは携帯型情報装置 1 の有する入力部からの入力を制 御データと して処理する制御データ処理手順や、 条件データ処理手 順や、 認証データ処理手順を含むプログラムも同時に付加される。 条件データ B と、 条件データ Cは条件データ記憶手段 4に記憶する 。 図 2に示すとおり認証データ Bは条件データ B、 もしくは条件デ ータ Cを満たすと消去される。 会社内では認証データ Aと条件デー タ Aも記憶して複数の認証データと条件データが携帯型情報装置 1 に存在する。 The condition data C includes a control data processing procedure for processing an input from the input unit of the portable information device 1 as control data, a condition data processing procedure, and a program including an authentication data processing procedure. . Condition data B and condition data C are stored in condition data storage means 4. As shown in FIG. 2, the authentication data B is deleted when the condition data B or the condition data C is satisfied. In the company, the authentication data A and the condition data A are also stored, and a plurality of authentication data and condition data exist in the portable information device 1.
帰宅後、 携帯型情報装置 1 をドア外側の認証データ参照部 107 に 接触し、 通信開始を指示するパスヮードを携帯型情報装置 1 へ入力 すると、 個人認証装置 102 は認証データ Bを参照し、 認証データ B を認証データ識別手段 111 で識別するとサービス利用許可手段 113 により ドアが開く。 帰宅途中、 携帯型情報装置 1の盗難に遭い、 記 憶素子を取り出すなど破壌衝撃をセンサーが感知した信号が制御デ ータとして入力されると、 処理判定手段 7により条件データ Bと処 理し、 破壊衝撃を感知するという条件データ Bの条件を満たす判定 によ り、 認証データ消去手段 4によ り認証データ Bを消去する。 ま た、 他人が誤ったパスワー ドを制御データと して入力すると、 処理 判定手段 7により条件データ Cと処理し、 パスワー ド以外のデータ を入力するという条件を満たすとの判定によ り、 認証データ消去手 段 4によ り認証データ Bを消去する。  After returning home, the portable information device 1 is brought into contact with the authentication data reference section 107 outside the door, and a password for instructing the start of communication is input to the portable information device 1, and the personal authentication device 102 refers to the authentication data B and performs authentication. When the data B is identified by the authentication data identification means 111, the door is opened by the service use permission means 113. On the way home, when the portable information device 1 is stolen and a signal that the sensor detects a blasting shock such as taking out a storage element is input as control data, the processing determining means 7 processes the condition data B. Then, the authentication data B is erased by the authentication data erasing means 4 based on the determination that the condition of the condition data B of sensing the destructive impact is satisfied. Also, if another person inputs an incorrect password as control data, the processing judging means 7 processes the condition data C and judges that the condition for inputting data other than the password is satisfied. Authentication data B is erased by data erasing means 4.
次に図 4に沿って携帯型情報装置 1の詳細を説明する。 認証デー タ記憶手段 2 と、 条件データ記憶手段 4 と、 認証データ消去手段 6 と、 条件データと制御データを処理し判定する処理判定手段 7 と、 制御データ入力手段 8 とを有する。 さらに個人認証装置 301 から制 御データ入力手段 314 によ り制御データを入力する。 また自宅のセ キユリティに使用する、 識別番号記憶手段 407 と、 制御データ入力 手段 8 として入力ボタンと衝撃を感知する圧力センサーもしく は、 変位センサーを有する。  Next, details of the portable information device 1 will be described with reference to FIG. It has an authentication data storage means 2, a condition data storage means 4, an authentication data erasing means 6, a processing determination means 7 for processing and determining condition data and control data, and a control data input means 8. Further, control data is input from the personal authentication device 301 by the control data input means 314. It also has an identification number storage means 407 used for security at home, and an input button and a pressure sensor or a displacement sensor for sensing an impact as the control data input means 8.
図 5·に示す他の制御データ入力手段を有する場合、 ある電磁波を 受け取ったり、 ある時間になったり、 使用者 101 の生体情報が測定 できなくなったり、 ある地域より外へ出たりすることで認証データ を消去することが可能となる。 その他に、 図 4で示すように、 携帯 型情報装置 1は内部に条件データ設定手段 406 と条件データ入力手 段 402 を有し記憶している認証データから任意の認証データを特定 して消去するよ う条件データを、 その外に、 携帯型情報装置 1は認 証データ消去条件通知手段 403 や、 個人認証可能サービス通知手段 40 や、 認証データ消去予告手段 405 などを有してよい。 If there is another control data input means shown in Fig. 5 Authentication data can be erased by receiving it, at a certain time, by not being able to measure the biometric information of the user 101, or by going out of a certain area. In addition, as shown in FIG. 4, the portable information device 1 has condition data setting means 406 and condition data input means 402 therein, and specifies and erases any authentication data from the stored authentication data. In addition to the condition data, the portable information device 1 may include an authentication data erasure condition notification unit 403, a personal authentication enabled service notification unit 40, an authentication data erasure notification unit 405, and the like.
これらの手段を携帯型情報装置 1が有することで使用者 101 の利 便性は向上する。 このよ う に、 認証データ Aや、 認証データ Bを携 帯型情報装置 1から個別に消去することで、 利用分野の多様化に適 応し、 盗難による不必要な認証データの流出を未然に防止し、 管理 の煩わしさを軽減し、 さらに、 情報装置の記憶容量を有効に活用す ることが可能となる。 なお、 図 1 4は上述した実施形態 2の補足説 明図である。  The convenience of the user 101 is improved by providing the portable information device 1 with these means. In this way, by individually erasing authentication data A and authentication data B from portable information device 1, it is possible to adapt to diversifying fields of use and prevent unnecessary leakage of authentication data due to theft. This makes it possible to reduce the complexity of management and to effectively utilize the storage capacity of the information device. FIG. 14 is a supplementary explanatory diagram of Embodiment 2 described above.
(実施形態 3 )  (Embodiment 3)
次に実施形態 3について以下に説明する。 本例は高額の商品購入 に使用する個人認証システムである。 図 1〜図 6に基づいて説明す る。 まず図 1において、 本実施形態の個人認証システムは使用者 10 1 が携帯の携帯型情報装置 1 と、 個人認証装置 102 とからなる。 個 人認証装置 102 は、 電子商取引をする複数の個人宅のコンピュータ に内蔵された使用者特定部 105 と、 複数の小売店に設置される認証 データ参照部 107 と、 システム提供者である銀行やカード会社など に置かれた 1つ以上の情報処理部 106 からなり、 図 3の個人認証装 置 301 と同様に分離されているが有線の情報伝送路にて接続され、 動作時は一つの装置と して機能する。  Next, a third embodiment will be described below. This example is a personal authentication system used for purchasing expensive products. This will be described with reference to FIGS. First, in FIG. 1, the personal authentication system according to the present embodiment includes a portable information device 1 in which a user 10 1 is mobile and a personal authentication device 102. The personal authentication device 102 includes a user identification unit 105 built in computers of a plurality of private homes performing e-commerce, an authentication data reference unit 107 installed in a plurality of retail stores, a bank as a system provider, It consists of one or more information processing units 106 located in a card company, etc., separated as in the case of the personal authentication device 301 in Fig. 3, but connected via a wired information transmission path. It works as
