USRE39550E1 - Security apparatus and method - Google Patents

Security apparatus and method Download PDF

Info

Publication number
USRE39550E1
USRE39550E1 US09/881,249 US88124901A USRE39550E US RE39550 E1 USRE39550 E1 US RE39550E1 US 88124901 A US88124901 A US 88124901A US RE39550 E USRE39550 E US RE39550E
Authority
US
United States
Prior art keywords
service
user
supply
situation
person
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US09/881,249
Inventor
Kaoru Suzuki
Kazuhiro Fukui
Hisashi Kazama
Osamu Yamaguchi
Eiji Tanaka
Yasuhiro Taniguchi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Toshiba Corp
Original Assignee
Toshiba Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp filed Critical Toshiba Corp
Priority to US09/881,249 priority Critical patent/USRE39550E1/en
Application granted granted Critical
Publication of USRE39550E1 publication Critical patent/USRE39550E1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates to a security apparatus and a method for supplying a service to a user by confirming a use situation of the user and infringement situation of non-user in order to keep safety and reliability for the service.
  • a method to specify the user in service-use area by electrical means and to execute security for each kind of service is very important in present electrical society.
  • Various kinds of security means for example, memorized number, magnetic card, IC card, wireless card, sound comparison, fingerprint comparison, retina comparison and face comparison, have been used.
  • the memorized number, the magnetic card, the IC card and the wireless card specifies the user by information only the user knows or with a memory device key for only the user. Therefore, they are in danger of being used unjustly.
  • the known security apparatuses include the following problems.
  • a security apparatus for a device supplying a service to a user, comprising: person discrimination means for recognizing a user requesting the service; use situation decision means for deciding whether the user is under a situation to use the service; infringement situation decision means for detecting whether a non-user intrudes into a use area the service to decide whether of the service is infringed; service control means for supplying the service to the user in case said person discrimination means recognizes the user, and for controlling a supply of the service if said use situation decision means decides the user is not under the situation to use the service or if said infringement situation decision means decides that the security of the service is infringed.
  • a security method associated with supplying a service to a user comprising the step of: recognizing a user desiring the service: supplying the service to the user if the user is recognized; deciding whether the user is under a situation to use the service; deciding whether a non-user intrudes into a use area of the service; and controlling the supply of the service if the user is not under the situation to use the service or if the non-user is intruding into the use area of the service.
  • a computer readable memory containing computer-readable instructions to supply a service to a user, comprising: instruction means for causing a computer to recognize a user desiring the service; instruction means for causing a computer to supply the service to the user if the user is recognized; instruction means for causing a computer to decide whether the user is under a situation to use the service; instruction means for causing a computer to decide whether a non-user intrudes into a use area of the service; and instruction means for causing a computer to control a supply of the service if the user is decided not under the situation to use the service or the non-user is decided to intrude into the use area of the service.
  • FIG. 1 is a block diagram of the security apparatus according to the present invention.
  • FIG. 2 is a block diagram of the situation detection section of the security apparatus according to the present invention.
  • FIG. 3 is a flow chart of processing of a service supply permission section according to a first embodiment of the present invention.
  • FIG. 4 is a flow chart of processing of the service supply permission section according to a second embodiment of the present invention.
  • FIG. 5 is a flow chart of processing of the service supply permission section according to a third embodiment of the present invention.
  • FIG. 6 is a flow chart of processing of the service supply permission section according to a fourth embodiment of the present invention.
  • FIG. 7 is a block diagram of the sequritysecurity apparatus according to a fifth embodiment of the present invention.
  • FIG. 8 is a flow chart of processing of the service supply permission section according to the fifth embodiment of the present invention.
  • FIG. 9 is a flow chart of processing of the service supply permission section according to a sixth embodiment of the pressentpresent invention.
  • FIG. 10 is a flow chart of processing of the service supply permission section according to a seventh embodiment of the present invention.
  • FIG. 11 is a block diagram of the sequritysecurity apparatus according to a eighth embodiment of the present invention.
  • FIG. 12 is a flow chart of processing of the service supply permission section according to the eighth embodiment of the present invention.
  • FIG. 13 is a schematic diagram of detection of visual lines of the user in the image according to the eighth embodiment of the present invention.
  • FIG. 14 is a flow chart of processing of the service supply permission section according to a ninth embodiment of the present invention.
  • FIG. 15 is a schematic diagram of detection of visual lines of the non-user in the image according to the ninth embodiment of the present invention.
  • FIG. 16 is a flow chart of processing of the service supply permission section according to a tenth embodiment of the present invention.
  • FIG. 17 is a schematic diagram of supply method for the security apparatus by software according to the present invention.
  • FIG. 1 is a block diagram of the security apparatus according to the present invention.
  • the security apparatus of the present invention is comprised of a situation detection section 1 , a service supply permission section 2 and a service supply section 3 .
  • the situation detection section 1 discriminates the user in service-user area, detects whether the user is under a situation to use the service (use situation) and detects whether a non-user infringes the security of the user (infringement situation).
  • the detection result of the use situation and the infringement situation is outputted to the service supply permission section 2 as person information.
  • the situation that the user can utilize the service represents that the user is confirmed to be permitted the supply of the service and the user continuously utilizes the service.
  • a situation that the user continuously utilizes the service represents a status that the user actually interacts with the service application (the user inputs operation to system or the user is supplied output from the system).
  • a status of non-interaction within predetermined time indicates thinking, chattering, looking away.
  • Another status indicates when the user moves away from service use-space within a predetermined time.
  • the situation that a non-user infringes the security of the user represents that a person other than the confirmed user intentionally or accidentally uses the service while the service is supplied to the confirmed user.
  • the other person can then interact with the operation or information to be disclosed only to the confirmed user.
  • the user interacts with the service application of the system through a display, the other person looks on the display behind the user. Otherwise, the other person intends to interact with the service application in the user's absence within the predetermined time.
  • the situation detection section 1 monitors service-use area using image or sound. Especially, the use situation of the user and the infringement situation of the security are detected by the image (person detection/direction of face detection/person confirmation) and the sound (person detection/person specification/chattering detection). Monitoring may be wireless.
  • the service supply permission section 2 controls start/interruption/interruption and cancellation/end of the service for the service supply section 3 according to the detection result of the situation detection section 1 .
  • the service supply permission section 2 starts the supply of the service when the user is specified in the service-use area.
  • the service supply permission section 2 controls the supply of the service in at least one of the cases where the user does not utilize the service or where the security of the user is infringed. Especially when the use does not utilize the service during the supply of the service, the supply of the service finishes. If the security of the user is infringed by another person, the supply of the service interupts interrupts until the infringement is relieved.
  • the service supply section 3 supplies various kinds of service under the control of the service supply permission section 2 .
  • an uninhabited ATM electric automatic teller's machine
  • a portable terminal or a computer used by several persons may comprise the service supply section 3 .
  • FIG. 2 is a block diagram of the situation detection section 1 .
  • the situation detection section 1 is comprised of an image input section 11 , a person area detection section 12 , a person comparison section 13 , a use situation decision section 14 and an infringement situation decision section 15 .
  • the image imputinput section 11 inputs an image through a TV camera.
  • the TV camera is set in the service use area for continuously observing the user to be supplied the service.
  • the person area detection section 12 analyzes images input by the image input section 11 and monitors the secure area from the input image. For example, a difference between the input image and background image (uninhabited area) indicates a person present in the secure area.
  • the person area detection section 12 outputs person detection information D 1 when the person present is detected and outputs non-detection information D 1 when the person present is not detected.
  • the person comparison section 13 compares the person present area image with the content of a person comparison dictionary to specify which person is present in the secure area image.
  • the person comparison dictionary previously stores at least comparison information of persons permitted to use the service.
  • the person comparison section 13 outputs person discrimination information D 2 representing whether the person present coincides with a person permitted to use the service. If the person present coincides with a person permitted to use the service in the person comparison dictionary, the person present is registered as the user who can be supplied the service.
  • the use situation decision section 14 detects whether the user is under a situation capable of using the service. After the user of the person area is registered and if the registered user is now included in the person discrimination information D 2 , the user is decided to be capable of using the service. The use situation decison decision section 14 outputs use situation information D 3 representing whether the user is capable of using the service.
  • the infringement situation decision section 15 detects whether a non-user infringes the security of the service. If a person other than the user utilizing the service now is included in the person discrimination information D 2 , the infringement situation decision section 15 decides that the security of the service is infringed, and outputs infringement situation information D 4 indicates a breach of security.
  • the person detection/non-detection information D 1 , the person discrimination information D 2 , the use situation information D 3 , the infringement situation information D 4 are called person information.
  • the person information is read out by the service supply permission section 2 (step S 1 in FIG. 3 explained afterward) and referred at steps S 3 , S 4 , S 8 , S 11 in FIG. 3 .
