1. Field of the Invention
The present invention relates to a system and a device for authentication.
2. Description of the Related Art
Currently, biometric authentication is a promising principal confirmation technique. The biometric authentication is a technique of making identity verification by matching reference biometric information (biometric template), which is obtained by previously sampling and registering information indicating a unique physical feature or behavioral feature of a person, with sample biometric information newly input during the identity verification. Examples of the biometric information include a fingerprint, an iris, a retina, a face, voice, a keystroke, and a signature (handwriting). In the biometric authentication, unlike the already-existing authentication method such as password authentication, a load on a user is reduced because of the use of the biometric information which is free from physical or mental loss.
The biometric authentication is just beginning to be applied to a fixed system for a bank or the like, and introduction of the biometric authentication is also considered for principal confirmation through the Internet in electronic commerce. However, the biometric authentication includes plural processes such as “sampling of biometric information (extraction of feature quantity)”, “matching (computation of similarity”, and “decision (comparison with threshold)” compared with the already-existing authentication method such as the password authentication having one process of “decision (comparison with registered password)”.
In the case of the fixed system for a bank or the like, a verifier side (such as the bank) can advantageously assure that impropriety cannot occur in each process of the biometric authentication.
On the other hand, in the case of an open system such as the Internet, a disadvantage is generated on the verifier side (such as an electronic commerce site) because the verifier side cannot assure that impropriety cannot occur in each process of a biometric authentication environment on a user side. For example, the necessity of verifying whether or not the process of the biometric authentication environment on the user side is valid is generated in addition to the verification of the matching result.
An authentication system in which an authentication context for biometrics is used is well known as a technique of satisfying the above necessity (for example, see Jpn. Pat. Appln. KOKAI Publication No. 2006-11768). The authentication context means information in which a management entity for performing each component process of the biometric authentication assures performing result and the verifier side can verify the validity of the performing result.
There is no particular problem when the above authentication context is used in the usual biometric authentication.
However, according to study of the inventor, the following problems 1 and 2 exist when the authentication context is used in the multimodal biometric authentication or multi-algorithm biometric authentication. The multimodal biometric authentication is one in which plural kinds of authentication processes such as the face authentication and the fingerprint authentication are performed in parallel to make decision fusion. The multi-algorithm biometric authentication is one in which the same kind of authentication processes such as the face authentication are performed in parallel with plural kinds of algorithms to make the decision fusion. Both the multimodal biometric authentication and the multi-algorithm biometric authentication have been attracting attention from the standpoint of enhancement of authentication accuracy.
(Problem 1)
As described above, there is no particular problem when the authentication context is used in the usual biometric authentication. That is, as shown in FIG. 1, in the usual biometric authentication, a first entity equipment 1 performs the biometric information capturing process to output a first authentication context. The first authentication context includes the output information on “capturing information”. A second entity equipment 2 outputs a second authentication context. The second authentication context includes the output information on “template (biometric template)” to which the storage process is previously performed. A third entity equipment 3 performs the matching process to “capturing information” and “template” to output a third authentication context to the verifier. The third authentication context includes the input information on “capturing information” and “template” and the output information on “matching result”.
At this point, it is clear that “capturing information” in the third authentication context corresponds to the output information on the first entity equipment 1. This is because the first entity equipment 1 is the only equipment having the function of outputting “capturing information”. Similarly, it is clear that “template” in the third authentication context corresponds to the output information on the second entity equipment 2.
Thus, in the usual biometric authentication, because the correspondence relationship between the processes and the pieces of entity equipment 1 to 3 is clear, the verifier can verify the validity of the series of process results from the authentication context.
On the other hand, in the multimodal biometric authentication or multi-algorithm biometric authentication, sometimes the plural pieces of entity equipment have the same function in each piece of biometric information or algorithm. As described in claims 5, 6, 14, and 15 and a sixth embodiment of Jpn. Pat. Appln. KOKAI Publication No. 2006-11768, there is no problem when association of an identity verification process is performed by expressing the hierarchical structure between the authentication contexts. However, in order to express the hierarchical structure between the authentication contexts, it is necessary that the plural authentication contexts be processed in the single entity equipment. However, some pieces of entity equipment do not have the ability to process the plural authentication contexts, and sometimes the entity equipment cannot express the hierarchical structure between the authentication contexts. In this case, the correspondence relationship between the process result included in the authentication context and the entity equipment which has generated the process result becomes ambiguous. Accordingly, in the multimodal biometric authentication or multi-algorithm biometric authentication, the verifier cannot verify the validity of the series of process results from the authentication context.
As shown in FIG. 2, in the multimodal biometric authentication, a first entity equipment 4 performs the face matching process to output a first authentication context. The first authentication context includes the output information on “matching result”. A second entity equipment 5 performs the fingerprint matching process to output a second authentication context. The second authentication context includes the output information on “matching result”. A third entity equipment 6 makes the decision fusion of the two “matching results” to output a third authentication context to the verifier. The third authentication context includes the input information on the two “matching results” and the output information on “decision fusion result”.
However, it is ambiguous which of the two “matching results” in the third authentication context corresponds to which piece of output information on the first and second pieces of entity equipment 4 and 5. This is because the first and second pieces of entity equipment 4 and 5 individually have the functions of outputting “matching result”.
Accordingly, as described above, in the multimodal biometric authentication, the verifier cannot verify the validity of the series of process results from the authentication context. The same holds true for the multi-algorithm biometric authentication.
(Problem 2)
As described above, there is no particular problem when the authentication context is used in the usual biometric authentication. That is, as shown in FIG. 3, in the usual biometric authentication, the first entity equipment 4 performs the face matching process and the decision process, and outputs the first authentication context to the verifier. The first authentication context includes pieces of the information on “matching process” and “decision process” and the output information on “decision result”.
At this point, the processing procedure in which “decision process” is performed after “matching process” is clear in the first authentication context. This is because only one each of the matching process function and the decision process function exists in the first entity equipment 1.
Thus, in the usual biometric authentication, because the processing procedure of each “process” in the authentication context is clear, the verifier can verify the validity of the series of process results from the authentication context.
On the other hand, in the multimodal biometric authentication or multi-algorithm biometric authentication, sometimes the matching process in which the plural different pieces of biometric information are combined or the matching process in which the plural different algorithms are combined is performed in one entity equipment. In this case, the processing procedure of each “process” (procedure of generating process result) included in the authentication context becomes ambiguous.
Accordingly, in the case of the multimodal biometric authentication or multi-algorithm biometric authentication, the verifier cannot verify the validity of the series of process results from the authentication context.
That is, as shown in FIG. 4, in a first entity equipment 7 which performs the multimodal biometric authentication, the face matching process and the fingerprint matching process are performed in parallel, the decision fusion of the two matching results is made, and a first authentication context is output to the verifier. The first authentication context includes pieces of information on two “matching processes” and the one “decision fusion” and output information on “decision fusion result”.
However, in the first authentication context, because the processing procedure between the two “matching processes” and “decision fusion” is ambiguous, the procedure of generating “decision fusion result” becomes ambiguous. Accordingly, as described above, in the case of the multimodal biometric authentication, the verifier cannot verify the validity of the series of process results from the authentication context. The same holds true for the multi-algorithm biometric authentication.