携帯型情報装置 1 と使用者特定部 105 間には赤外線を利用した無 線の情報伝送路 104 、 携帯型情報装置 1 と認証データ参照部 107 に 接続することでデータの送受信する有線の情報伝送路 103 を有する 。 個人認証装置 102 に属する使用者特定部 105 は使用者特定手段 10 8 と、 認証データ入力手段 3 と、 条件データ設定手段 109 と、 条件 データ入力手段 5 とを有し、 使用者 101 の特定後に発行した認証デ ータと設定した条件データを携帯型情報装置 1へ入力する。 認証デ ータ参照部 107 は、 認証データ参照手段 112 .と、 サービス利用許可 手段 113 とを有し、 携帯型情報装置 1 と接触すると情報伝送路 103 によ り認証データ Aを参照する。 There is no infrared communication between the portable information device 1 and the user identification unit 105. The line information transmission path 104 has a wired information transmission path 103 for transmitting and receiving data by connecting to the portable information device 1 and the authentication data reference unit 107. The user specifying unit 105 belonging to the personal authentication device 102 has a user specifying unit 108, an authentication data input unit 3, a condition data setting unit 109, and a condition data input unit 5, and after specifying the user 101, The issued authentication data and the set condition data are input to the portable information device 1. The authentication data reference section 107 has authentication data reference means 112 and service use permission means 113. When the authentication data reference section 107 contacts the portable information device 1, the authentication data reference section 107 refers to the authentication data A via the information transmission path 103.
情報処理部 106 は認証データ発行手段 110 と認証データ識別手段 111 とを有し、 データベースなどを利用して個人情報や、 認証デー タ識別データや、 個人認証システムの利用状況などを一元的に管理 すると ともに、 認証データ識別手段 111 を効率的に管理可能となる 。 認証データ参照手段 112 によ り システム提供者は認証データの発 行も手元で管理し、 常に最新の暗号技術による認証データを利用す る。  The information processing unit 106 includes an authentication data issuing unit 110 and an authentication data identification unit 111, and uses a database or the like to centrally manage personal information, authentication data identification data, the use status of the personal authentication system, and the like. At the same time, the authentication data identification means 111 can be managed efficiently. With the authentication data reference means 112, the system provider also manages the issuance of the authentication data at hand, and always uses the authentication data by the latest encryption technology.
携帯型情報装置 1は認証データ記憶手段 2 と、 条件記憶手段 4 と ' 、 認証データ消去手段 6 と、 処理判定手段 7 と、 制御データ入力手 段 8 とを有する。 また、 制御データ入力手段 8 と して制御データを 入力するため、 生体情報を測定する生体情報サンプリ ング部と、 位 置情報を測定する位置情報取得部とを有し、 図 6に示すよ うに処理 判定手段 7には条件データ変更手段 601 を有する。 図 5に示す制御 データ種類による構成を有し、 任意の電磁波を受け取ったり、 任意 の日時になったり、 任意のパスワー ド以外の入力したり、 任意の破 壌による衝撃を感知することで任意に認証データを消去してもよい さ らに、 図 4で示すように、 携帯型情報装置 1は内部に条件デー タ設定手段 406 や、 条件データ入力手段 402 や、 認証データ消去条 件通知手段 403 や、 個人認証可能サービス通知手段 404 や、 認証デ ータ消去予告手段 405 などを有してよい。 これら手段を有すること で、 携帯型情報装置 1による個人認証システムの利用を利便性よく し、 効率性は向上する。 The portable information device 1 includes an authentication data storage unit 2, a condition storage unit 4 and a storage unit, an authentication data erasing unit 6, a processing determination unit 7, and a control data input unit 8. Further, in order to input control data as the control data input means 8, it has a biological information sampling unit for measuring biological information and a position information acquiring unit for measuring position information, as shown in FIG. The processing determining means 7 has condition data changing means 601. It has a configuration according to the control data type shown in Fig. 5, and can be arbitrarily received by receiving an arbitrary electromagnetic wave, entering an arbitrary date and time, inputting a password other than an arbitrary password, or detecting an impact caused by an arbitrary burst. In addition, the authentication data may be deleted. Further, as shown in FIG. It may include data setting means 406, condition data input means 402, authentication data erasure condition notification means 403, personal authentication enabled service notification means 404, authentication data deletion advance notification means 405, and the like. By having these means, the use of the personal authentication system by the portable information device 1 becomes more convenient and the efficiency is improved.
次に利用方法について説明する。 使用者 101 は自宅で電子商取引 用コンピュータに I Cカー ドを差込み、 携帯型情報装置 1 と使用者特 定部 105 間で情報伝送路 104 によ り通信を開始する。 パイオメ ト リ によ り ICカー ドに記憶する生体情報と一致すると、 使用者 101 を使 用者特定手段 108 によ り特定する。 同時に使用者特定部 105 と通信 している携帯型情報装置 1へ認証データ発行手段 110 により発行し た認証データ Bを情報伝送路 104 を利用して入力する。 認証データ B.は携帯型情報装置 1の認証データ記憶手段 2に記憶する。 I Cカー ドは唯一無二の生体情報を記憶しているので外出時には持ち歩かな い。 さらに条件データ設定手段 109 によ り、 生体情報測定値を含む 制御データ Bに一定変化を生じると認証データ Bを消去する条件デ ータ Bと、 電子商取引用コンピュータで選択した購入予定の小売店 の位置情報以外の位置情報を含む制御データ Cの入力によ り認証デ ータ Bを消去する条件データ Cとを設定する。  Next, a usage method will be described. The user 101 inserts an IC card into an electronic commerce computer at home and starts communication between the portable information device 1 and the user identification unit 105 via the information transmission path 104. When the biometric information matches the biometric information stored in the IC card by the biometry, the user 101 is specified by the user specifying means 108. At the same time, the authentication data B issued by the authentication data issuing means 110 is input to the portable information device 1 communicating with the user specifying unit 105 by using the information transmission path 104. The authentication data B. is stored in the authentication data storage means 2 of the portable information device 1. The IC card memorizes one and only biological information, so you should not carry it when you go out. In addition, the condition data setting means 109 allows the condition data B to delete the authentication data B when a certain change occurs in the control data B including the biological information measured value, and the retail store to be purchased selected by the e-commerce computer. Set the condition data C to delete the authentication data B by inputting the control data C including the position information other than the position information of the above.
条件データ入力手段 5によ り条件データ Bと条件データ Cは情報 伝送路 104 を利用して携帯型情報装置 1 へ入力し、 条件データ記憶 手段 4に記憶する。 使用者 101 は個人認証サービス通知手段 404 で 目的の認証データ Bを携帯型情報装置 1 に記憶したことを確認する と、 携帯型情報装置 1内の条件データ設定手段 406 により使用限界 の金額を条件データ Dの条件として設定する。 条件データ Dは条件 データ記憶手段 5で記憶される。 条件データ Dは条件データ変更手 段 601 を有する携帯型情報装置 1 に出荷時に何種類か設定されてい て携帯型情報装置 1 を利用した 1つの認証データでの最大取引金額 を制限し安全性を高めている。 The condition data B and the condition data C are input to the portable information device 1 using the information transmission path 104 by the condition data input means 5 and stored in the condition data storage means 4. When the user 101 confirms that the target authentication data B has been stored in the portable information device 1 by the personal authentication service notifying means 404, the condition data setting means 406 in the portable information device 1 sets the usage limit amount as a condition. Set as conditions for data D. The condition data D is stored in the condition data storage means 5. Several types of condition data D are set in the portable information device 1 having the condition data changing means 601 at the time of shipment. In this way, the maximum transaction amount for one authentication data using the portable information device 1 is restricted to enhance security.