  • FIG. 3 is a flow chart of processing of the service supply permission section 2 .
  • the situation detection section 1 discriminates the user in the service-use area and monitors the use situation and the infringement situation using the image inputted from the TV camera.
  • the person information as detection result of the situation detection section 1 is outputted to the service supply permission section 2 .
  • the service supply permission section 2 executes a security controlling process to the service supply section 3 .
  • the service supply permission section 2 obtains the person information from the situation detection section 1 (step S 1 ).
  • the service supply permission section 2 monitors the security area in the service use area according to the person detection/non-detection information D 1 (step S 3 ).
  • step S 3 If a person area is not detected (“No” at step S 3 ), processing of the service supply permission section 2 is returned to step S 1 .
  • the service supply permission section 2 decides whether the person is permitted as a user (step S 4 ). As a result, in case the person is not permitted as a user (“No” at step S 4 ), the service supply permission section 2 rejects the supply of the service (step S 5 ) and returns processing to step S 1 .
  • step S 6 the person is permitted as a user
  • the service supply permission section 2 begins the supply of the service (step S 7 ) and returns the processing to S 1 .
  • steps S 1 -S 7 are the same as normal confirmation of security (from confirming the user to begining beginning the supply of the service). In this place, after the supply of the service is begun, the registered user exists in the service-use area and the registered person must be detected at step S 1 . After the supply of the service is begun, the processing is returned to step S 8 through steps S 1 and S 2 .
  • the service supply permission section 2 decides whether the registered person is using the service according to the use situation information D 3 (step S 8 ). As a result, if the situation of using the service is detected, for example, a user's absence continues above a predetermined time (“No” at step S 8 ), the service supply permission section 2 terminates the supply of the service immediately (step S 9 ). Next, the registration of the user is cancelled (step S 10 ) and the processing returns to step S 1 in order to register a new user.
  • the service supply permission section 2 decides whether a non-user infringes the security of the user according to the infringement situation information D 4 (step S 11 ). As a result, if the situation that a non-user infringes the security is detected, for example, an other person watches the display behind the user during the supply of the service (“Yes” at step S 11 ), the service supply permission section 2 temporarily interrupts the service to maintain security untill the security is not infringed (step S 12 ). If a situation that the security is not infringed is detected during the interruption of the service (“Yes” at step S 13 ), the service supply permission section 2 cancels the interruption of the service and begins the supply of the service (step S 14 ).
  • the supply of the service is begun.
  • the supply of the service if the user is not using the service or if the security is breached, the supply of the service finishes or interrupts. Accordingly, the security is maintained during all periods of begining beginning/supplying/end of the service. For example, in case the registered user is confirmed and supplied money through an Automatic Teller Machine, or the user operates a handy terminal by watching secret information on a display, the security of the user is effectively protected according to the present invention.
  • another person can not use the terminal while the user is supplied the service through the terminal. Therefore, the other person must wait to use the same terminal untill until the first user finishes.
  • use by a specified user for the terminal excludes use by an other another person.
  • the supply of the service is reserved (interrupted) and the new user can be supplied the service from the begining beginning.
  • a different service is supplied to another user.
  • the reserved service is supplied to the original user again. Therefore, while each service is not completed respectively, plural users can be supplied each service from the same terminal one after another. Additionally, if the original user does not come back to the same terminal, the reserved service is finished and memory area corresponding to the reserved service is relieved to save memory resources.
  • FIG. 4 is a flow chart of processing of the service supply permission section according to the second embodiment.
  • a computer network is commonly used by plural users and a plurality of terminals connected to the network provide a security function.
  • steps S 15 , S 16 , S 17 , S 18 are newly added in comparison with FIG. 3 .
  • Each user is confrmed respectively and supplied the service through a respective terminal (step S 1 , S 2 ).
  • a user A creates a document using a terminal A and leaves from the terminal A without completing the work.
  • the terminal A detects that the user A is not using the service (“No” at step S 8 ) and that the supply of the service is not completed (“No” at step S 15 ).
  • the service of creating the document at the present time is stored (reserved) in a memory area of the terminal and the supply of the teminal terminal is interrupted (step S 16 , S 17 ).
  • the situation for the user not using the service is detected according to the use situation information D 3 . Completion situation of the supply of the service is decided by completion notice sent by the user.
  • a user B is confirmed by the teminal terminal A and works through the terminal A.
  • the terminal A newly reserves the results of the service for the user B (steps S 8 , S 15 , S 16 , S 17 ) and begins the supply of the reserved service to the user A (steps S 8 , S 11 , S 13 , S 14 ).
  • the memory area to store the result of the service is commonly used by each terminal on the network. Therefore, if the user B is confirmed by a terminal B (steps S 4 , S 6 , S 7 ), the reserved result of the service for the user B is supplied through the terminal B (steps S 8 , S 11 , S 13 , S 14 ).
  • the terminal A finishes the service of the user A immediately and relieves the memory area corresponding to the service result of the user A (steps S 9 , S 10 ). In this way, a situation of storing many service results in memory area is prevented.
  • the predetermined time as decison decision standard at step S 18 is freely set by the kind of the service.
  • the supply of the service for each user is reserved untill until the work of each user is completed.
  • a right service-use generated by confirming the user is assured untill until the user's work is completed.
  • the user B does not have to wait untill until the user A finishes using the terminal. By changing the user A for the user B, the user B can use the terminal without infringement for the security of the user A.
  • the service in order to be supplied the service, the user must be confirmed as a registered person. In short, if the user is not previously registered, he can not be supplied the service. However, there is a service to be used by many and unspecified persons. Therefore, in a third embodiment, the service is supplied to an unspecified person without confirmation. At that time, a comparison dictionary of the unspecified person is generate and registered. During the supply of the service, the user (the unspecified person) is discriminated from other users by referring to the comparison dictionary. Therefore, the service is supplied to many and unspecified persons while the security is maintained.
  • FIG. 5 is a flow chart of processing of the service supply permission section 2 according to the third embodiment.
  • step S 19 is newly added instead of steps S 4 , S 5 in comparison with FIG. 3 .
  • the service supply permission section 2 detects the person in the service use area according to the person detection/non-detection information D 1 (step S 3 ). If the person is detected (“Yes” at step S 3 ), the service supply permission section 2 generates the person comparison dictionary (step S 19 ) and registers the person as a new user (step S 6 ). After that, the use situation of the new user is continuously monitored, and the service supply permission section 2 begins to supply the service (step S 7 ).
  • the service is supplied to an unspecified person without confirmation and the person comparison dictionary is generated to be registered. Therefore, a new user except for the pre-registered user is able to be supplied the service. In this case, during the supply of the service for the new user, he is discriminated from another person by referring the person comparison dictionary in order to maintain the security.
  • the service supply permission section 2 controlls controls the begining beginning and end of the service and does not execute interruption and cancellation of the service in case of infringement of the security.
  • FIG. 6 is a flow chart of processing of the service supply permission section 2 according to the fourth embodiment.
  • step S 20 is a newly added step instead of step S 12 in comparison with FIG. 3 .
  • the service supply permission section 2 sends a warning of the infringement to the user (step S 20 ).
  • the warning is outputted through an image (warning sentence/mark, controlling of color/brightness/blink) or sound (speaking of warning sentence/warning buzzer).
  • the user receives the warning, it is possible for the user to protect his security by, for example, turning off a power supply of the terminal or hiding a display of the terminal.
  • FIG. 7 is a block diagram of the security apparatus according to the fifth embodiment.
  • an interactive control section 4 is a new section in comparison with FIG. 1 .
  • FIG. 8 is a flow chart of processing of the service supply permission section 2 according to the fifth embodiment.
  • steps S 20 , S 21 are new added steps in comparison with FIG. 3 .
  • the interactive control section 4 receives an indication of the user for the warning of the infringement and controlls the supply of the service according to the indication.
  • the kind of the indication is continuation/interruption/end of the service.
  • the user selects the kind of the indication by, for example, using a keyboard.
  • the service supply permission section 2 sends the warning to the user (step S 20 ).
  • the interactive control section 4 receives an indication of the user (step S 21 ), the service supply permission section 2 controlls controls the supply of the service according to the indication.
  • the interactive control section 4 outputs the indication of continuation to the service supply permission section 2 .
  • the service supply section 3 continues to supply the service according to the indication of continuation.
  • the interactive control section 4 outputs the indication of interruption to the service supply permission section 2 .
  • the service supply section 3 interrupts the supply of the service according to the indication of the interruption.
  • the interractive interactive control section 4 outputs the indication of end to the service supply permission section 2 .
  • the service supply section 3 finishes the supply of the service.
  • the user can select the indication to keep security in case of infringement of the security.
  • the apparatus (equipment) can automatically keep the security of the user.
  • the warning of the infringement is outputted as an image
  • the user understands circumstances around the user by watching the image (the user and non-user are included).
  • the user can select the indication (continuation/interruption/end of the service) according to the circumstances.
  • the apparatus in case the indication is not selected by the user within predetermined time after generating the warning, the apparatus automatically executes predetermined (default) controlling of the supply of the service. This predetermined controlling is freely set by the user.
  • FIG. 9 is a flow chart of processing of the service supply permission section 2 .
  • steps S 20 , S 21 , S 22 , S 23 , S 24 are added steps in comparison with FIG. 3 .
