1. Field of the Invention
The present invention relates to a technology for authenticating a person within at least one group, among persons grouped into a plurality of groups.
2. Description of the Related Art
In recent years, a technology for authenticating a person using biometric information, such as a fingerprint or veins in a palm, is being widely examined. The biometric information is unique to each individual and is difficult to falsify. Therefore, the biometric information is suitable for use in personal authentication. It is thought that biometric authentication will continue to be applied in various fields.
The biometric authentication using the biometric information is largely divided into two methods: one-to-one authentication and one-to-N authentication. The one-to-one authentication requires an input of identifying information, such as identification (ID) that differs from the biometric information. In the one-to-n authentication, the personal authentication is performed using only the biometric information. In the one-to-one authentication, the biometric information of the subject to be authenticated is identified in advance from registered biometric information using the identifying information. The identified information and the biological information acquired from the subject are collated and whether the subject is the person in question is confirmed. On the other hand, in the one-to-N authentication, all registered biological information and the biological information acquired from the subject are collated, and the subject is identified.
The one-to-one authentication and the one-to-N authentication respectively have merits and demerits. Japanese Patent Application Laid-open No. 2004-145608, for example, discloses a conventional technique. All subjects to be authenticated are divided into groups. The one-to-N authentication is performed in a collation device provided for each group and the subject is identified. The identifying information of the identified subject is sent to an authentication server with the biological information acquired from the subject. The authentication server controls the collation devices. The authentication server performs the one-to-one authentication. In addition, when the biological information of the subject is not registered in the collation device of the group, a notification that the biological information of the subject is not registered and the biological information acquired from the subject are transmitted to the authentication server. The authentication server performs the one-to-N authentication.
A system that performs biometric authentication and includes a collation device for each group and an authentication server that controls the collation devices, as described above, is, for example, suitable for a work management system that manages attendance of employees in a company having a plurality of stores. In other words, for example, the following use can be considered. An employee is biometrically authenticated when arriving to and leaving work by the collation device installed in each store. Clock-in and clock-out times of each employee are managed by a server that collectively supervises the overall system.
In a work management system such as this, a simple authentication is preferred. Therefore, the collation device in each store preferably performs the one-to-N authentication that does not require an input of ID or the like. Generally, in the one-to-N authentication, the biological information acquired from the subject and all registered biological information are collated. Therefore, processing load and processing time tends to increase. However, in the above-described system, the collation device is installed in each store. Therefore, only the biological information of the employee group employed at the respective store need be registered in the collation device of each store. As a result, the increases in processing load and processing time can be controlled.
However, in the conventional system, for example, response is insufficient when a subject receives personal authentication by a collation device differing from the collation device by which the subject is ordinarily authenticated, such as when an employee is transferred to another store. In other words, matching biological information is not registered for a subject who does not belong to the group of which the biological information is registered in the collation device, even when the subject receives one-to-N authentication. Therefore, the subject is not authenticated and an error occurs.
To prevent the error, the biological information registered in each collation device is required to be constantly updated to the latest information. However, for example, when an employee is frequently transferred or when there is an employee who temporarily works at another store for a short period, the biological information registered in the collation device is updated frequently. As a result, efficiency is poor.
In addition, as described in Japanese Patent Application Laid-open No. 2004-145608, when the authentication is not performed by the collation device in each store, the server controlling the collation devices can perform the one-to-N authentication. However, because the biological information of the subjects in all groups is registered in the server supervising the overall system, an enormous amount of time is required for the one-to-N authentication. Furthermore, the server supervising the overall system performs the one-to-N authentication every time an authentication is performed until the biological information of the subject is registered to the collation device in the store to which the subject is transferred. Therefore, the system is unrealistic.
Thus, there is a need of a technique for quickly and efficiently performing personal authentication in a system in which all subjects to be authenticated are divided into groups and personal authentication is performed on subjects by group, even when the group to which the subject belongs changes.