図 2のように条件データ Dは認証データ Bに対応していないが、 条件データ設定手段 406 により認証データ Bを消去する認証データ 処理手順を付加して認証データ Bを消去するための条件データ Dと なる。 このよ うに複数の条件データが 1つの認証データに対応して 記憶されている。  Although the condition data D does not correspond to the authentication data B as shown in FIG. 2, the condition data D for deleting the authentication data B by adding an authentication data processing procedure for deleting the authentication data B by the condition data setting means 406 is added. And In this way, a plurality of condition data are stored corresponding to one authentication data.
小売店のレジにおいて、 携帯型情報装置 1 を使用者参照部 105 に 接触すると、 認証データ参照手段 112 によ り認証データ記憶手段 2 と通信を開始し、 認証データ識別手段 111 により認証データ Bを認 証データ識別用データと処理し識別する。 認証データ Bを識別する とサービス利用許可手段 113 と して使用者 101 が本人であることの 表示が使用者参照部 105 のパネル上に表示され、 店員は商品を使用 者 101 へ渡たす。  When the portable information device 1 comes into contact with the user reference section 105 at the cash register at the retail store, communication with the authentication data storage means 2 is started by the authentication data reference means 112, and the authentication data B is sent by the authentication data identification means 111. Process and identify authentication data identification data. When the authentication data B is identified, an indication that the user 101 is the user is displayed on the panel of the user reference section 105 as the service use permitting means 113, and the clerk passes the product to the user 101.
さ らに使用者 101 の銀行口座よ り決算される。 決算は認証データ を携帯型情報装置 1へ入力する時になされてもよい。 制御データ入 力手段 8によ り入力される使用者 101 の生体情報を含む制御データ Bは処理判定手段 7により条件データ Bと処理さる。 外出中に携帯 型情報装置 1 の盗難に遭い使用者 101 の手元から離れると、 制御デ ータ Bに変化を生じ、 例えば制御データ Bが一定の電圧値よ り下回 ると条件データ Bの条件を満たすことで条件データ Bに付加されて いる認証データ処理手順に従って動作される認証データ消去手段 6 によ り携帯型情報装置 1内部で認証データ Bを消去する。 制御デー タ Bは制御データ処理手順に従って、 条件データ Bは条件データ処 理手順に従って処理判定手段 7によ り処理する。  In addition, the account is settled from the bank account of user 101. The settlement may be made when the authentication data is input to the portable information device 1. The control data B including the biological information of the user 101 input by the control data input means 8 is processed by the processing determination means 7 together with the condition data B. If the portable information device 1 is stolen while away from home and is away from the user 101, the control data B changes.For example, if the control data B falls below a certain voltage value, the condition data B The authentication data B is erased inside the portable information device 1 by the authentication data erasing means 6 operated according to the authentication data processing procedure added to the condition data B when the condition is satisfied. The control data B is processed by the processing determining means 7 in accordance with the control data processing procedure, and the condition data B is processed in accordance with the condition data processing procedure.
また、 他人が購入予定外の小売店の個人認証装置と通信すると、 設定以外の小売店の位置情報が制御データ Cと して入力され条件デ ータ Cを満たすことで認証データ Bを消去する。 その他に購入ごと に、 使用した金額が制御データ Dと して携帯型情報装置 1に入力さ れ、 図 6の条件データ変更手段 601 により、 条件データ Dの条件で ある使用限界金額から引かれ、 0に近くなると、 条件データ Dを満 たすことで、 認証データ消去手段 4によ り認証データ Bを消去する 。 このように各種の条件データを事前に設定し携帯型情報装置 1 に 記憶するこ とで、 認証データ Bを携帯型情報装置 1から消去して盗 難による不必要な認証データの流出を未然に防止し、 管理の煩わし さを軽減し、 さ らに、 携帯型情報装置の記憶容量を有効に活用する ことが可能となる。 なお、 図 1 5は上述した実施形態 3の補足説明 図である。 Also, when another person communicates with the personal authentication device of a retail store that is not scheduled to be purchased, the location information of the retail store other than the setting is input as control data C and the condition data is entered. Authentication data B is erased by satisfying data C. In addition, for each purchase, the used amount is input to the portable information device 1 as the control data D, and is subtracted from the usage limit amount, which is the condition of the condition data D, by the condition data changing means 601 in FIG. When the value is close to 0, the condition data D is satisfied, and the authentication data B is erased by the authentication data erasing means 4. Thus, by setting various condition data in advance and storing it in the portable information device 1, the authentication data B is erased from the portable information device 1 to prevent unnecessary leakage of the authentication data due to theft. Prevention and management are reduced, and the storage capacity of the portable information device can be effectively used. FIG. 15 is a supplementary explanatory diagram of Embodiment 3 described above.
(実施形態 4 )  (Embodiment 4)
次に実施形態 4について以下に説明する。 図 9〜図 1 3は実施形 態 4の説明図である。 図 9において、 携帯型情報装置 1 と してのデ ジタル携帯電話よりインターネッ トを利用して、 イベント会場の入 場の際に使用する認証データをチケッ トのよ うな感覚で購入する。 実施形態の個人認証システムの使用は個人認証準備段階、 個人認証 実行段階、 及び認証データ消去段階の 3段階からなる。 使用者はィ ベント会社のイベン トの入場というサービスを利用する人であり、 システム提供者はサービスを提供するィベント会社と携帯型情報装 置 1の通信,システムを提供する通信会社である。 このような 2っ以 上の団体などがシステム提供者の場合、 前もって使用者から料金を 徴収する方法や、 各装置間の連携が動作ときは 1つのシステムと し て機能する設定を決めておけばよい。  Next, a fourth embodiment will be described below. 9 to 13 are explanatory diagrams of the fourth embodiment. In FIG. 9, the user purchases authentication data to be used when entering the event venue in a ticket-like manner by using the Internet from a digital mobile phone as the portable information device 1. The use of the personal authentication system of the embodiment includes three stages: a personal authentication preparation stage, a personal authentication execution stage, and an authentication data erasing stage. The user is a person who uses the service of entering the event of the event company, and the system provider is the event company that provides the service and the communication company that provides the communication of the portable information device 1 and the system. If two or more such organizations are system providers, determine in advance how to collect fees from users, and when coordination between devices is working, set up the settings to function as a single system. I just need.