  • the construction of the security apparatus of the fifth embodiment is the same as in FIG. 7 .
  • the service supply permission section 2 sends the warning to the user (step S 20 ). After the warning, the interactive control section 4 receives indication of the user.
  • the interactive control section 4 outputs the purport of no indication to the service supply permission section 2 .
  • the service supply permission section 2 controllscontrols the supply of the service according to a predetermined control (step S 24 ). For example, if continuation of the service is set as the predetermined control (“CONTINUATION” at step S 24 ), the service supply section continues to supply the service. If interruption of the service is set as the predetermined control (“INTERRUPTION” at step S 24 ), the service supply section 3 interrupts the supply of the service. If end of the service is set as the predetermined controlling (“END” at step S 24 ), the service supply section 3 finishes the supply of the service.
  • the interactive control section 4 receives the indication (step S 21 ) and the service supply permission section 2 controllscontrols the supply of the service according to the indication.
  • the interactive control section 4 outputs the continuation indication to the service supply permission section 2 .
  • the service supply section 3 continues to supply the service. If the user indicates interruption of the service (“INTERRUPTION” at step S 21 ), the interactive control section 4 outputs the interruption indication to the service supply permission section 2 .
  • the service supply section 3 interrupts the supply of the service. If the user indicates end of the service (“END” at step S 21 ), the interactive control section 4 outputs the end indication to the service supply permission section 2 .
  • the service supply section 3 finishes the supply of the service.
  • the security of the user is kept according to a predetermined control (action of default). Otherwise, it is possible to control the supply of the service different form the predetermined control for some reasons by a user's indication in case of the warning. For example, in an office, as for the warning generated whenever a colleague stands behind the user operating the equipment, the user does not have to indicate continuation of the service.
  • the predetermined control is already set as continuation of the service. In this case, the user can continue the operation while neglecting the warning.
  • the predetermined control is set as interruption of the service. In this case, security of the user for the equipment is protected while he neglects the warning.
  • predetermined security is activated for service or information.
  • security degree is actually different by unit of service/information. If a fixed security degree is activated, useless interruption of the service is often executed. This happens in case of plural workers using information equipment. Accordingly, it is desired that the security is activated according to the kind of the service/information.
  • electric mail is transmitted using a PC (personal computer) or a document is created using WP (word processor).
  • WP word processor
  • Plural services are then supplied on the display of the equipment.
  • the electric mail represents a private letter and its security degree is high.
  • the security degree of the document by WP differs according to the kind of the document. While the user creates the document whose security degree is low, the security degree of the document grows by adding another important document. In this way, the security degree is dynamically changed according to the kind of the service/information.
  • FIG. 10 is a flow chart of processing of the service supply permission section 2 according to the seventh embodiment.
  • step S 25 added between S 11 and S 12 is a different step in comparison with FIG. 3 .
  • the service supply permission section 2 controlls controls the supply of the service according to the security degree set by the kind of service/information (step S 25 ).
  • the security degree is set to a mail tool to display the mail but not set to a WP tool. For example, when another person watches the display behind the user, the mail tool is only interrupted (the mail window is closed) and the WP window is continuously opened.
  • the user sets disclosure-possible at the head portion of mail to be sent.
  • a window showing the mail tool does not react to the infringement of the security.
  • the mail is able to remain disclosing.
  • the WP window to display the document reacts to the infringement of security.
  • the sequrity security degree for creating the document is dynamically changed by adding other important document. In this way, even if the service is supplied to the same object, the supply of the service is interrupted or continued according to the content (for example, regular document or strict secret document).
  • the infringement of security of the user is detected.
  • the visual line of the user leaves the screen of the display, the window may be closed.
  • the supply of the service is interrupted when the visual line leaves the screen.
  • FIG. 11 is a block diagram of the situation detection section 1 according to the eighth embodiment.
  • a visual line detection section 16 is an added section in comparison with FIG. 2 .
  • the visual line detection section 16 detects movement of the visual line of the user in case the user (registered) is included in the person discrimination information D 2 .
  • the face area of the user is extracted from the image and the eye area is extracted from the face area.
  • the visual line is pursued according to the eye area. In this case, if a direction of the visual line is toward a predetermined area (visual area of the screen), an indication is outputted. If the direction of the visual line is not toward the predetermined area, another indication is outputted.
  • These indications represent visual line information D 5 .
  • FIG. 12 is a flow chat of processing of the service supply permission section 2 according to the eighth embodiment.
  • step S 26 is added instead of step S 11 in comparison with FIG. 3 .
  • the visual line detection section 16 keeps watch for the movement of the visual line of the user. If the direction of the visual line departs from the predetermined area of the display (“Yes” at step S 26 ), the situation detection section 1 outputs the visual line information D 5 to the service supply permission section 2 .
  • FIG. 13 is a schematic diagram of detection of the visual lines of the user in the image according to the eighth embodiment. As shown in FIG. 13 , the visual lines of the user are detected from position of black eyes of the user's face in the image.
  • detection of the visual line of the user controlls controls the supply of the service. Therefore, when another person walks behind the user, security of the service is kept only if the visual line of the user departs from the display.
  • a direction of the visual line of the user controlls controls the supply of the service.
  • the supply of the service can not be controlled. If the user turns his eyes away from the display whenever the other person walks behind the user, the supply of the service is interrupted to every time. Therefore, in the ninth embodiment, detection of the visual line of the non-user controlls controls the supply of the service.
  • FIG. 14 is a flow chart of processing of the service supply permission section 2 according to the ninth embodiment.
  • step S 27 is added step between step S 11 and step S 12 in comparison with FIG. 3 .
  • the visual line detection section 16 detects the visual line of the non-user.
  • the person is not discriminated by referring to the person discrimination information D 2 (the person is decided to be a non-user)
  • the movement of the visual line of the non-user is detected.
  • the face area is extracted from the image including the non-user and the eye area is extracted from the face area.
  • the visual line of the eye area is pursued.
  • a direction of the visual line of the non-user points to a predetermined area (visible area of the display), an indication is outputted. If the direction of the visual line of the non-user does not point to the predetermined area, another indication is outputted. This purport is represented as the visual line information D 5 .
  • the situation detection section 1 detects that the non-user infringes the security of the non-user (“Yes” at step S 11 ). In this case, the visual line detection section 16 keeps watch for the move of the visual line of the user.
  • FIG. 15 is a schematic diagram of detection of the visual lines of the non-user in the image according to the ninth embodiment. As shown in FIG. 15 , the visual lines of the non-user are detected from position of black eyes of the non-user's face in the image.
  • the detection of the visual line of the non-user controlls the supply of the service. Therefore, in case the non-user looks furtively at the display behind the user, the security of the service for the user is kept.
  • FIG. 16 is a flow chart of processing of the service supply permission section 2 according to the tenth embodiment.
  • step S 26 and step S 27 are added steps in comparison with FIG. 3 .
  • the situation detection section 1 detects that the user is under a situation to be supplied the service (“Yes” at step S 8 ).
  • the visual line detection section 16 detects movement of the visual line of the user.
  • the situation detection section 1 outputs the visual line information D 5 to the service supply permission section 2 .
  • the service supply permission section 2 controlls controls the service supply section 3 to interrupt the supply of the service (step S 12 ).
  • the situation detection section 1 detects that the non-user infringes the service of the user (“Yes” at step S 11 ).
  • the visual line detection section 16 keeps watch for movement of the visual line of the non-user. If the direction of the visual line of the non-user points to the predetermined area of the display (the non-user watches the display behind the user) (“No” at step S 27 ), the situation detection section 1 outputs the visual line information to the service supply permission section 2 .
  • the service supply permission section 2 controlls controls the service supply section 3 to interrupt the supply of the service (step S 12 ).
  • the visual line of the user or the non-user is detected.
  • the supply of the service may be controlled.
  • the supply of the service is interrupted.
  • the non-user if the direction of the non-user's face points to the display, the supply of the service is interrupted.
  • the face area is extracted from the image including the user or the non-user. The direction of the face is pursued according to the face area.
  • the image is used for detecting the person information.
  • sound or wireless may be used for detecting the person information.
  • the user is specified by the user's voice existing in the service-use area. If the user's voice is continuously detected, it is decided that the user is under a situation to be supplied the service. If a voice other than the user's is detected, it is decided that the security of the service of the user is infringed.
  • the wireless the user is specified by detecting ID information of a wireless card. The user previously brings the wireless card with him. If the ID information of the user's wireless card is continuously detected, it is decided that the user is under a situation to be supplied the service. If ID information other than the user's wireless card is detected, it is decided that the sequrity security of the service of the user is infringed.
  • FIG. 17 is a schematic diagram showing a method of supplying a software for the present invention.
  • a series of processings of the service supply permission section 2 (shown in FIGS. 3-6 , 8 - 10 , 12 , 14 , 16 ) and necessary information may be stored in a memory device as shown in FIG. 17 .
  • the memory device is applied for each apparatus or content of the memory device is transmitted to each apparatus by a communication device.
  • a memory can be used to store instructions for performing the process described above, such a memory can be a CD-ROM, floppy disk, hard disk, magnetic tape, semiconductor memory, and so on.

Abstract

A security apparatus. A service is supplied to a user while maintaining the security of the service. A person discrimination section discriminates the user to be supplied the service. A user situation decision section decides whether the user is under a situation to use the service. An infringement situation decision section detects whether a non-user intrudes into a use area of the service in order to decide whether the security of the service is infringed. A service control section supplies the service to the user in case the person discrimination section discriminates the user, and controls a supply of the service if the use situation decision section decides the user is not under the situation to use the service or the infringement situation decision section decides that the security of the service is infringed.

Description

This application is a reissue of Ser. No. 08/810,623 filed on Feb. 28, 1997 (U.S. Pat. No. 6,049,875 ).
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a security apparatus and a method for supplying a service to a user by confirming a use situation of the user and infringement situation of non-user in order to keep safety and reliability for the service.
2. Description of the Related Art
A method to specify the user in service-use area by electrical means and to execute security for each kind of service is very important in present electrical society. Various kinds of security means, for example, memorized number, magnetic card, IC card, wireless card, sound comparison, fingerprint comparison, retina comparison and face comparison, have been used. However, the memorized number, the magnetic card, the IC card and the wireless card specifies the user by information only the user knows or with a memory device key for only the user. Therefore, they are in danger of being used unjustly.
On the other hand, sound comparison, fingerprint comparison, retina comparison, and face comparison are effective personal confirmation means to defect detect an other's unjust use because the user's physical features are used as a key. However, the personal confirmation is only used at the beginning of service. After the service begins, the service can not be interrupted. Therfore Therefore, even if an other person changes for the user after the service is begun, the service can not be interrupted. In short, this kind of service includes danger that the other person utilizes the service unjusty unjustly. This kind of problem is included in the memorized number, the magnetic card, the IC card and the wireless card.
As mentiored mentioned above, the known security apparatuses include the following problems.
(1) After security is cancelled by confirming the user, security function is not executed while supplying the service. Therefore, even if an other person changes for the user, the service is still supplied continuously.
(2) While supplying the service to the user, it often happens that an other person watches information not to be disclosed on display from behind the user. This problem occurs because security is not provided in the physical space surrounding the user and the apparatus even if security is executed inside the apparatus electrically. Especially, this problem happens when the service is supplied to the user in public place in which other persons are not excluded.
SUMMARY OF THE INVENTION
It is an object of the present invention to provide a security apparatus and method to supply a service to the user while safety and reliability for the service are kept.
According to the present invention, there is provided a security apparatus for a device supplying a service to a user, comprising: person discrimination means for recognizing a user requesting the service; use situation decision means for deciding whether the user is under a situation to use the service; infringement situation decision means for detecting whether a non-user intrudes into a use area the service to decide whether of the service is infringed; service control means for supplying the service to the user in case said person discrimination means recognizes the user, and for controlling a supply of the service if said use situation decision means decides the user is not under the situation to use the service or if said infringement situation decision means decides that the security of the service is infringed.
Further in accordance with the present invention, there is provided a security method associated with supplying a service to a user, comprising the step of: recognizing a user desiring the service: supplying the service to the user if the user is recognized; deciding whether the user is under a situation to use the service; deciding whether a non-user intrudes into a use area of the service; and controlling the supply of the service if the user is not under the situation to use the service or if the non-user is intruding into the use area of the service.
Further in accordance with the present invention, there is also provided a computer readable memory containing computer-readable instructions to supply a service to a user, comprising: instruction means for causing a computer to recognize a user desiring the service; instruction means for causing a computer to supply the service to the user if the user is recognized; instruction means for causing a computer to decide whether the user is under a situation to use the service; instruction means for causing a computer to decide whether a non-user intrudes into a use area of the service; and instruction means for causing a computer to control a supply of the service if the user is decided not under the situation to use the service or the non-user is decided to intrude into the use area of the service.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram of the security apparatus according to the present invention.
FIG. 2 is a block diagram of the situation detection section of the security apparatus according to the present invention.
FIG. 3 is a flow chart of processing of a service supply permission section according to a first embodiment of the present invention.
FIG. 4 is a flow chart of processing of the service supply permission section according to a second embodiment of the present invention.
FIG. 5 is a flow chart of processing of the service supply permission section according to a third embodiment of the present invention.
FIG. 6 is a flow chart of processing of the service supply permission section according to a fourth embodiment of the present invention.
FIG. 7 is a block diagram of the sequritysecurity apparatus according to a fifth embodiment of the present invention.
FIG. 8 is a flow chart of processing of the service supply permission section according to the fifth embodiment of the present invention.
FIG. 9 is a flow chart of processing of the service supply permission section according to a sixth embodiment of the pressentpresent invention.
FIG. 10 is a flow chart of processing of the service supply permission section according to a seventh embodiment of the present invention.
FIG. 11 is a block diagram of the sequritysecurity apparatus according to a eighth embodiment of the present invention.
FIG. 12 is a flow chart of processing of the service supply permission section according to the eighth embodiment of the present invention.
FIG. 13 is a schematic diagram of detection of visual lines of the user in the image according to the eighth embodiment of the present invention.
FIG. 14 is a flow chart of processing of the service supply permission section according to a ninth embodiment of the present invention.
FIG. 15 is a schematic diagram of detection of visual lines of the non-user in the image according to the ninth embodiment of the present invention.
FIG. 16 is a flow chart of processing of the service supply permission section according to a tenth embodiment of the present invention.
FIG. 17 is a schematic diagram of supply method for the security apparatus by software according to the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The embodiments of the present invention are described below with reference to the drawings. FIG. 1 is a block diagram of the security apparatus according to the present invention. The security apparatus of the present invention is comprised of a situation detection section 1, a service supply permission section 2 and a service supply section 3. The situation detection section 1 discriminates the user in service-user area, detects whether the user is under a situation to use the service (use situation) and detects whether a non-user infringes the security of the user (infringement situation). The detection result of the use situation and the infringement situation is outputted to the service supply permission section 2 as person information. In this place, the situation that the user can utilize the service represents that the user is confirmed to be permitted the supply of the service and the user continuously utilizes the service. A situation that the user continuously utilizes the service represents a status that the user actually interacts with the service application (the user inputs operation to system or the user is supplied output from the system). A status of non-interaction within predetermined time indicates thinking, chattering, looking away. Another status indicates when the user moves away from service use-space within a predetermined time.
The situation that a non-user infringes the security of the user represents that a person other than the confirmed user intentionally or accidentally uses the service while the service is supplied to the confirmed user. The other person can then interact with the operation or information to be disclosed only to the confirmed user. When the user interacts with the service application of the system through a display, the other person looks on the display behind the user. Otherwise, the other person intends to interact with the service application in the user's absence within the predetermined time.
In order to detect each situation, the situation detection section 1 monitors service-use area using image or sound. Especially, the use situation of the user and the infringement situation of the security are detected by the image (person detection/direction of face detection/person confirmation) and the sound (person detection/person specification/chattering detection). Monitoring may be wireless.
The service supply permission section 2 controls start/interruption/interruption and cancellation/end of the service for the service supply section 3 according to the detection result of the situation detection section 1. In this case, the service supply permission section 2 starts the supply of the service when the user is specified in the service-use area. The service supply permission section 2 controls the supply of the service in at least one of the cases where the user does not utilize the service or where the security of the user is infringed. Especially when the use does not utilize the service during the supply of the service, the supply of the service finishes. If the security of the user is infringed by another person, the supply of the service interupts interrupts until the infringement is relieved. The service supply section 3 supplies various kinds of service under the control of the service supply permission section 2. For example, an uninhabited ATM (antomatic automatic teller's machine), a portable terminal, or a computer used by several persons may comprise the service supply section 3.
FIG. 2 is a block diagram of the situation detection section 1. In this case, an image is used as a way to discriminate the user, detecting the use situation, or detect an infringement situation. The situation detection section 1 is comprised of an image input section 11, a person area detection section 12, a person comparison section 13, a use situation decision section 14 and an infringement situation decision section 15. The image imputinput section 11 inputs an image through a TV camera. The TV camera is set in the service use area for continuously observing the user to be supplied the service. The person area detection section 12 analyzes images input by the image input section 11 and monitors the secure area from the input image. For example, a difference between the input image and background image (uninhabited area) indicates a person present in the secure area. The person area detection section 12 outputs person detection information D1 when the person present is detected and outputs non-detection information D1 when the person present is not detected.
The person comparison section 13 compares the person present area image with the content of a person comparison dictionary to specify which person is present in the secure area image. The person comparison dictionary previously stores at least comparison information of persons permitted to use the service. The person comparison section 13 outputs person discrimination information D2 representing whether the person present coincides with a person permitted to use the service. If the person present coincides with a person permitted to use the service in the person comparison dictionary, the person present is registered as the user who can be supplied the service.
The use situation decision section 14 detects whether the user is under a situation capable of using the service. After the user of the person area is registered and if the registered user is now included in the person discrimination information D2, the user is decided to be capable of using the service. The use situation decison decision section 14 outputs use situation information D3 representing whether the user is capable of using the service.
The infringement situation decision section 15 detects whether a non-user infringes the security of the service. If a person other than the user utilizing the service now is included in the person discrimination information D2, the infringement situation decision section 15 decides that the security of the service is infringed, and outputs infringement situation information D4 indicates a breach of security. The person detection/non-detection information D1, the person discrimination information D2, the use situation information D3, the infringement situation information D4 are called person information. The person information is read out by the service supply permission section 2 (step S1 in FIG. 3 explained afterward) and referred at steps S3, S4, S8, S11 in FIG. 3.