実施形態 4では、 使用者がサービス購入時に通信会社とィベン ト 会社間で取り交わされる使用者購入情報によ り通信料と同時に使用 者からサービス利用の料金を徴収するように決められている。 使用 者は通信会社の電子商取引のページにてィベント会社の提供するサ 一ビスを選択し購入する。 携帯型情報装置 1は暗号化された認証デ ータ Bを受信し通信会社の顧客データベース 105cに使用者の使用者 購入情報が記憶され、 通信料と共に後日請求される。 In the fourth embodiment, the user is required to collect the service charge from the user at the same time as the communication fee based on the user purchase information exchanged between the communication company and the event company when the service is purchased. use The customer selects and purchases the service provided by the event company on the e-commerce page of the communication company. The portable information device 1 receives the encrypted authentication data B, stores the user purchase information in the customer database 105c of the communication company, and is billed at a later date together with the communication fee.
個人認証実行段階での電子鍵の利用方法の例と して、 暗号化され た認証データ Bを用いた図 1 3 ( A ) について説明する。 暗号化さ れた認証データ Bはシステム提供者以外は平文に復号できず情報は 流出しない。 個人認証の実行後、 システム提供者は、 使用者より送 信された認証データ Bを公開していない秘密鍵で平文に復号し、 平 文の認証データ Bを利用して個人認証する。 (A ) 以外の電子鍵の 利用方法として、 (B ) のよ う に、 携帯型情報装置 1 の識別番号を 個人認証で利用する場合は、 識別番号が流出しないように公開鍵を 利用するが、 公開鍵が認証データ Bでも条件データ Bの一部に含ま れていてもよい。 (C ) のよ うに認証データ Bを暗号化する場合に も、 認証データ Bや条件データ Bの一部に公開鍵が含まれていても よい。 どの場合でも個人ケース認証実行時における情報の流出を防 止する。  Fig. 13 (A) using encrypted authentication data B will be described as an example of a method of using an electronic key in the personal authentication execution stage. The encrypted authentication data B cannot be decrypted in plaintext by anyone other than the system provider, and no information is leaked. After performing personal authentication, the system provider decrypts the authentication data B sent from the user into plaintext with a secret key that is not disclosed, and performs personal authentication using the plaintext authentication data B. As a method of using an electronic key other than (A), when the identification number of the portable information device 1 is used for personal authentication as in (B), a public key is used so that the identification number is not leaked. However, the public key may be included in the authentication data B or a part of the condition data B. Even when the authentication data B is encrypted as in (C), a part of the authentication data B and the condition data B may include a public key. In any case, prevent the leakage of information when performing individual case authentication.
図 1 0は実施形態 4における携帯型情報装置 1 の具体的な構成を 示したものである。 また、 図 1 1 ( A ) 〜 (H ) は携帯型装置に表 示されるページを示したもので、 (A ) はイベント会社ページ、 ( B ) は使用者確認ページ、 (C ) は有効期限選択ページ、 (D ) は 日付選択ページ、 (E ) は購入確認ページ、 (F ) は使用者購入情 報確認通知ページ、 (G ) 及び (H ) は認証データ B消去条件確認 ページ、 である。 また、 図 1 2はデジタル携帯電話や近距離無線通 信用における通信パケッ ト構造の一例である。  FIG. 10 shows a specific configuration of the portable information device 1 according to the fourth embodiment. Figures 11 (A) to (H) show the pages displayed on the portable device, (A) shows the event company page, (B) shows the user confirmation page, and (C) shows the expiration date. The selection page, (D) is the date selection page, (E) is the purchase confirmation page, (F) is the user purchase information confirmation notification page, and (G) and (H) are the authentication data B erasure condition confirmation page. . FIG. 12 shows an example of a communication packet structure in digital mobile phones and short-range wireless communication.
以上の説明で明らかなよ うに、 本発明の実施形態 1〜 4により、 以下に述べるように種々の効果を奏する。 即ち、 本発明によれば、 携帯型情報装置に記憶する認証データを 任意に消去する。 従って、 不必要な認証データの流出や、 携帯型情 報装置の記憶容量の不足などを防ぎ、 使用者やシステム提供者が個 々に安全性、 効率性を向上できる。 As is clear from the above description, the first to fourth embodiments of the present invention provide various effects as described below. That is, according to the present invention, the authentication data stored in the portable information device is arbitrarily erased. Therefore, unnecessary leakage of authentication data and a shortage of storage capacity of the portable information device can be prevented, and users and system providers can individually improve safety and efficiency.
さらに、 本発明によれば、 携帯型情報装置に記憶する特定の認証 データを任意に消去する。 従って、 携帯型情報装置に複数で記憶さ れる認証データの制御性を向上し、 個人認証システムの多様化に対 応する。  Further, according to the present invention, the specific authentication data stored in the portable information device is arbitrarily erased. Therefore, controllability of authentication data stored in a plurality of portable information devices is improved, and the personal authentication system is diversified.
さらに、 本発明によれば、 携帯型情報装置に記憶する特定の認証 データを自動的に消去する。 従って、 携帯型情報装置の管理で使用 者が、 複数の認証データの管理をする煩わしさがなく なり、 個人認 証システムの効率性を向上する。  Further, according to the present invention, the specific authentication data stored in the portable information device is automatically deleted. Therefore, the user does not have to manage a plurality of authentication data in the management of the portable information device, and the efficiency of the personal authentication system is improved.
よ り具体的には、 実施形態 1、 2及び 4の効果として、 認証デー タの管理を容易にし、 主にシステム提供者が任意に携帯型情報装置 及び個人認証システムの利便性や安全性を向上させることができる 。 条件データには通信部より取得する制御データと比較するデータ を含む必要がある。 電磁波によ り通信可能な場合に、 任意にシステ ム提供者が消去し、 例えば条件データで指定したデータを制御デー タと して取得すると認証データを消去する.。 その後、 新たに認証デ ータを送信し使用者を煩わせずに更新してもよい。 さ らに盗難紛失 時における非常手段と して利用してもよい。 携帯電話の通信網を利 用して広範囲にわたり認証データの消去手段を確保してもよいし、 単純に制御データのみを発信する装置を出口付近に配置し乗り物や 建物やテーマパークなどに利用してもよい。  More specifically, the effects of the first, second, and fourth embodiments are that the management of authentication data is facilitated, and that the system provider mainly arbitrarily increases the convenience and security of the portable information device and the personal authentication system. Can be improved. The condition data must include data to be compared with control data obtained from the communication unit. When communication is possible by electromagnetic waves, the system provider deletes the data arbitrarily. For example, if the data specified in the condition data is obtained as control data, the authentication data is deleted. After that, new authentication data may be transmitted and updated without bothering the user. It may also be used as an emergency measure in case of theft or loss. A means for erasing authentication data may be secured over a wide area using a mobile phone communication network, or a device that simply transmits control data may be placed near the exit and used for vehicles, buildings, theme parks, etc. You may.
また、 実施形態 2における補足効果として、 盗難の際の不正使用 防止で、 主に使用者が任意に安全性を向上させることができる。 条 件データには入力ポタンで入力される制御データと比較するデータ を含む必要がある。 例えば条件データで指定した暗証番号の入力後 にはじめて認証データを利用可能とする場合に、 異なる暗証番号を 複数回入力すると認証データを消去する。 特に使用者に身近な人間 で携帯型情報装置を容易に無断利用可能な場合の不正使用に効果が ある。 Further, as a supplementary effect in the second embodiment, by preventing unauthorized use in the event of theft, the user can arbitrarily improve the safety. The condition data is the data to be compared with the control data input with the input button. Must be included. For example, if the authentication data is made available only after the password specified in the condition data is input, the authentication data will be deleted if a different password is entered multiple times. This is particularly effective for unauthorized use when the portable information device can be easily used without permission by a person close to the user.