FIG. 3 is a flow chart of processing of the service supply permission section 2. As mentioned above, the situation detection section 1 discriminates the user in the service-use area and monitors the use situation and the infringement situation using the image inputted from the TV camera. The person information as detection result of the situation detection section 1 is outputted to the service supply permission section 2. By using the person information, the service supply permission section 2 executes a security controlling process to the service supply section 3. First, the service supply permission section 2 obtains the person information from the situation detection section 1 (step S1). When the supply of the service begins (“No” at step S2), the service supply permission section 2 monitors the security area in the service use area according to the person detection/non-detection information D1 (step S3). If a person area is not detected (“No” at step S3), processing of the service supply permission section 2 is returned to step S1. On the other hand, if a person is detected (“Yes” at step S3), the service supply permission section 2 decides whether the person is permitted as a user (step S4). As a result, in case the person is not permitted as a user (“No” at step S4), the service supply permission section 2 rejects the supply of the service (step S5) and returns processing to step S1. In case the person is permitted as a user (“Yes” at step S4), the service supply permission section 2 registers the person as the user (step S6). After that, the use situation of the person is continuously monitored. The service supply permission section 2 begins the supply of the service (step S7) and returns the processing to S1.
The above process steps (steps S1-S7) are the same as normal confirmation of security (from confirming the user to begining beginning the supply of the service). In this place, after the supply of the service is begun, the registered user exists in the service-use area and the registered person must be detected at step S1. After the supply of the service is begun, the processing is returned to step S8 through steps S1 and S2.
The service supply permission section 2 decides whether the registered person is using the service according to the use situation information D3 (step S8). As a result, if the situation of using the service is detected, for example, a user's absence continues above a predetermined time (“No” at step S8), the service supply permission section 2 terminates the supply of the service immediately (step S9). Next, the registration of the user is cancelled (step S10) and the processing returns to step S1 in order to register a new user.
On the other hand, the service supply permission section 2 decides whether a non-user infringes the security of the user according to the infringement situation information D4 (step S11). As a result, if the situation that a non-user infringes the security is detected, for example, an other person watches the display behind the user during the supply of the service (“Yes” at step S11), the service supply permission section 2 temporarily interrupts the service to maintain security untill the security is not infringed (step S12). If a situation that the security is not infringed is detected during the interruption of the service (“Yes” at step S13), the service supply permission section 2 cancels the interruption of the service and begins the supply of the service (step S14).
In this way, in case the user permitted the service is specified in the service use area, the supply of the service is begun. During the supply of the service, if the user is not using the service or if the security is breached, the supply of the service finishes or interrupts. Accordingly, the security is maintained during all periods of begining beginning/supplying/end of the service. For example, in case the registered user is confirmed and supplied money through an Automatic Teller Machine, or the user operates a handy terminal by watching secret information on a display, the security of the user is effectively protected according to the present invention.
Next, additional embodiments of the present invention will be explained.
(a) ease of monopoly of terminal/improvement of common use of terminal (second embodiment)
In the first embodiment, another person can not use the terminal while the user is supplied the service through the terminal. Therefore, the other person must wait to use the same terminal untill until the first user finishes. In short, in the first embodiment, use by a specified user for the terminal excludes use by an other another person.
In a second embodiment, in case the situation for the user not capable of using the service is detected before the supply of the service for the user finishes, the supply of the service is reserved (interrupted) and the new user can be supplied the service from the begining beginning. As a result, during the interruption of the service, a different service is supplied to another user. When the original user comes back to the terminal, the reserved service is supplied to the original user again. Therefore, while each service is not completed respectively, plural users can be supplied each service from the same terminal one after another. Additionally, if the original user does not come back to the same terminal, the reserved service is finished and memory area corresponding to the reserved service is relieved to save memory resources.
FIG. 4 is a flow chart of processing of the service supply permission section according to the second embodiment. In this case, assume that a computer network is commonly used by plural users and a plurality of terminals connected to the network provide a security function. In FIG. 4, steps S15, S16, S17, S18 are newly added in comparison with FIG. 3. Each user is confrmed respectively and supplied the service through a respective terminal (step S1, S2).
In this place, assume that a user A creates a document using a terminal A and leaves from the terminal A without completing the work. The terminal A detects that the user A is not using the service (“No” at step S8) and that the supply of the service is not completed (“No” at step S15). The service of creating the document at the present time is stored (reserved) in a memory area of the terminal and the supply of the teminal terminal is interrupted (step S16, S17). In this case, the situation for the user not using the service is detected according to the use situation information D3. Completion situation of the supply of the service is decided by completion notice sent by the user. Next, a user B is confirmed by the teminal terminal A and works through the terminal A. Assume that when the user A comes back to the terminal A, the user B goes away from the terminal A. The terminal A newly reserves the results of the service for the user B (steps S8, S15, S16, S17) and begins the supply of the reserved service to the user A (steps S8, S11, S13, S14). The memory area to store the result of the service is commonly used by each terminal on the network. Therefore, if the user B is confirmed by a terminal B (steps S4, S6, S7), the reserved result of the service for the user B is supplied through the terminal B (steps S8, S11, S13, S14). On the other hand, if the user A does not come back to the terminal A during a predetermined time (“Yes” at step S18), the terminal A finishes the service of the user A immediately and relieves the memory area corresponding to the service result of the user A (steps S9, S10). In this way, a situation of storing many service results in memory area is prevented. The predetermined time as decison decision standard at step S18 is freely set by the kind of the service.
As mentioned above, in the second embodiment, the supply of the service for each user is reserved untill until the work of each user is completed. In short, a right service-use generated by confirming the user is assured untill until the user's work is completed. The user B does not have to wait untill until the user A finishes using the terminal. By changing the user A for the user B, the user B can use the terminal without infringement for the security of the user A.
(b) Extention Extension for unspecified user (third embodiment)
In the first embodiment, in order to be supplied the service, the user must be confirmed as a registered person. In short, if the user is not previously registered, he can not be supplied the service. However, there is a service to be used by many and unspecified persons. Therefore, in a third embodiment, the service is supplied to an unspecified person without confirmation. At that time, a comparison dictionary of the unspecified person is generate and registered. During the supply of the service, the user (the unspecified person) is discriminated from other users by referring to the comparison dictionary. Therefore, the service is supplied to many and unspecified persons while the security is maintained.
FIG. 5 is a flow chart of processing of the service supply permission section 2 according to the third embodiment. In FIG. 5, step S19 is newly added instead of steps S4, S5 in comparison with FIG. 3. When the supply of the service is begun (“No” at step S2), the service supply permission section 2 detects the person in the service use area according to the person detection/non-detection information D1 (step S3). If the person is detected (“Yes” at step S3), the service supply permission section 2 generates the person comparison dictionary (step S19) and registers the person as a new user (step S6). After that, the use situation of the new user is continuously monitored, and the service supply permission section 2 begins to supply the service (step S7). In this way, the service is supplied to an unspecified person without confirmation and the person comparison dictionary is generated to be registered. Therefore, a new user except for the pre-registered user is able to be supplied the service. In this case, during the supply of the service for the new user, he is discriminated from another person by referring the person comparison dictionary in order to maintain the security.
(c) Warning of infringement (fourth embodiment)
In the fourth embodiment, when an infringement situation of the security is detected, a warning is sent to the user. In this case, the service supply permission section 2 controlls controls the begining beginning and end of the service and does not execute interruption and cancellation of the service in case of infringement of the security.
FIG. 6 is a flow chart of processing of the service supply permission section 2 according to the fourth embodiment. In FIG. 6, step S20 is a newly added step instead of step S12 in comparison with FIG. 3. First, when the situation detection section 1 detects the infringement situation of non-user (“Yes” at step S11), the service supply permission section 2 sends a warning of the infringement to the user (step S20). Concretely speaking, the warning is outputted through an image (warning sentence/mark, controlling of color/brightness/blink) or sound (speaking of warning sentence/warning buzzer). When the user receives the warning, it is possible for the user to protect his security by, for example, turning off a power supply of the terminal or hiding a display of the terminal.
(d) Interactive controlling in case of warning (fifth embodiment)
In the fifth embodiment, by using input means (key board) and output means (display), the supply of the service is controlled by the user's operation for the warning. FIG. 7 is a block diagram of the security apparatus according to the fifth embodiment. In FIG. 7, an interactive control section 4 is a new section in comparison with FIG. 1. FIG. 8 is a flow chart of processing of the service supply permission section 2 according to the fifth embodiment. In FIG. 8, steps S20, S21 are new added steps in comparison with FIG. 3.
The interactive control section 4 receives an indication of the user for the warning of the infringement and controlls the supply of the service according to the indication. The kind of the indication is continuation/interruption/end of the service. The user selects the kind of the indication by, for example, using a keyboard. In FIG. 8, during the supply of the service, if the situation detection section 1 detects infringement by a non-user (“Yes” at step S11), the service supply permission section 2 sends the warning to the user (step S20). After sending the warning, the interactive control section 4 receives an indication of the user (step S21), the service supply permission section 2 controlls controls the supply of the service according to the indication.
If the user indicates continuation of the service (“CONTINUATION” at step S21), the interactive control section 4 outputs the indication of continuation to the service supply permission section 2. The service supply section 3 continues to supply the service according to the indication of continuation.
If the user indicates interruption of the service (“INTERRUPTION” at step S21), the interactive control section 4 outputs the indication of interruption to the service supply permission section 2. The service supply section 3 interrupts the supply of the service according to the indication of the interruption.
If the user indices end of the service (“END” at step S21), the interractive interactive control section 4 outputs the indication of end to the service supply permission section 2. The service supply section 3 finishes the supply of the service.
In this way, when the user receives the warning of infringement, the user can select continuation/interruption/end of service by using interactive function. As a result, if the user works through equipment in an office, whenever an office colleague (person not necessary for security) stands behind the user, interruption of the work is excluded. In short a change for the worse an interruption, of use-feeling of the equipment is avoided. Otherwise, when using the equipment in a public place, interruption of the service is indicated by the user for the warning of a non-user standing behind the user.
In the fifth embodiment, the user can select the indication to keep security in case of infringement of the security. After selecting the indication, the apparatus (equipment) can automatically keep the security of the user. In this case, if the warning of the infringement is outputted as an image, the user understands circumstances around the user by watching the image (the user and non-user are included). The user can select the indication (continuation/interruption/end of the service) according to the circumstances.
(e) Default action of neglecting the warning (sixth embodiment)
In the sixth embodiment, in case the indication is not selected by the user within predetermined time after generating the warning, the apparatus automatically executes predetermined (default) controlling of the supply of the service. This predetermined controlling is freely set by the user.
FIG. 9 is a flow chart of processing of the service supply permission section 2. In FIG. 9, steps S20, S21, S22, S23, S24 are added steps in comparison with FIG. 3. The construction of the security apparatus of the fifth embodiment is the same as in FIG. 7. In FIG. 9, during the supply of the service, if the situation detection section 1 detects an infringement situation (“Yes” at step S11), the service supply permission section 2 sends the warning to the user (step S20). After the warning, the interactive control section 4 receives indication of the user. In this case, if no indication of the user is received above predetermined time (step S22, S23), the interactive control section 4 outputs the purport of no indication to the service supply permission section 2. The service supply permission section 2controllscontrols the supply of the service according to a predetermined control (step S24). For example, if continuation of the service is set as the predetermined control (“CONTINUATION” at step S24), the service supply section continues to supply the service. If interruption of the service is set as the predetermined control (“INTERRUPTION” at step S24), the service supply section 3 interrupts the supply of the service. If end of the service is set as the predetermined controlling (“END” at step S24), the service supply section 3 finishes the supply of the service. On the other hand, if the indication of the user is received within the predetermined time (“Yes” at step S22), the interactive control section 4 receives the indication (step S21) and the service supply permission section 2controllscontrols the supply of the service according to the indication. In this case, if the user indicates continuation of the service (“CONTINUATION” at step S21), the interactive control section 4 outputs the continuation indication to the service supply permission section 2. The service supply section 3 continues to supply the service. If the user indicates interruption of the service (“INTERRUPTION” at step S21), the interactive control section 4 outputs the interruption indication to the service supply permission section 2. The service supply section 3 interrupts the supply of the service. If the user indicates end of the service (“END” at step S21), the interactive control section 4 outputs the end indication to the service supply permission section 2. The service supply section 3 finishes the supply of the service.
In this way, if the user neglects a warning of infringement, the security of the user is kept according to a predetermined control (action of default). Otherwise, it is possible to control the supply of the service different form the predetermined control for some reasons by a user's indication in case of the warning. For example, in an office, as for the warning generated whenever a colleague stands behind the user operating the equipment, the user does not have to indicate continuation of the service. The predetermined control is already set as continuation of the service. In this case, the user can continue the operation while neglecting the warning. In case the user operates the equipment in a public place, the predetermined control is set as interruption of the service. In this case, security of the user for the equipment is protected while he neglects the warning.
(f) Security degree by unit of service/information (seventh embodiment)
In the above embodiments, predetermined security is activated for service or information. However, security degree is actually different by unit of service/information. If a fixed security degree is activated, useless interruption of the service is often executed. This happens in case of plural workers using information equipment. Accordingly, it is desired that the security is activated according to the kind of the service/information. For example, assume that electric mail is transmitted using a PC (personal computer) or a document is created using WP (word processor). Plural services are then supplied on the display of the equipment. The electric mail represents a private letter and its security degree is high. On the other hand, the security degree of the document by WP differs according to the kind of the document. While the user creates the document whose security degree is low, the security degree of the document grows by adding another important document. In this way, the security degree is dynamically changed according to the kind of the service/information.
In the seventh embodiment, the security degree is changed by unit of the service/information. FIG. 10 is a flow chart of processing of the service supply permission section 2 according to the seventh embodiment. In FIG. 10, step S25 added between S11 and S12 is a different step in comparison with FIG. 3. During the supply of the service, if the situation detection section 2 detects infringement of the security (“Yes” at step S11), the service supply permission section 2 controlls controls the supply of the service according to the security degree set by the kind of service/information (step S25). In this case, it may be possible that the security degree is set to a mail tool to display the mail but not set to a WP tool. For example, when another person watches the display behind the user, the mail tool is only interrupted (the mail window is closed) and the WP window is continuously opened.
As for setting the security degree, for example, the user sets disclosure-possible at the head portion of mail to be sent. A window showing the mail tool does not react to the infringement of the security. As for both sending side or receiving side, the mail is able to remain disclosing.
If the user indicates a strict secret at the header of a document, the WP window to display the document reacts to the infringement of security. For example, the sequrity security degree for creating the document is dynamically changed by adding other important document. In this way, even if the service is supplied to the same object, the supply of the service is interrupted or continued according to the content (for example, regular document or strict secret document).
(g) detection of visual line 1 (eighth embodiment)
In the above embodiments, when another person watches the display behind the user creating a document, the infringement of security of the user is detected. However, it is not necessary to pay attention to the other person, but to pay attention to the visual line (or line of sight) of the user. For example, when the visual line of the user leaves the screen of the display, the window may be closed. In the eighth embodiment, by detecting a visual line of the user as use situation, the supply of the service is interrupted when the visual line leaves the screen.
FIG. 11 is a block diagram of the situation detection section 1 according to the eighth embodiment. A visual line detection section 16 is an added section in comparison with FIG. 2. The visual line detection section 16 detects movement of the visual line of the user in case the user (registered) is included in the person discrimination information D2. For example, the face area of the user is extracted from the image and the eye area is extracted from the face area. The visual line is pursued according to the eye area. In this case, if a direction of the visual line is toward a predetermined area (visual area of the screen), an indication is outputted. If the direction of the visual line is not toward the predetermined area, another indication is outputted. These indications represent visual line information D5.
In this way, in the eighth embodiment, the visual line information D5 is outputted to the service supply permission section 2 as one of the person information. FIG. 12 is a flow chat of processing of the service supply permission section 2 according to the eighth embodiment. In FIG. 12, step S26 is added instead of step S11 in comparison with FIG. 3. During the supply of the service, assume that the situation detection section 1 detects that the user is under a situation to be supplied the service (“Yes” at step S8). In this case, the visual line detection section 16 keeps watch for the movement of the visual line of the user. If the direction of the visual line departs from the predetermined area of the display (“Yes” at step S26), the situation detection section 1 outputs the visual line information D5 to the service supply permission section 2. The service supply permission section 2 controls the service supply section 3 to interrupt the supply of the service (step S12). FIG. 13 is a schematic diagram of detection of the visual lines of the user in the image according to the eighth embodiment. As shown in FIG. 13, the visual lines of the user are detected from position of black eyes of the user's face in the image.
In this way, in the eighth embodiment, detection of the visual line of the user controlls controls the supply of the service. Therefore, when another person walks behind the user, security of the service is kept only if the visual line of the user departs from the display.
(h) Detection of visual line 2 (ninth embodiment)
In the eighth embodiment, a direction of the visual line of the user controlls controls the supply of the service. However, if another person looks furtively at the display behind the user, the supply of the service can not be controlled. If the user turns his eyes away from the display whenever the other person walks behind the user, the supply of the service is interrupted to every time. Therefore, in the ninth embodiment, detection of the visual line of the non-user controlls controls the supply of the service.
FIG. 14 is a flow chart of processing of the service supply permission section 2 according to the ninth embodiment. In FIG. 14, step S27 is added step between step S11 and step S12 in comparison with FIG. 3. In this case, the visual line detection section 16 detects the visual line of the non-user. In case the person is not discriminated by referring to the person discrimination information D2 (the person is decided to be a non-user), the movement of the visual line of the non-user is detected. In the same way as in the eighth embodiment, the face area is extracted from the image including the non-user and the eye area is extracted from the face area. The visual line of the eye area is pursued. If a direction of the visual line of the non-user points to a predetermined area (visible area of the display), an indication is outputted. If the direction of the visual line of the non-user does not point to the predetermined area, another indication is outputted. This purport is represented as the visual line information D5. During the supply of the service, assume that the situation detection section 1 detects that the non-user infringes the security of the non-user (“Yes” at step S11). In this case, the visual line detection section 16 keeps watch for the move of the visual line of the user. If the direction of the visual line of the non-user points to the predetermined area, for example, the non-user watches the display behind the user (“No” at step S27), the situation detection section 1 outputs the visual line information to the service supply permission section 2. The service supply permission section 2 controlls the service supply section 3 to interrupt the supply of the service. FIG. 15 is a schematic diagram of detection of the visual lines of the non-user in the image according to the ninth embodiment. As shown in FIG. 15, the visual lines of the non-user are detected from position of black eyes of the non-user's face in the image.
In this way, in the ninth embodiment, the detection of the visual line of the non-user controlls the supply of the service. Therefore, in case the non-user looks furtively at the display behind the user, the security of the service for the user is kept.
(i) Detection of visual line 3 (tenth embodiment)
In the tenth embodiment, detection of the visual line of the user and the non-user controlls controls the supply of the service. FIG. 16 is a flow chart of processing of the service supply permission section 2 according to the tenth embodiment. In FIG. 16, step S26 and step S27 are added steps in comparison with FIG. 3. During the supply of the service, assume that the situation detection section 1 detects that the user is under a situation to be supplied the service (“Yes” at step S8). In this case, the visual line detection section 16 detects movement of the visual line of the user. If the visual line of the user departs from the predetermined area, for example, the user turns his eyes away from the display (“Yes” at step S26), the situation detection section 1 outputs the visual line information D5 to the service supply permission section 2. Then, the service supply permission section 2 controlls controls the service supply section 3 to interrupt the supply of the service (step S12).
On the other hand, assume that the direction of the user points to the predetermined area of the display (the user does not turn his eyes away from the display) (“No” at step S26) and the situation detection section 1 detects that the non-user infringes the service of the user (“Yes” at step S11). In this case, the visual line detection section 16 keeps watch for movement of the visual line of the non-user. If the direction of the visual line of the non-user points to the predetermined area of the display (the non-user watches the display behind the user) (“No” at step S27), the situation detection section 1 outputs the visual line information to the service supply permission section 2. The service supply permission section 2 controlls controls the service supply section 3 to interrupt the supply of the service (step S12).
In this way, in the tenth embodiment, detection of the visual line of the user and the non-user controlls controls the supply of the service. Therefore, the security of the service for the user is strengthened.
In the eighth, ninth, tenth embodiments, the visual line of the user or the non-user is detected. However, by detecting a direction of a face of the user or non-user, the supply of the service may be controlled. In this case, as for the user, if the direction of the user's face does not point to the display, the supply of the service is interrupted. As for the non-user, if the direction of the non-user's face points to the display, the supply of the service is interrupted. As for the method for detecting the direction of the face, the face area is extracted from the image including the user or the non-user. The direction of the face is pursued according to the face area.
In the above embodiments, the image is used for detecting the person information. However, sound or wireless may be used for detecting the person information. In case of the sound, the user is specified by the user's voice existing in the service-use area. If the user's voice is continuously detected, it is decided that the user is under a situation to be supplied the service. If a voice other than the user's is detected, it is decided that the security of the service of the user is infringed. In case of the wireless, the user is specified by detecting ID information of a wireless card. The user previously brings the wireless card with him. If the ID information of the user's wireless card is continuously detected, it is decided that the user is under a situation to be supplied the service. If ID information other than the user's wireless card is detected, it is decided that the sequrity security of the service of the user is infringed.
FIG. 17 is a schematic diagram showing a method of supplying a software for the present invention. A series of processings of the service supply permission section 2 (shown in FIGS. 3-6, 8-10, 12, 14, 16) and necessary information may be stored in a memory device as shown in FIG. 17. In this case, it is possible that the memory device is applied for each apparatus or content of the memory device is transmitted to each apparatus by a communication device.
A memory can be used to store instructions for performing the process described above, such a memory can be a CD-ROM, floppy disk, hard disk, magnetic tape, semiconductor memory, and so on.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. It is intended that the specification and examples be considered as exemplary only, with the true scope and spirit of the invention being indicated by the following claims.