また、 実施形態 1 の補足効果と して、 認証データの使用期間限定 などの管理が容易となる。 条件データには取得する制御データに含 まれる時間情報と比較するデータを含む必要がある。 携帯型情報装 置に備える時計を利用して認証データを消去する場合は、 多くが時 刻合わせ機能を有していることからシステム提供者にとつて安全性 を向上させることは期待できないが、 使用者を煩わせずに認証デー タを消去するなどして利便性を向上させる。 使用者が自発的に安全 性を向上させるために利用することは可能である。 この時、 流出し ても重大な問題が生じない程度の認証データについてシステム提供 者が自動的に認証データが消去されることを期待して利用する。 安 全性向上を付加する場合は電磁時計や通信によ り ある一定期間で自 動的にさらに強制的に時刻を適正に修正し、 この適正な時刻をもと に認証データを消去する必要がある。  Further, as a supplementary effect of the first embodiment, management such as limitation of the use period of the authentication data becomes easy. The condition data must include data to be compared with the time information included in the acquired control data. When using a clock provided in a portable information device to erase authentication data, it is not expected to improve security for system providers because many have a time adjustment function. The convenience is improved by deleting the authentication data without bothering the user. It is possible for users to voluntarily use it to improve safety. At this time, the system provider expects that the authentication data will be automatically deleted for authentication data that does not cause a serious problem even if it leaks. In order to improve safety, it is necessary to automatically and properly correct the time by using an electromagnetic clock or communication for a certain period of time, and to erase the authentication data based on the appropriate time. is there.
また、 実施形態 3の補足効果として、 使用者の状態、 使用者と携 帯型情報装置との状態によ り認証データを消去し、 主に使用者が安 全性を向上させることができる。 条件データには生体情報サンプリ ング部よ り取得した制御データと比較するデータを含む必要がある 。 例えば条件データで脈拍数値を指定し、 使用者が死亡し脈拍が停 止したり、 脈拍を測定不可能なほど使用者と携帯型情報装置に距離 が生じて生体情報サンプリ ング部の取得値が指定値以下になると認 証データを消去する。 脈拍以外には体温や血流などを利用してもよ レヽ また、 実施形態 3の補足効果として、 認証データの使用位置限定 など管理を容易と し、 使用者やシステム提供者が任意に安全性と利 便性を向上させることができる。 条件データには位置情報取得部か ら取得した制御データと比較するデータを含む必要がある。 例えば 条件データで建物内、 敷地内、 東京都内、 日本国内などの位置の指 定を任意に指定し、 位置情報取得部より取得した位置情報が指定位 置よ り外れると認証データを消去する。 Further, as a supplementary effect of the third embodiment, the authentication data is erased according to the state of the user and the state of the user and the portable information device, so that mainly the user can improve the safety. The condition data must include data to be compared with control data obtained from the biological information sampling unit. For example, by specifying a pulse value in the condition data, the user dies and the pulse stops, or the distance between the user and the portable information device is so large that the pulse cannot be measured, and the value obtained by the biological information sampling unit is reduced. If the value is less than the specified value, the authentication data will be deleted. Other than pulse, body temperature and blood flow may be used. Further, as a supplementary effect of the third embodiment, management such as limiting the use position of the authentication data is facilitated, and the user and the system provider can arbitrarily improve the security and convenience. The condition data needs to include data to be compared with the control data acquired from the position information acquisition unit. For example, the location data within a building, site, Tokyo, Japan, etc. can be arbitrarily specified in the condition data, and the authentication data is deleted if the location information obtained from the location information acquisition unit deviates from the specified location.
また、 実施形態の補足効果と して、 認証データの危機管理の手段 を追加し、 主に使用者が安全性を向上させることができる。 条件デ 一タには信号出力部から取得した制御データと比較するデータを含 む必要がある。 例えば条件データで数値を指定し、 衝撃センサーか ら取得した制御データが指定値よ り大きくなる認証データを消去す る。 携帯型情報装置を破壊する衝撃を検知したり、 外装力パーの取 り外しを検知したり、 認証データ記憶手段に記憶されたデータを不 正に閲覧し、 コピーすることを検知したり して認証データを消去し てもよい。 また、 使用者から携帯型情報装置を離脱する作業に必要 なボタンの押し引きを検知したり、 距離が変化したり使用者からの 距離を検知したり してもよい。  In addition, as a supplementary effect of the embodiment, a risk management means for authentication data is added, and the user can mainly improve the security. The condition data needs to include data to be compared with control data obtained from the signal output unit. For example, specify a numerical value in the condition data, and delete the authentication data whose control data obtained from the impact sensor is larger than the specified value. Detecting the impact of destroying the portable information device, detecting the removal of the exterior force par, detecting unauthorized reading and copying of the data stored in the authentication data storage means, etc. Authentication data may be deleted. Further, it may be possible to detect the push / pull of a button necessary for the work of detaching the portable information device from the user, or to detect a change in the distance or a distance from the user.
また、 実施形態 1のさらなる補足効果と して、 認証データの危機 管理の手段を追加し、 主に使用者が安全性を向上させることができ る。 条件データには信号出力部から取得した制御データと比較する データを含む必要がある。 例えば信号出力部よ り取得した制御デー タが指定値よ り低下すると認証データを消去する。  Further, as a further supplementary effect of the first embodiment, a means for risk management of authentication data is added, so that mainly users can improve safety. The condition data must include data to be compared with the control data obtained from the signal output unit. For example, if the control data obtained from the signal output unit falls below the specified value, the authentication data is deleted.
さ らに実施形態 1及び 4のさ らなる補足効果と して、 携帯型情報 装置に複数の認証データを記憶するときの利便性を向上させること ができる。 産業上の利用可能性 Further, as a further supplementary effect of the first and fourth embodiments, the convenience in storing a plurality of pieces of authentication data in a portable information device can be improved. Industrial applicability
本発明によれば、 携帯型情報装置に記憶する任意の認証データも しく は特定の認証データを消去することができるので、 不必要な認 証データの流出や、 携帯型情報装置の記憶容量の不足などを防ぎ、 使用者やシステム提供者が個々に安全性、 効率性を向上でき、 携帯 型情報装置に複数で記憶される認証データの制御性を向上し、 個人 認証システムの多様化に対応することができ、 携帯型情報装置の管 理で使用者が、 複数の認証データの管理をする煩わしさがなくなり 、 個人認証システムの効率性を向上させることができるので、 産業 上の利用可能性は大である。  According to the present invention, any authentication data or specific authentication data stored in the portable information device can be erased, so that unnecessary authentication data is leaked and the storage capacity of the portable information device is reduced. Prevent shortage, etc., and improve the security and efficiency of users and system providers individually, improve the controllability of multiple authentication data stored in portable information devices, and respond to the diversification of personal authentication systems In the management of the portable information device, the user does not need to manage multiple authentication data, and the efficiency of the personal authentication system can be improved. Is great.