Claims (44)

1. A security apparatus for a device supplying a service to a user in a service use area surrounding the user, comprising:
image input means for continuously inputting an image to monitor the service use area;
person discrimination means for continuously recognizing a person in the input image, and for registering the person as a user allowed to use the service if the person is recognized as an authorized user;
use situation decision means for deciding that the user is not under a situation to use the service in case the user is not recognized in the input image;
infringement situation decision means for deciding that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
service control means for supplying the service to the authorized user and for controlling a supply of the service if said use situation decision means decides that the user is not under the situation to use the service or if said infringement situation decision means decides that the security of the service use area is infringed.
2. The security apparatus according to claim 1, wherein said service control means finishes the supply of the service in case said use situation decision means decides the user is not under the situation to use the service.
3. The security apparatus according to claim 1,
wherein said service control means interrupts the supply of the service until the infringement situation is relieved in case said infringement situation decision means decides the security of the service is infringed.
4. The security apparatus according to claim 1,
wherein said service control means decides whether work of the user for the service is completed or not in case said use situation decision means decides the user is not under the situation to use the service.
5. The security apparatus according to claim 4,
wherein said service control means finishes the supply of the service in case the work of the user for the service is completed, interrupts the supply of the service in case the work of the user for the service is not completed, and relieves an interruption of the supply of the service in case said use situation decision means decides the user is under the situation to use the service again.
6. The security apparatus according to claim 1,
wherein said person discrimination means recognizes the user by referring to a person comparison dictionary to recognize persons allowed to use the service.
7. The security apparatus according to claim 1,
wherein said person discrimination means generates a person comparison dictionary to recognize unspecified users allowed to use the service, and recognizes the unspecified person by referring to the person comparison dictionary while the unspecified person is a user.
8. The security apparatus according to claim 1,
wherein said service control means sends a warning to the user when said infringement situation decision means decides the security of the service is infringed.
9. The security apparatus according to claim 8,
wherein said service control means controls the supply of the service in accordance with an indication of the user being warned.
10. The security apparatus according to claim 1,
wherein said service control means controls the supply of the service in accordance with security degrees preset in a unit of the service information for the service.
11. The security apparatus according to claim 1,
wherein said service control means detects movement of the visual line or a direction of the face of the user and controls the supply of the service in accordance with the movement of the visual line or the direction of the face of the user.
12. The security apparatus according to claim 1,
wherein said service control means detects movement of the visual line or a direction of the face of the non-user and controls the supply of the service in accordance with the movement of the visual line or the direction of the face of the non-user.
13. A security apparatus for a device supplying a service to a user, comprising:
person discrimination means for recognizing a user requesting the service;
use situation decision means for deciding whether the user is under a situation to use the service;
infringement situation decision means for detecting whether a non-user intrudes into a use area of the service to decide whether the service is infringed; and
service control means for supplying the service to the user in case said person discrimination means recognizes the user, and for controlling a supply of the service if said use situation decision means decides the user is not under the situation to use the service or if said infringement situation decision means decides that the security of the service is infringed,
wherein said service control means decides whether work of the user for the service is completed or not in case said use situation decision means decides the user is not under the situation to use the service,
wherein said service control means finishes the supply of the service in case the work of the user for the service is completed, interrupts the supply of the service in case the work of the user for the service is not completed, and relieves an interruption of the supply of the service in case said use situation decision means decides the user is under the situation to use the service again, and
wherein said service control means finishes the supply of the service in case said use situation decision means decides the user is not under the situation to use the service within a predetermined time during the interruption of the supply of the service.
14. A security apparatus for a device supplying a service to a user, comprising:
person discrimination means for recognizing a user requesting the service;
use situation decision means for deciding whether the user is under a situation to use the service;
infringement situation decision means for detecting whether a non-user intrudes into a use area of the service to decide whether the service is infringed; and
service control means for supplying the service to the user in case said person discrimination means recognizes the user, and for controlling a supply of the service if said use situation decision means decides the user is not under the situation to use the service or if said infringement situation decision means decides that the security of the service is infringed,
wherein said service control means sends a warning to the user when said infringement situation decision means decides the security of the service is infringed,
wherein said service control means controls the supply of the service in accordance with an indication of the user being warned, and
wherein said service control means controls the supply of the service in accordance with predetermined control information in case of a non-response of the user within a predetermined time after warning of the infringement.
15. A security method associated with supplying a service to a user in a service use area surrounding the user, comprising the steps of:
continuously inputting an image to monitor the service use area;
continuously recognizing a person in the input image;
registering the person as a user allowed to use the service if the person is recognized as an authorized user;
supplying the service to the authorized user;
deciding that the user is not under a situation to use the service in case the user is not recognized in the input image;
deciding that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
controlling the supply of the service if the user is not under the situation to use the service or if the security of the service use area is infringed.
16. A computer readable memory containing computer-readable instructions to supply a service to a user in a service use area surrounding the user, comprising:
instruction means for causing a computer to continuously input an image to monitor the service use area;
instruction means for causing a computer to continuously recognize a person in the input image;
instruction means for causing a computer to registor the person as a user allowed to use the service if the person is recognized as an authorized user;
instruction means for causing a computer to supply the service to the authorized user;
instruction means for causing a computer to decide that the user is not under a situation to use the service in case the user is not recognized in the input image;
instruction means for causing a computer to decide that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
instruction means for causing a computer to control a supply of the service if the user is not under the situation to use the service or if the security of the service use area is infringed.
17. A security control apparatus for controlling a supply of a service to a user in a service area, comprising:
a monitor unit configured to continuously input images of the service area;
a recognition unit configured to recognize the user as an authorized user from the input images, and to recognize at least one person other than the authorized user from the input images; and
a service control unit configured to supply the service to the authorized user when the user is recognized in the input images, and to control the supply of the service to the authorized user when the person other than the authorized user is recognized in the input images.
18. The security control apparatus according to claim 17, wherein said service control unit interrupts the supply of the service when the user is not recognized in the input images.
19. The security control apparatus according to claim 17, wherein said service control unit interrupts the supply of the service when the person other than the authorized user is recognized in the input images.
20. The security control apparatus according to claim 17, wherein said service control unit decides whether work of the user for the service is completed when the user is not recognized in the input images.
21. The security control apparatus according to claim 20, wherein said service control unit finishes the supply of the service if the work of the user for the service is completed, interrupts the supply of the service if the work of the user for the service is not completed, and relieves an interruption of the supply of the service when the user is recognized in the input images again.
22. The security control apparatus according to claim 17, wherein said recognition unit recognizes the user by referring to a person comparison dictionary to recognize persons allowed to use the service.
23. The security control apparatus according to claim 17, wherein said recognition unit generates a person comparison dictionary to recognize an unspecified person allowed to use the service, and recognizes the unspecified person as the user by referring to the person comparison dictionary.
24. The security control apparatus according to claim 17, wherein said service control unit sends a warning to the user when the person other than the authorized user is recognized in the input images.
25. The security control apparatus according to claim 24, wherein said service control unit controls the supply of the service in accordance with an indication of the user being warned.
26. The security control apparatus according to claim 17, wherein said service control unit controls the supply of the service in accordance with a security degree preset to each kind of the service.
27. The security control apparatus according to claim 17, wherein said service control unit detects a movement of the visual line or a direction of the face of the user, and controls the supply of the service in accordance with the movement of the visual line or the direction of the face of the user.
28. The security control apparatus according to claim 17, wherein said service control unit detects a movement of the visual line or a direction of the face of the nonuser, and controls the supply of the service in accordance with the movement of the visual line or the direction of the face of the non user.
29. A security control apparatus for controlling a supply of a service to a user in a service area, comprising:
a person recognition unit configured to recognize a user requesting the service;
a use situation decision unit configured to decide whether the user is under a situation to use the service in accordance with recognition result of said person recognition unit;
an intrusion situation decision unit configured to decide whether a non user intrudes into the service area in accordance with recognition result of said person recognition unit; and
a service control unit configured to supply the service to the user when said person recognition unit recognizes the user, and to control a supply of the service when said use situation decision unit decides the user is not under the situation to use the service or when said intrusion situation decision unit decides the non user intrudes into the service area.
30. The security control apparatus according to claim 29, wherein said service control unit interrupts the supply of the service when said use situation decision unit decides the user is not under a situation to use the service.
31. The security control apparatus according to claim 29, wherein said service control unit interrupts the supply of the service when said intrusion situation decision unit decides the non user intrudes into the service area.
32. The security control apparatus according to claim 29, wherein said service control unit decides whether work of the user for the service is completed or not when said use situation decision unit decides the user is not under the situation to use the service.
33. The security control apparatus according to claim 32, wherein said service control unit finishes the supply of the service if the work of the user for the service is completed, interrupts the supply of the service if the work of the user for the service is not completed, and relieves an interruption of the supply of the service when said use situation decision unit decides the user is under the situation to use the service again.
34. The security control apparatus according to claim 33, wherein said service control unit finishes the supply of the service when said use situation decision unit decides the user is not under the situation to use the service within a predetermined time during the interruption of the supply of the service.
35. The security control apparatus according to claim 29, wherein said service control unit sends a warning to the user when said intrusion situation decision unit decides the non user intrudes into the service area.
36. The security control apparatus according to claim 35, wherein said service control unit controls the supply of the service in accordance with an indication of the user being warned.
37. The security control apparatus according to claim 36, wherein said service control unit controls the supply of the service in accordance with predetermined control information in case of a non response of the user within a predetermined time after warning of the intrusion.
38. A security method for controlling a supply of a service to a user in a service area, comprising the steps of:
continuously inputting images of the service area;
recognizing the user as an authorized user from the input images;
recognizing at least one person other than the authorized user from the input images;
supplying the service to the authorized user when the user is recognized in the input images; and
controlling the supply of the service to the authorized user when the person other than the authorized user is recognized in the input images.
39. A computer readable memory containing computer readable instructions to control a supply of a service to a user in a service area, comprising:
an instruction unit to continuously input images of the service area;
an instruction unit to recognize the user as an authorized user from the input images;
an instruction unit to recognize at least one person other than the authorized user from the input images;
an instruction unit to supply the service to the authorized user when the user is recognized in the input images; and
an instruction unit to control the supply of the service to the authorized user when the person other than the authorized user is recognized in the input images.
40. A security apparatus for supplying a service to a user in a service use area, the security apparatus comprising:
image input means for continuously inputting an image to monitor the service use area;
person discrimination means for continuously recognizing a person in the input image means and for registering the person as an authorized user of the service if the person is recognized;
use situation decision means for deciding whether the authorized user is under a situation to use the service;
infringement situation decision means for deciding that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
service control means for supplying the service to the authorized user and for controlling a supply of the service when the infringement situation decision means decides that the security of the service use area is infringed while the use situation decision means has decided that the authorized user is under the situation to use the service.
41. A security apparatus for supplying a service to a user, the security apparatus comprising:
person discrimination means for recognizing a user requesting the service;
use situation decision means for deciding whether the user is under a situation to use the service;
infringement situation decision means for detecting when a non-user intrudes into a use area of the service;
service control means for supplying the service to the user in case the person discrimination means recognizes the user and for controlling a supply of the service when the infringement situation decision means detects a non-user intruding into the use area of the service while the use situation decision means has decided that the user is under the situation to use the service, wherein the service control means;
decides whether work of the user for the service is completed when the use situation decision means decides the user is not under the situation to use the service,
finishes the supply of the service in case the work of the user for the service is completed, interrupts the supply of the service when the infringement situation decision means detects the non-user intrusion into the use area in case the work of the user for the service is not completed, and relieves an interruption of the supply of the service in case the use situation decision means decides the user is under the situation to use the service again, and
finishes the supply of the service in case the use situation decision means decides the user is not under the situation to use the service within a predetermined time during the interruption of the supply of the service.
42. A security apparatus for supplying a service to a user, comprising:
person discrimination means for recognizing a user requesting the service;
use situation decision means for deciding whether the user is under a situation to use the service;
infringement situation decision means for detecting whether a non-user intrudes into a use area of the service; and
service control means for supplying the service to the user in case the person discrimination means recognizes the user, and for controlling a supply of the service when the infringement situation decision means decides the non-user intrudes into the use area of the service while the use situation decision means has decided the user is under the situation to use the service, wherein the service control means;
sends a warning to the user when the infringement situation decision means detects the non-user intrusion into the user area of the service,
controls the supply of the service in accordance with an indication of the user, and
controls the supply of the service in accordance with predetermined control information in case of a non-response of the user within a predetermined time after the warning.
43. A security method associated with supplying a service to a user in a service use area, the security method comprising:
continuously inputting an image to monitor the service use area;
continuously recognizing a person in the input image;
registering the person as an authorized user allowed to use the service if the person is recognized;
supplying the service to the authorized user;
deciding that the authorized user is under a situation to use the service;
deciding that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
controlling a supply of the service when the security of the service use area is infringed while the authorized user is under the situation to use the service.
44. A computer readable memory having computer-readable instructions to supply a service to a user in a service use area, the computer readable memory comprising:
means for instructing a computer to continuously input an image of the service use area;
means for instructing the computer to continuously recognize a person in the input image;
means for instructing the computer to register the person as an authorized user allowed to use the service if the person is recognized;
means for instructing the computer to supply the service to the authorized user;
means for instructing the computer to decide that the authorized user is under a situation to use the service;
means for instructing the computer to decide that a security of the service use area is infringed in case at least one person other than the authorized user is recognized in the input image; and
means for instructing the computer to control a supply of the service when the security of the service use area is infringed while the authorized user is under the situation to use the service.
US09/881,249 1996-03-08 2001-06-13 Security apparatus and method Expired - Lifetime USRE39550E1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US09/881,249 USRE39550E1 (en) 1996-03-08 2001-06-13 Security apparatus and method