Claims

δ冃 求 の 範 囲 δ 冃 range
1 . 個人認証に利用する携帯型情報装置において、 認証データを 外部から入力する認証データ入力手段と、 前記認証データを記憶す る認証データ記憶手段と、 前記認証データを消去するための条件を 設定する条件データを外部もしく は内部から入力する条件データ入 力手段と、 前記条件データを記憶する条件データ記憶手段と、 制御 データを外部もしくは内部から入力する制御データ入力手段と、 前 記制御データと前記条件データとを処理して判定する処理判定手段 と、 前記認証データを消去する認証データ消去手段とを備え、 前記 処理判定手段の判定結果に基づいて、 前記認証データを消去するこ とを特徴とする携帯型情報装置。 1. In a portable information device used for personal authentication, authentication data input means for externally inputting authentication data, authentication data storage means for storing the authentication data, and conditions for erasing the authentication data are set. Condition data input means for externally or internally inputting condition data to be performed, condition data storage means for storing the condition data, control data input means for externally or internally inputting control data, and the control data And a process determining unit that processes and determines the condition data; and an authentication data erasing unit that erases the authentication data, wherein the authentication data is erased based on a determination result of the process determining unit. Characteristic portable information device.
2 . 前記制御データ入力手段は、 外部からの電磁波を受信する通 信部を備え、 前記制御データを外部からの電磁波によ り受信するこ とを特徴とする請求項 1に記載の携帯型情報装置。  2. The portable information according to claim 1, wherein the control data input means includes a communication unit that receives an external electromagnetic wave, and receives the control data by an external electromagnetic wave. apparatus.
3 . 前記制御データ入力手段は、 入力ボタンもしく は入力イ ンタ 一フェースでデータを入力する入力部を備え、 前記制御データを前 記入力部から入力することを特徴とする請求項 1に記載の携帯型情  3. The control data input unit according to claim 1, wherein the control data input unit includes an input unit for inputting data through an input button or an input interface, and the control data is input from the input unit. The portable information
4 . 前記制御データ入力手段は、 時間情報を得る時間情報発生部 もしく は外部から時間情報を得る時間情報受信部を備え、 前記制御 データを前記時間情報から得ることを特徴とする請求項 1に記載の 携帯型情報装置。 4. The control data input means includes a time information generating unit for obtaining time information or a time information receiving unit for obtaining time information from outside, and the control data is obtained from the time information. A portable information device according to claim 1.
5 . 前記制御データ入力手段は、 生体情報を得る生体情報サンプ リ ング部を備え、 前記制御データを使用者の前記生体情報よ り得る ことを特徴とする請求項 1 に記載の携帯型情報装置。  5. The portable information device according to claim 1, wherein the control data input unit includes a biological information sampling unit that obtains biological information, and the control data can be obtained from the biological information of a user. .
6 . 前記制御データ入力手段は、 位置情報を得る位置情報取得部 を備え、 前記制御データを前記位置情報から得ることを特徴とする 請求項 1 に記載の携帯型情報装置。 6. The control data input unit is a position information acquisition unit that obtains position information. The portable information device according to claim 1, further comprising: obtaining the control data from the position information.
7 . 前記制御データ入力手段は、 センサーを備える信号出力部を 備え、 前記制御データを前記信号出力部で発生する信号から得るこ とを特徴とする請求項 1 に記載の携帯型情報装置。  7. The portable information device according to claim 1, wherein the control data input unit includes a signal output unit including a sensor, and the control data is obtained from a signal generated by the signal output unit.
8 . 前記制御データ入力手段は、 内蔵する発電手段もしく は内蔵 する充電手段による信号出力部を備え、 前記制御データを前記信号 出力部で発生する信号から得ることを特徴とする請求項 1に記載の 携帯型情報装置。  8. The control data input unit according to claim 1, further comprising a signal output unit provided by a built-in power generation unit or a built-in charging unit, wherein the control data is obtained from a signal generated by the signal output unit. The portable information device as described.
9 . 前記処理判定手段は、 前記制御データにより前記条件データ を変更する条件データ変更手段を有し、 前記制御データの入力によ り変更された条件データが指定の条件を満たすことで前記認証デー タを消去することを特徴とする請求項 1に記載の携帯型情報装置。  9. The processing determining means includes condition data changing means for changing the condition data according to the control data, and the condition data changed by inputting the control data satisfies a specified condition. 2. The portable information device according to claim 1, wherein the data is deleted.
1 0 . 前記認証データ記憶手段は、 記憶する認証データが個人認 証するのに必要なデータの一部であることを特徵とする請求項 1に 記載の携帯型情報装置。  10. The portable information device according to claim 1, wherein the authentication data storage unit stores a part of the data necessary for personal authentication.
1 1 . 前記認証データ記憶手段は、 2つ以上の認証データを記憶 することを特徴とする請求項 1 に記載の携帯型情報装置。  11. The portable information device according to claim 1, wherein the authentication data storage unit stores two or more pieces of authentication data.
1 2 . 前記条件データ記憶手段は、 複数の認証データを消去する ための 1つの条件データを記憶することを特徴とする請求項 1 に記 載の携帯型情報装置。  12. The portable information device according to claim 1, wherein the condition data storage unit stores one condition data for deleting a plurality of pieces of authentication data.
1 3 . 前記条件データ記憶手段は、 1つの認証データを消去する ための複数の条件データを記憶することを特徴とする請求項 1 に記 載の携帯型情報装置。  13. The portable information device according to claim 1, wherein the condition data storage means stores a plurality of condition data for erasing one authentication data.
1 4 . 前記認証データをどのような条件で消去するか使用者へ通 知する認証データ消去条件通知手段を備えることを特徴とする請求 項 1に記載の携帯型情報装置。 14. The portable information device according to claim 1, further comprising an authentication data erasure condition notifying unit for notifying a user under what condition the authentication data is erased.
1 5 . 現状記憶している認証データによ り個人認証して利用可能 なサービスを音声もしくは表示で使用者へ通知する個人認証可能サ 一ビス通知手段を備えることを特徴とする請求項 1に記載の携帯型 15. The personal authentication enabled service notifying means for notifying the user of a service that can be used by personal authentication based on the currently stored authentication data by voice or display to the user is provided. Stated portable type
1 6 . 前記認証データを消去することを使用者へ予告する認証デ ータ消去予告手段を備えることを特徴とする請求項 1 に記載の携帯 型情報装置。 16. The portable information device according to claim 1, further comprising an authentication data erasure notifying unit for notifying a user of erasing the authentication data.
1 7 . 識別番号を記憶する識別番号記憶手段を備えることを特徴 とする請求項 1 に記載の携帯型情報装置。  17. The portable information device according to claim 1, further comprising identification number storage means for storing an identification number.
1 8 . 電話網接続手段、 インターネッ ト接続手段のうちの少なく とも一方を備えることを特徴とする請求項 1 に記載の携帯型情報装 置。  18. The portable information device according to claim 1, further comprising at least one of a telephone network connection unit and an Internet connection unit.