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP5197396 1996-03-08
JP24387996A JP3617882B2 (en) 1996-03-08 1996-09-13 Security device and security implementation method
US08/810,623 US6049875A (en) 1996-03-08 1997-02-28 Security apparatus and method
US09/881,249 USRE39550E1 (en) 1996-03-08 2001-06-13 Security apparatus and method

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US08/810,623 Reissue US6049875A (en) 1996-03-08 1997-02-28 Security apparatus and method

Publications (1)

Publication Number Publication Date
USRE39550E1 true USRE39550E1 (en) 2007-04-03

Family

ID=26392567

Family Applications (2)

Application Number Title Priority Date Filing Date
US08/810,623 Ceased US6049875A (en) 1996-03-08 1997-02-28 Security apparatus and method
US09/881,249 Expired - Lifetime USRE39550E1 (en) 1996-03-08 2001-06-13 Security apparatus and method

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US08/810,623 Ceased US6049875A (en) 1996-03-08 1997-02-28 Security apparatus and method

Country Status (2)

Country Link
US (2) US6049875A (en)
JP (1) JP3617882B2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100088758A1 (en) * 2008-10-06 2010-04-08 Fujitsu Limited Security system, security method and recording medium storing security program
US20150036161A1 (en) * 2013-08-01 2015-02-05 Ricoh Company, Ltd. Image processing apparatus, security system supplied with image processing apparatus, image processing method and storage medium

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10361802B1 (en) 1999-02-01 2019-07-23 Blanding Hovenweep, Llc Adaptive pattern recognition based control system and method
JP3621245B2 (en) * 1997-12-12 2005-02-16 株式会社東芝 Person recognition device, person recognition method, and person recognition program recording medium
GB2343026B (en) * 1998-10-24 2003-02-26 Ibm Cooling-off period for destructive software
US6310549B1 (en) 2000-08-29 2001-10-30 Digitech International Wireless security system
EP1318459B1 (en) * 2000-09-12 2012-04-11 Mitsubishi Denki Kabushiki Kaisha Device operation permitting/authenticating system
US7181017B1 (en) 2001-03-23 2007-02-20 David Felsher System and method for secure three-party communications
US8141159B2 (en) * 2002-12-31 2012-03-20 Portauthority Technologies Inc. Method and system for protecting confidential information
US9818136B1 (en) 2003-02-05 2017-11-14 Steven M. Hoffberg System and method for determining contingent relevance
JP4086740B2 (en) * 2003-09-09 2008-05-14 日本電気株式会社 Terminal user monitoring system
US7500108B2 (en) 2004-03-01 2009-03-03 Microsoft Corporation Metered execution of code
JP2006185255A (en) * 2004-12-28 2006-07-13 Matsushita Electric Ind Co Ltd Video management system
JP2006331049A (en) * 2005-05-26 2006-12-07 Oki Electric Ind Co Ltd Security monitoring system
JP2008276274A (en) * 2005-07-04 2008-11-13 Nec Corp Information processor and information processing method
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
JP4236668B2 (en) 2006-02-01 2009-03-11 シャープ株式会社 Image processing apparatus and image processing method
JP4826322B2 (en) * 2006-04-13 2011-11-30 富士ゼロックス株式会社 Image forming apparatus and program
EP2128751A4 (en) 2007-03-16 2014-04-16 Fujitsu Ltd Information processing apparatus, information processing program, and information processing method
DE102007000972A1 (en) * 2007-10-25 2009-04-30 Siemens Ag Method for operating a system and system
JP2010152903A (en) * 2010-01-28 2010-07-08 Sony Corp Authentication device, authentication method, and computer readable recording medium
JP4752971B2 (en) * 2010-01-28 2011-08-17 ソニー株式会社 Authentication apparatus, authentication method, and computer-readable recording medium
JP2010102740A (en) * 2010-01-28 2010-05-06 Sony Corp Authentication device, authentication method, and computer readable recording medium
US20140013422A1 (en) * 2012-07-03 2014-01-09 Scott Janus Continuous Multi-factor Authentication
US10541997B2 (en) * 2016-12-30 2020-01-21 Google Llc Authentication of packetized audio signals
JP2014206932A (en) * 2013-04-15 2014-10-30 オムロン株式会社 Authentication device, authentication method, control program, and recording medium
JP5991946B2 (en) * 2013-06-17 2016-09-14 三菱電機ビルテクノサービス株式会社 Information processing apparatus and program
JP6210750B2 (en) * 2013-06-18 2017-10-11 シャープ株式会社 Information processing apparatus and program
JP6024617B2 (en) * 2013-08-15 2016-11-16 富士ゼロックス株式会社 Information processing apparatus and information processing program
US20160065539A1 (en) * 2014-09-02 2016-03-03 Cequity Llc Method of sending information about a user
JP6716207B2 (en) * 2015-07-06 2020-07-01 パラマウントベッド株式会社 Display control device, display control method, program and display system
JP6441200B2 (en) * 2015-11-04 2018-12-19 日本電信電話株式会社 Gaze-Assisted Risk Reduction System, Gaze-Assisted Risk Reduction Device, and Gaze-Assisted Risk Reduction Method

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5182770A (en) * 1991-04-19 1993-01-26 Geza Medveczky System and apparatus for protecting computer software
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
US5414852A (en) * 1992-10-30 1995-05-09 International Business Machines Corporation Method for protecting data in a computer system
US5497430A (en) * 1994-11-07 1996-03-05 Physical Optics Corporation Method and apparatus for image recognition using invariant feature signals
US5550968A (en) * 1994-04-12 1996-08-27 International Business Machines Corporation Method and system for providing access security to controls in a graphical user interface
US5560008A (en) * 1989-05-15 1996-09-24 International Business Machines Corporation Remote authentication and authorization in a distributed data processing system
US5715417A (en) * 1994-09-12 1998-02-03 Gardien; Paulus F. L. Automatically temporarily enabling a displayed menu option
US6111517A (en) * 1996-12-30 2000-08-29 Visionics Corporation Continuous video monitoring using face recognition for access control
US6181803B1 (en) * 1996-09-30 2001-01-30 Intel Corporation Apparatus and method for securely processing biometric information to control access to a node

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5560008A (en) * 1989-05-15 1996-09-24 International Business Machines Corporation Remote authentication and authorization in a distributed data processing system
US5182770A (en) * 1991-04-19 1993-01-26 Geza Medveczky System and apparatus for protecting computer software
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5414852A (en) * 1992-10-30 1995-05-09 International Business Machines Corporation Method for protecting data in a computer system
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
US5550968A (en) * 1994-04-12 1996-08-27 International Business Machines Corporation Method and system for providing access security to controls in a graphical user interface
US5715417A (en) * 1994-09-12 1998-02-03 Gardien; Paulus F. L. Automatically temporarily enabling a displayed menu option
US5497430A (en) * 1994-11-07 1996-03-05 Physical Optics Corporation Method and apparatus for image recognition using invariant feature signals
US6181803B1 (en) * 1996-09-30 2001-01-30 Intel Corporation Apparatus and method for securely processing biometric information to control access to a node
US6111517A (en) * 1996-12-30 2000-08-29 Visionics Corporation Continuous video monitoring using face recognition for access control

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100088758A1 (en) * 2008-10-06 2010-04-08 Fujitsu Limited Security system, security method and recording medium storing security program
US20150036161A1 (en) * 2013-08-01 2015-02-05 Ricoh Company, Ltd. Image processing apparatus, security system supplied with image processing apparatus, image processing method and storage medium
US9041948B2 (en) * 2013-08-01 2015-05-26 Ricoh Company, Ltd. Image processing apparatus, security system supplied with image processing apparatus, image processing method and storage medium

Also Published As

Publication number Publication date
US6049875A (en) 2000-04-11
JPH09297735A (en) 1997-11-18
JP3617882B2 (en) 2005-02-09

Similar Documents

Publication Publication Date Title
USRE39550E1 (en) Security apparatus and method
JP4850529B2 (en) Entrance / exit management system
JP4086740B2 (en) Terminal user monitoring system
EP2116499B1 (en) Elevator security system
WO2007029710A1 (en) Mobile processor apparatus
WO1998030017A2 (en) Continuous video monitoring using face recognition for access control
JP2002157050A (en) Computer automatic recognition system by ic card
JP2008181359A (en) Confidential information protection system
US20030093697A1 (en) Method for preventing unauthorized persons from entering and using a computer facility
CN110765433A (en) Terminal control method, device, terminal and storage medium
JPH10240368A (en) Computer system
JP2017208751A (en) Visitor authentication and determination system
US20070132546A1 (en) Service providing apparatus, service providing program, computer-readable recording medium, service providing method, and key unit
CN114882623A (en) Unlocking method and device of fingerprint lock and storage medium
JP2003030152A (en) Facility management system
US20200401683A1 (en) Information processing apparatus, information processing method, and program
JP6828280B2 (en) Monitoring and control system
JP6449039B2 (en) Device management apparatus, device management method, and program
KR101022368B1 (en) Crime prevention system and method
US11900743B2 (en) Security authentication method and security authentication device using same
KR20150101899A (en) Security system, apparatus, and method using disguise code
KR102300391B1 (en) Apparatus and method for user deviation/change detection of smart automated teller machine using facial recognition
JP4748151B2 (en) Terminal device and recording medium
JP6629105B2 (en) Security system
WO2005010836A1 (en) Improvements introduced in equipment used in security, commercial and bank automation systems

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12