1 9 . 前記認証データ消去手段は、 外部の電磁場もしくは外部の 電磁波を利用して消去することを特徴とする請求項 1 に記載の携帯 型情報装置。  19. The portable information device according to claim 1, wherein the authentication data erasing means performs erasing using an external electromagnetic field or an external electromagnetic wave.
2 0 . 前記条件データ記憶手段に記憶するための前記条件データ を設定する条件データ設定手段を備えることを特徴とする請求項 1 に記載の携帯型情報装置。  20. The portable information device according to claim 1, further comprising condition data setting means for setting the condition data to be stored in the condition data storage means.
2 1 . 使用者を特定する使用者特定手段と、 後に識別可能な認証 データを発行する認証データ発行手段と、 前記認証データを携帯型 情報装置へ入力する認証データ入力手段と、 前記携帯型情報装置に 記憶する認証データを参照する認証データ参照手段と、 前記認証デ ータを識別する認証データ識別手段と、 サービス利用を許可するサ 一ビス利用許可手段とを備える個人認証装置と、 前記携帯型情報装 置と前記個人認証装置との有線、 無線もしく は接触による情報伝送 路とを備え、 前記個人認証装置が特定した使用者の指定する前記携 帯型情報装置へ前記認証データを入力し、 その後前記個人認証装置 が前記認証データを参照し、 前記認証データを識別することで使用 者の個人認証を行い、 サービスの利用を許可することを特徴とする 個人認証システム。 21. User identification means for identifying a user, authentication data issuing means for issuing authentication data that can be identified later, authentication data input means for inputting the authentication data to a portable information device, and the portable information A personal authentication device comprising: authentication data reference means for referring to authentication data stored in the device; authentication data identification means for identifying the authentication data; and service use permission means for permitting use of a service. An information transmission path by wire, wireless, or contact between the personal information device and the personal information device; and inputting the authentication data to the portable information device specified by the user specified by the personal authentication device. And then the personal authentication device A personal authentication system for performing personal authentication of a user by referring to the authentication data and identifying the authentication data, and permitting use of a service.
2 2 . 前記個人認証装置は、 条件データを設定する条件データ設 定手段と、 条件データを前記携帯型情報装置へ入力する条件データ 入力手段とを有し、 前記個人認証装置において設定した条件データ を前記携帯型情報装置へ入力し、 前記携帯型情報装置が条件データ を記憶した後に入力する制御データと前記条件データを前記携帯型 情報装置内で処理して判定した結果に基づいて、 前記認証データを 消去することを特徴とする請求項 21に記載の個人認証システム。  22. The personal authentication device has condition data setting means for setting condition data, and condition data input means for inputting condition data to the portable information device, and the condition data set in the personal authentication device. Is input to the portable information device, and the control data input after the portable information device stores the condition data and the condition data are processed in the portable information device and determined based on the result of the authentication. 22. The personal authentication system according to claim 21, wherein data is erased.
2 3 . 前記個人認証装置は、 少なく とも使用者特定手段と認証デ ータ入力手段とを有する使用者特定部と、 少なく とも認証データ識 別手段を有する情報処理部と、 少なく とも認証データ参照手段を有 する認証データ参照部と、 使用者特定部と情報処理部と認証データ 参照部との有線もしくは無線の情報伝送路とを備え、 認証データ参 照部は、 携帯型情報装置との有線、 無線もしくは接触による情報伝 送路を備え、 前記使用者特定部は、 前記携帯型情報装置と有線、 無 線もしく は接触による情報伝送路とを備え、 使用者特定部が特定し た使用者の指定する前記携帯型情報装置へ前記認証データを入力し 、 前記認証データを認証データ参照部が参照した後に前記情報処理 部が前記認証データを識別することによって、 使用者のサービス利 用を許可するこ とを特徴とする請求項 21に記載の個人認証システム  23. The personal authentication device includes a user identification unit having at least user identification means and authentication data input means, an information processing unit having at least authentication data identification means, and at least authentication data reference. An authentication data reference unit having a means, and a wired or wireless information transmission path between the user identification unit, the information processing unit, and the authentication data reference unit. A wireless or contact information transmission path, the user identification unit includes the portable information device and a wired, wireless or contact information transmission path, and is used by the user identification unit. The authentication data is input to the portable information device specified by the user, and the information processing unit identifies the authentication data after the authentication data reference unit refers to the authentication data, thereby providing a user service. Personal authentication system of claim 21, wherein the authorization child to use bis utilization
2 4 . 前記使用者特定部は、 条件データ設定手段と、 条件データ 入力手段とを備えることを特徴とする請求項 23に記載の個人認証シ ステム。 24. The personal authentication system according to claim 23, wherein the user specifying unit includes condition data setting means and condition data input means.
2 5 . 個人認証用の携帯型情報装置で利用する認証データ消去方 法であって、 認証データを外部から入力する認証データ入力手段と 、 前記認証データを記憶する認証データ記憶手段と、 前記認証デー タを消去するための条件を設定する条件データを外部もしくは内部 から入力する条件データ入力手段と、 前記条件データを記憶する条 件データ記憶手段と、 制御データを外部もしくは内部から入力する 制御データ入力手段と、 前記制御データと前記条件データとを処理 して判定する処理判定手段と、 前記認証データを消去する認証デー タ消去手段とを備え、 前記処理判定手段の判定結果に基づいて、 前 記認証データを消去する携帯型情報装置における個人認証用の携帯 型情報装置において利用する認証データ消去方法において、 2 5. How to erase authentication data used in portable information device for personal authentication Authentication data input means for externally inputting authentication data, authentication data storage means for storing the authentication data, and condition data for setting conditions for erasing the authentication data from outside or inside. Condition data input means for inputting, condition data storage means for storing the condition data, control data input means for inputting control data from outside or inside, and processing and judging the control data and the condition data Portable information for personal authentication in a portable information device for erasing the authentication data based on a result of the determination by the process determining means, comprising: a processing determining means; and an authentication data erasing means for erasing the authentication data. In the authentication data erasing method used in the device,
前記携帯型情報装置に認証データと前記認証データに対応した条 件とを入力して記憶し、 前記条件を満足する信号を前記携帯型情報 装置が識別することにより前記認証データを消去する認証データ消 去方法。  Authentication data for inputting and storing authentication data and conditions corresponding to the authentication data in the portable information device, and erasing the authentication data by the portable information device identifying a signal satisfying the condition. How to erase.
PCT/JP2001/010649 2000-12-08 2001-12-05 Portable information apparatus, personal authentication system, and method for erasing authentication data WO2002046941A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2000-374056 2000-12-08
JP2000374056A JP2002175505A (en) 2000-12-08 2000-12-08 Portable information device, personal identification system, and identification data erasing method

Publications (1)

Publication Number Publication Date
WO2002046941A1 true WO2002046941A1 (en) 2002-06-13

Family

ID=18843328

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2001/010649 WO2002046941A1 (en) 2000-12-08 2001-12-05 Portable information apparatus, personal authentication system, and method for erasing authentication data

Country Status (2)

Country Link
JP (1) JP2002175505A (en)
WO (1) WO2002046941A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1422709A3 (en) * 2001-07-09 2004-08-25 Matsushita Electric Industrial Co., Ltd. Model change device

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8077679B2 (en) 2001-03-28 2011-12-13 Qualcomm Incorporated Method and apparatus for providing protocol options in a wireless communication system
US8121296B2 (en) 2001-03-28 2012-02-21 Qualcomm Incorporated Method and apparatus for security in a data processing system
US9100457B2 (en) 2001-03-28 2015-08-04 Qualcomm Incorporated Method and apparatus for transmission framing in a wireless communication system
US7352868B2 (en) 2001-10-09 2008-04-01 Philip Hawkes Method and apparatus for security in a data processing system
US7649829B2 (en) 2001-10-12 2010-01-19 Qualcomm Incorporated Method and system for reduction of decoding complexity in a communication system
US7599655B2 (en) 2003-01-02 2009-10-06 Qualcomm Incorporated Method and apparatus for broadcast services in a communication system
FI115109B (en) * 2003-01-22 2005-02-28 Nokia Corp Sensor arrangement and mobile communicator comprising a sensor arrangement
US8098818B2 (en) 2003-07-07 2012-01-17 Qualcomm Incorporated Secure registration for a multicast-broadcast-multimedia system (MBMS)
US8718279B2 (en) 2003-07-08 2014-05-06 Qualcomm Incorporated Apparatus and method for a secure broadcast system
US8724803B2 (en) 2003-09-02 2014-05-13 Qualcomm Incorporated Method and apparatus for providing authenticated challenges for broadcast-multicast communications in a communication system

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0410299A (en) * 1990-04-26 1992-01-14 Seiko Epson Corp Ic memory card
JPH0696304A (en) * 1992-09-14 1994-04-08 Toshiba Corp Memory card
JPH09185554A (en) * 1995-12-28 1997-07-15 Matsushita Electric Ind Co Ltd Information protection device
JPH10105473A (en) * 1996-09-27 1998-04-24 Tokico Ltd Electronic equipment
JPH10177525A (en) * 1996-12-16 1998-06-30 Matsushita Electric Ind Co Ltd Maintenance system for portable electronic devices
JPH11282981A (en) * 1998-03-30 1999-10-15 Seiko Epson Corp Information device and input device of personal authentication system
JPH11282757A (en) * 1998-03-30 1999-10-15 Seiko Epson Corp Information equipment
JP2000058760A (en) * 1998-08-14 2000-02-25 Nippon Telegr & Teleph Corp <Ntt> Self-destructive semiconductor device
JP2000306005A (en) * 1999-02-18 2000-11-02 Matsushita Electric Ind Co Ltd Electronic value utilization system, electronic value utilization method, server device, and recording medium

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0410299A (en) * 1990-04-26 1992-01-14 Seiko Epson Corp Ic memory card
JPH0696304A (en) * 1992-09-14 1994-04-08 Toshiba Corp Memory card
JPH09185554A (en) * 1995-12-28 1997-07-15 Matsushita Electric Ind Co Ltd Information protection device
JPH10105473A (en) * 1996-09-27 1998-04-24 Tokico Ltd Electronic equipment
JPH10177525A (en) * 1996-12-16 1998-06-30 Matsushita Electric Ind Co Ltd Maintenance system for portable electronic devices
JPH11282981A (en) * 1998-03-30 1999-10-15 Seiko Epson Corp Information device and input device of personal authentication system
JPH11282757A (en) * 1998-03-30 1999-10-15 Seiko Epson Corp Information equipment
JP2000058760A (en) * 1998-08-14 2000-02-25 Nippon Telegr & Teleph Corp <Ntt> Self-destructive semiconductor device
JP2000306005A (en) * 1999-02-18 2000-11-02 Matsushita Electric Ind Co Ltd Electronic value utilization system, electronic value utilization method, server device, and recording medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1422709A3 (en) * 2001-07-09 2004-08-25 Matsushita Electric Industrial Co., Ltd. Model change device
US7694155B2 (en) 2001-07-09 2010-04-06 Panasonic Corporation Digital work protection system, record/playback device, recording medium device, and model change device
US7698571B2 (en) 2001-07-09 2010-04-13 Panasonic Corporation Digital work protection system, record/playback device, recording medium device, and model change device

Also Published As

Publication number Publication date
JP2002175505A (en) 2002-06-21

Similar Documents

Publication Publication Date Title
US12002051B2 (en) Transmitter for transmitting a secure access signal
US20200184441A1 (en) Portable handheld device for wireless order entry and real time payment authorization and related methods
KR100953231B1 (en) Electronic trading system and method
CN101116082B (en) Authentication system, apparatus and method
US7325132B2 (en) Authentication method, system and apparatus of an electronic value
US20090043681A1 (en) Authentication system
US9098838B2 (en) Portable terminal device and method of determining communication permission thereof
US20060107067A1 (en) Identification card with bio-sensor and user authentication method
WO2001082151A1 (en) External device and authentication system
WO2003065318A2 (en) Payment system
US20060004673A1 (en) Memory rental service system in intelligent authentication unit
WO2002046941A1 (en) Portable information apparatus, personal authentication system, and method for erasing authentication data
RU2178917C2 (en) Electronic identification system and method for automatic identification control for it
KR20050017699A (en) Portable terminal control device, specially in connection with conducting a stable and convenient payment process while processing a fund transfer service with one click
JP2004110684A (en) Payment method and payment system
JP4032358B2 (en) RFID authentication system, RFID authentication method, and program therefor
JP2004185253A (en) Electronic coin system
KR100579165B1 (en) Mobile terminal authority approver and approval terminal authentication / control device and method
JP2002203225A (en) Authentication auxiliary device, personal authentication device, personal authentication system and ID media issuing / personal authentication network system
KR20050017701A (en) Cell phone and mobile device data storage device
KR20050017700A (en) Mobile phone and mobile terminal function expansion device and function expansion method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase