JP6450803B2 - Information processing apparatus, application software activation system, and application software activation method - Google Patents

Description

  The present invention relates to a method for starting application software used in an information processing apparatus.

As background art of this technical field, there is JP-A-2005-293209 (Patent Document 1). This publication describes the following as a problem. “In the existing biometric authentication, only static biometric information is used, and it is possible to verify the identity, but the intention of the individual is not read. If a user is involved in some crime, threatened by the criminal, and forced to perform an unauthorized operation by the user, even if the system is equipped with biometrics authentication, the system is illegally operated and significant damage occurs. There is a risk of doing that. "
As means for solving this problem, it is described as follows. “Physical feature information measuring means for measuring biological information indicating physical characteristics, biometrics authentication means for identifying the person based on information on the physical characteristics measured by the physical feature information measuring means, emotional Emotional feature information measuring means for measuring biological information indicating characteristics, emotion biometrics determining means for determining a mental state of the person based on information on emotional characteristics measured by the emotional feature information measuring means, Comprehensive authentication for determining the identity of the person and the authentication operation in accordance with the intention of the person based on the identification result information by the biometrics authentication means and the determination result of the mental state by the emotion biometrics determination means. With means "

JP 2005-293209 A

  The patent document 1 uses emotion biometrics, and in addition to the verification of the identity authentication performed in the existing biometrics authentication, the user himself is threatened by the criminal and is forced to perform an unauthorized operation. This can be detected in some cases. In addition, the “intention of the person” and the “intention of the person” with respect to the user's operation can be confirmed. However, in an information processing device that uses multiple application softwares, it is not always necessary to confirm “intentions” and “intentions” for all application software. There is application software for which additional confirmation of "status" is desirable.

  Therefore, an object of the present invention is to provide an easy-to-use information processing apparatus and application software activation system that limits application software according to the state of a user.

  In order to solve the above problems, for example, the configuration described in the claims is adopted. The present invention includes a plurality of means for solving the above-mentioned problems. For example, as an application software activation method of the information processing apparatus, the identity of the user is authenticated by static biometric information, and the user's body The application that is activated according to the determined user status based on the permission level set in advance for each application software by comparing the dynamic biometric information acquired from the pre-measured dynamic biometric information and determining the user status Limit software.

  According to the present invention, it is possible to provide an information processing apparatus, an application software activation system, and an application software activation method that are easy to use.

1 is a configuration diagram of a communication system including a mobile terminal according to Embodiment 1. FIG. 1 is a hardware configuration diagram of a mobile terminal according to Embodiment 1. FIG. 1 is a functional block diagram of a mobile terminal according to Embodiment 1. FIG. 5 is a flowchart showing an operation for permitting an application of the mobile terminal according to the first embodiment. 3 is a display screen of the mobile terminal according to the first embodiment. FIG. 6 is a configuration diagram of a communication system including a mobile terminal according to a second embodiment. FIG. 6 is a hardware configuration diagram of a mobile terminal according to a second embodiment. FIG. 6 is a functional block diagram of a mobile terminal according to a second embodiment. FIG. 6 is a functional block diagram of a mobile terminal according to a second embodiment. 9 is a flowchart showing an operation for app permission of a mobile terminal according to the second embodiment. 7 is a display screen of a mobile terminal according to the second embodiment. 10 is a flowchart illustrating an operation for permitting an application of a mobile terminal according to the third embodiment. 10 is a display screen of a mobile terminal according to a third embodiment. 10 is a flowchart illustrating an operation for permitting an application of a mobile terminal according to the fourth embodiment. The display screen of the portable terminal which concerns on Example 4. FIG. 10 is a flowchart showing an app permission operation of the mobile terminal according to the fifth embodiment. 10 is a flowchart illustrating an operation for permitting an application of a mobile terminal according to the sixth embodiment.

  Embodiments of the present invention will be described below with reference to the drawings.

  FIG. 1 is a configuration diagram of a communication system including a portable terminal 1 as an example of an information processing apparatus used in this embodiment. The communication system in the present embodiment includes a mobile terminal 1 worn on the user's body, a base station 5 of a mobile telephone communication network, a wide area public network 6 such as the Internet, a router 7, and the like.

  The portable terminal 1 is a wristwatch type portable terminal having a communication function, and can obtain various information from the network 6 by connecting to the base station 5 or the router 7. The portable terminal 1 includes a fingerprint sensor 11 and a touch panel 12 on the surface. Although not shown, it is assumed that a heart rate sensor, a blood pressure sensor, a temperature sensor, and the like are provided on the back surface so as to come into contact with the arm when worn by the user. In the present embodiment, the portable terminal 1 is a wristwatch-type portable terminal, but may be a glasses-type portable terminal or a ring-type portable terminal. In addition, other portable digital devices may be used. Furthermore, the information processing apparatus only needs to be provided with a sensor for detecting dynamic biological information. For example, a temperature detection sensor using infrared rays is provided even if it is not a portable terminal, and the user's body temperature is detected. It can be a PC that can.

  The base station 5 is a device that relays between the mobile terminal 1 and the network 6, and can exchange various information with the mobile terminal 1. The router 7 has a wireless LAN (Local Area Network) function such as Wi-Fi (Wireless Fidelity) and can be connected to the network 6 via a communication line.

  FIG. 2 is a hardware configuration diagram of the mobile terminal 1 according to the present embodiment. A CPU (Central Processing Unit) 101 controls the entire portable terminal 1 according to a predetermined program. The CPU 101 may be an arbitrary control circuit or a dedicated circuit such as an ASIC (Application Specific IC).

  The system bus 102 is a data communication path for performing data transmission / reception between the CPU 101 and each unit in the portable terminal 1.

  The memory 103 is composed of a ROM (Read Only Memory), a RAM (Random Access Memory), a flash ROM, and the like. A program for controlling the mobile terminal 1, various setting information, an application program (hereinafter referred to as an application or an application), Stores user biometric information and the like.

  The operation device 104 is an instruction input device that inputs an operation instruction to the mobile terminal 1. In this embodiment, the operation device 104 is configured by a touch panel and a button switch that are arranged on a display device 152 described later. Note that only one of them may be used. Further, the portable terminal 1 may be operated using a keyboard or the like connected to an expansion interface (I / F) 105 described later. Furthermore, you may operate the portable terminal 1 using the separate information terminal device connected by wired communication or radio | wireless communication. The touch panel function may be provided in the display device 152.

  The extension I / F 105 is an interface group for extending the functions of the mobile terminal 1. In this embodiment, the extension I / F 105 includes a video / audio interface, a USB (Universal Serial Bus) interface, a memory interface, and the like. The video / audio interface performs input of video signals / audio signals from external video / audio output devices, output of video signals / audio signals to external video / audio input devices, and the like. The USB interface connects a keyboard and other USB devices. The memory interface transmits and receives data by connecting a memory card and other memory media.

  The fingerprint sensor 111 is a sensor for detecting static biometric information of a user who uses the mobile terminal 1. The fingerprint sensor 111 detects a fingerprint pattern by touching a finger and registers the fingerprint pattern of the person registered in the memory 103. And authenticate the person based on whether they match.

  The heart rate sensor 112, the blood pressure sensor 113, and the temperature sensor 114 are a sensor group for detecting dynamic biological information of the user wearing the mobile terminal 1, and the heart rate, blood pressure, body temperature, etc. are detected by these sensor groups. And the current state of the user is detected by comparing the measured value with the normal measurement value of the person registered in advance in the memory 103. Other sensors may be further provided.

  A GPS (Global Positioning System) receiving device 121, an acceleration sensor 122, a gyro sensor 123, a geomagnetic sensor 124, and a proximity sensor 125 are sensor groups for detecting the state of the mobile terminal 1. It is possible to detect the position, movement, inclination, direction, and proximity of surrounding objects. Other sensors may be further provided.

  The mobile communication device 131 is configured by a communication circuit including an encoding circuit and a decoding circuit in addition to an antenna, and by telephone communication (call) and wireless communication with the base station 5 of the mobile telephone communication network. Send and receive data. The LAN communication device 132 is connected to a wireless communication access point by wireless communication to transmit / receive data. The short-range communication device 133 performs wireless communication with a short-range peripheral device. As the short-range wireless communication, for example, Bluetooth (registered trademark), infrared rays, Wi-Fi Direct, or the like is used. The LAN communication device 132 and the short-range communication device 133 are each provided with a coding circuit, a decoding circuit, an antenna, and the like.

  The audio input device 141 and the audio output device 142 are audio processing devices of the mobile terminal 1. The voice input device 141 is a microphone, which converts a user's voice and the like into voice data and inputs the voice data. The audio output device 142 is a speaker and provides an audio signal to the user of the mobile terminal 1.

The video input device 151 and the display device 152 are video processing devices of the mobile terminal 1. The video input device 151 converts the light input from the lens into an electrical signal using an electronic device such as a charge coupled device (CCD) or a complementary metal oxide semiconductor (CMOS) sensor, thereby converting the video data of the surroundings and the object. The camera unit to input. The display device 152 is a display device such as a liquid crystal panel, and provides a video signal to the user of the mobile terminal 1. Further, the display device 152 includes a video RAM which is not shown, on the basis of the image data input to the video RAM to display an image, if necessary format conversion, menus and other OSD (On Screen Display) It is assumed that it has a function of performing signal superimposition processing and the like.

  Note that the configuration example of the mobile terminal 1 includes a number of configurations that are not essential to the present embodiment, but even the configuration that does not include these components does not impair the effects of the present embodiment. In addition, a configuration not shown in the figure, such as a digital television broadcast receiving function and an electronic money settlement function, may be further added.

  FIG. 3 is a functional block diagram of the mobile terminal 1 of the present embodiment. Each functional block of the mobile terminal 1 is controlled by the control unit 1010.

  The control unit 1010 operates on the CPU 101 included in the mobile terminal 1 illustrated in FIG. 2, and includes a personal authentication unit 1011, a state determination unit 1012, a lock control unit 1013, an application activation unit 1014, and the like according to instructions from the user interface 1040. Based on this, the storage unit 1030, the static biometric information acquisition unit 1110, the dynamic biometric information acquisition unit 1120, the communication unit 1310, and the like are controlled to acquire, store, and compare the static biometric information and the dynamic biometric information. Lock / unlock and launch apps.

  The user interface 1040 includes the operation device 104, the audio input device 141, the audio output device 142, the video input device 151, the display device 152, and the like shown in FIG. To tell.

  The static biometric information acquisition unit 1110 includes the fingerprint sensor 111 and the like illustrated in FIG. 2 and detects a fingerprint or the like that is static biometric information of a user who uses the mobile terminal 1.

  The dynamic biometric information acquisition unit 1120 includes the heart rate sensor 112, the blood pressure sensor 113, the temperature sensor 114, and the like shown in FIG. 2, and includes the heart rate, blood pressure, and the dynamic biometric information of the user wearing the mobile terminal 1. Measure body temperature etc.

  The communication unit 1310 includes the mobile communication device 131, the LAN communication device 132, the short-range communication device 133, and the like shown in FIG. 2, and acquires applications and transmits / receives various data.

  The storage unit 1030 includes the memory 103 shown in FIG. 2 and the like, and in addition to a program for controlling the mobile terminal 1 and various setting information, static biometric information 1031, dynamic biometric information 1032, application 1033, and each application A permission level table 1034 or the like that is a table of levels for permitting activation is stored.

  The static biometric information 1031 is the person's fingerprint acquired by the static biometric information acquisition unit 1110. Before using the mobile terminal 1, the static biometric information of the person is registered in advance.

  The dynamic biological information 1032 is the person's heart rate, blood pressure, body temperature, and the like acquired by the dynamic biological information acquisition unit 1120. When the mobile terminal 1 is used, the dynamic biological information and the like of the normal person are measured and registered.

  The application 1033 is an application program acquired via the communication unit 1310 or a preinstalled application program. A plurality of application programs can be registered, and an application permission level can be registered in the permission level table 1034 in association with each application program.

  The personal authentication unit 1011 determines whether or not the user is the person by comparing the static biometric information acquired by the static biometric information acquisition unit 1110 with the static biometric information 1031 when the mobile terminal 1 is used. If the user is authenticated, the lock control unit 1013 is controlled to unlock the mobile terminal 1.

  The lock control unit 1013 is controlled by the personal authentication unit 1011 to release the lock of the mobile terminal 1 and locks the mobile terminal 1 when the user interface 1040 is not operated for a certain period of time, for example. Moreover, the portable terminal 1 is locked also when the state determination part 1012 determines with it being a sleep state.

  The state determination unit 1012 determines the user's state by comparing the dynamic biological information acquired by the dynamic biological information acquisition unit 1120 with the dynamic biological information 1032 when the mobile terminal 1 is used, and the lock control unit 1013 and the application activation unit 1014 are controlled. For example, when it is determined that the person is in a sleep state, the lock control unit 1013 is controlled to lock the portable terminal 1. If it is determined that the person is in a normal state, all applications can be activated. If it is determined that the person is in a stressed state, the applications that can be activated are limited. Note that the applications that can be started are further limited until the user state can be determined. Which applications are limited is registered in the permission level table 1034. The activation permission level of each application may be determined in advance for each application, or the user may register from the user interface 1040.

  The application to be activated is not limited to the application 1033 stored in the storage unit 1030, and an application on the network 6 may be activated via the communication unit 1310.

FIG. 4 is a flowchart showing the app permission operation of the mobile terminal 1 according to the present embodiment. This flowchart shows a process of performing personal authentication by the mobile terminal 1, confirming the state of the user, and limiting applications to be activated according to the state of the user.
First, static biometric information is detected and personal authentication is performed. Static biometric information is acquired by the static biometric information acquisition unit 1110, and comparison with static biometric information 1031 registered in advance is performed by the personal authentication unit 1011. S401). For example, when the fingerprint, which is static biometric information, is detected and authenticated, and it is determined that the fingerprint is the same as the registered fingerprint, the lock control unit 1013 unlocks the portable terminal 1 (S402). The application activation unit 1014 permits the activation of the permission level 1 application (S403).

  The permission level 1 application is not related to the person's information, such as a clock application, web browser, map application, camera application, weather forecast application, music application, calculator application, dictionary application, game application, navigation application, etc. It is an application that has no particular problems with the use of. In addition, the permission level for each application is registered in the permission level table 1034 in advance.

A display example of the screen of the mobile terminal 1 at this time is shown in FIG. The clock application, the web browser, the map application, the calculator application, and the dictionary application can be activated because they are applications of permission level 1, and other applications have different icon colors, indicating that they cannot be activated.

  The personal authentication may be performed by other biometric authentication such as vein authentication, face authentication, iris authentication, and retina authentication in addition to fingerprint authentication. For example, when the mobile terminal 1 is worn on the wrist or the like, the vein authentication of the wearer is performed. By authenticating the user, it is possible to prevent others from wearing and impersonating the person. Alternatively, the lock may be released by inputting a pass code, or the pattern lock may be released by a finger trajectory.

  In general, the acquisition time of static biometric information such as fingerprint authentication, vein authentication, face authentication, iris authentication, and retina authentication is not different from the input time of the passcode until the application of permission level 1 can be activated. The time is about several seconds.

  Next, dynamic biometric information is detected to determine the user's state. The dynamic biometric information acquisition unit 1120 acquires the dynamic biometric information, compares the dynamic biometric information 1032 registered in advance with the status determination unit 1012, and determines the user's status (S404).

  For example, the heart rate, blood pressure, and body temperature, which are dynamic biological information, are measured in a normal state, registered as dynamic biological information 1032, and the heart rate, blood pressure, and body temperature are measured by the dynamic biological information acquisition unit 1120. If the heart rate, blood pressure, and body temperature are equal to or lower than the lower limit values of the normal state, the sleep state is determined. For example, when the heart rate and the blood pressure are equal to or higher than the upper limit of the normal state, it is determined as a stress state, and a state that is neither a sleep state nor a stress state is determined as a normal state.

  In general, the acquisition time of dynamic biological information such as heart rate, blood pressure, body temperature, brain wave, and sweating amount is longer than the acquisition time of static biological information, and applications of permission levels 2 and 3 described below can be started. The time to become is about several tens of seconds. Therefore, acquisition of static biometric information is started at the same time as acquisition of static biometric information, or dynamic biometric information is always acquired, and for example, state determination is performed based on biometric information for the last 30 seconds. .

  First, the process is switched depending on whether or not the user's state is a sleeping state (S405). When it determines with it being a sleep state, the portable terminal 1 is locked (S410), and a process is complete | finished (permission level 0). For example, when a user is asleep at a station or a park, even if another person performs fingerprint authentication by touching the user's finger with the mobile terminal 1, the heart rate, blood pressure, and body temperature are below the lower limit of the normal state. The mobile terminal 1 can be locked by determining the sleep state.

  If it is determined that the user's state is not a sleep state, the process is switched depending on whether or not the user is in a stress state (S406). If it is determined that the application is in the stress state, the activation of the permission level 1 and permission level 2 applications is permitted (S407).

An application of permission level 2 is an application that seems to have a problem in use other than the person concerned, such as a schedule application, a mail application, a photo application, a telephone application, an address book application, etc. In addition, it is an application that is considered to be no problem even if it is used by anyone regardless of the state of the user. At this time, it shows a display example of the portable terminal 1 screen in FIG. 5 (B). In addition to the above-described permission level 1 application being able to start, the schedule application and the mail application can be started since they are permission level 2 applications, and the other applications have different icon colors and cannot be started. It is shown that.

  When it is determined that the user's state is not a stress state (normal state), the activation of all applications of permission level 1 to permission level 3 is permitted (S408).

  An application of permission level 3 is an application that is related to the information of the principal, such as an electronic money application, a net banking application, etc., and seems to have a big problem in the use other than the principal. Moreover, even if it is the person himself, it is an application which seems to have a problem in use depending on the state of the user.

  For example, if the user is overwhelmed by a transfer fraud, etc., or if someone else is forced to perform an operation, etc., if the heart rate and blood pressure exceed the upper limit of the normal state, it is determined as a stress state, Electronic money application, net banking application, etc. can be disabled.

When allowed to start the entire application, it shows a display example of the portable terminal 1 screen in FIG. 5 (C). In addition to the above-mentioned permission level 1 application and permission level 2 application being able to start, the electronic money application and the net banking application are startable because they are permission level 3 applications, and all applications can be started. It shows that there is.

  Next, the process is switched depending on whether or not a predetermined time has elapsed without any operation by the user (S409). If a predetermined time (for example, 10 seconds) has elapsed, the portable terminal 1 is locked (S410), and the process is terminated.

  If the predetermined time has not elapsed, the process returns to step S404 to continue the process. For example, even if it is determined that the application is in the stress state and the permission level 3 application cannot be started, if the application settles in a normal state, all the applications can be started. After that, when it is determined again as a stress state, the application of the permission level 3 cannot be started again, and when it is determined as a sleep state, the portable terminal 1 is locked.

  Note that the permission level of each application may be predetermined by the mobile terminal 1 or may be changed by the user.

  In addition, the upper limit value and the lower limit value of the normal heart rate, body temperature, and blood pressure may be determined in advance by the mobile terminal 1, but the user's heart rate, body temperature, and blood pressure are measured and learned. By obtaining the upper limit value and the lower limit value, more accurate determination can be performed.

  In general, the heart rate, blood pressure, and body temperature decrease in the sleep state, and the heart rate and blood pressure increase in the stress state. However, the user previously measures and registers the heart rate, body temperature, and blood pressure in the sleep state and the stress state. This makes it possible to make a more accurate determination. Furthermore, even if another person wears the portable terminal 1 and performs fingerprint authentication by touching the portable terminal 1 with his / her finger, it is detected that the heart rate, body temperature, and blood pressure are different from the tendency of the past measurement value of the person. Then, the mobile terminal 1 may be locked.

  In addition, the user's state determination may be performed based on other dynamic biological information such as an electroencephalogram and a sweat amount in addition to the heart rate, blood pressure, and body temperature.

  Further, the terminal device 1 may perform identity authentication based on dynamic biometric information such as a heartbeat waveform or an electroencephalogram instead of static biometric information such as a fingerprint.

  As described above, in this embodiment, the application software activation method of the information processing apparatus authenticates the identity by using static biometric information, and the dynamic biometric information acquired from the user's body and previously measured dynamic The user's state is determined by comparing the biometric information, and application software to be activated is limited according to the determined user's state based on the permission level set for each application software in advance. Further, the information processing apparatus is forcibly locked according to the determined user status.

  In addition, as an information processing device, a static biometric information acquisition unit that acquires static biometric information, and a personal authentication unit that compares the acquired static biometric information with previously registered static biometric information and authenticates the identity A dynamic biological information acquisition unit that acquires dynamic biological information from the user's body, a state determination unit that compares the acquired dynamic biological information with the dynamic biological information measured in advance and determines the state of the user, A lock control unit that unlocks the information processing apparatus by authentication of the personal authentication unit, and an application activation unit that activates application software selected by the user from among a plurality of application softwares. Based on the permission level set for each, the application software to be activated is limited according to the user status determined by the status determination unit Configuration to. In addition, the lock control unit is configured to forcibly lock the information processing apparatus according to the user state determined by the state determination unit.

  Thus, in this embodiment, it is determined whether or not the user is the person based on the static biometric information, the state of the user is determined by dynamic biometric authentication, and the activation of the application is limited step by step according to the user state. Therefore, the activation of the application can be limited when the person's judgment ability is suspected or when the person's intention is contrary.

FIG. 6 is a configuration diagram of a communication system including the mobile terminal 2 and the mobile terminal 3 of the present embodiment. The communication system includes a mobile terminal 2, a mobile terminal 3 worn on a user's body, a base station 5 of a mobile telephone communication network, a wide-area public network 6 such as the Internet, a router 7, and the like.
In this embodiment, sensors for detecting dynamic biological information such as the heart rate sensor 312, the blood pressure sensor 313, and the temperature sensor 314 of the mobile terminal 1 in the first embodiment are left in the mobile terminal 3, and the mobile terminal 1 The other functions are examples in which the functions are divided as in the portable terminal 2.

  In FIG. 6, the portable terminal 2 is a smart phone. The portable terminal 2 includes a fingerprint sensor 21 and a touch panel 22 on the surface. The portable terminal 2 can obtain various information from the network 6 by connecting to the base station 5 or the router 7. In the present embodiment, the mobile terminal 2 is a smart phone. However, the mobile terminal 2 may be a mobile phone, a tablet terminal, or the like, or may be a PDA (Personal Digital Assistants) or a notebook PC (Personal Computer). Further, it may be an information processing device including a music player, a digital camera, a portable game machine, or other portable digital devices having a communication function.

  The mobile terminal 3 is a wristwatch type mobile terminal having a communication function, and has a function of transmitting and receiving various information to and from the mobile terminal 2. The portable terminal 3 includes a touch panel 32 on the surface. Although not shown, it is assumed that a heart rate sensor, a blood pressure sensor, a temperature sensor, and the like are provided on the back surface so as to come into contact with the arm when worn by the user. In the present embodiment, the portable terminal 3 is a wristwatch-type portable terminal, but may be a glasses-type portable terminal or a ring-type portable terminal. Alternatively, it may be an information processing apparatus including other portable digital devices.

  FIG. 7 is a hardware configuration diagram of the mobile terminal 2 and the mobile terminal 3 of the present embodiment. In FIG. 7, the same components as those in FIG. 7, each component of the mobile terminal 2 is the same as the configuration of FIG. 2 except for the heart rate sensor 112, the blood pressure sensor 113, and the temperature sensor 114, and thus description of each component is omitted. . Moreover, since each component of the portable terminal 3 also consists of the component demonstrated in FIG. 2, description of each component is abbreviate | omitted.

  The heart rate sensor 312, the blood pressure sensor 313, and the temperature sensor 314 of the mobile terminal 3 are sensor groups for detecting the state of the user wearing the mobile terminal 3, and by these sensor groups, the user's heart rate, blood pressure, It becomes possible to detect body temperature and the like. Other sensors may be further provided. In addition, the mobile terminal 3 transmits these detection data to the mobile terminal 2 via the short-range communication device 133. The mobile terminal 2 can receive these detection data via the short-range communication device 133 and know the state of the user wearing the mobile terminal 3. It is assumed that the mobile terminal 2 and the mobile terminal 3 have been authenticated with each other.

  In addition, although the structural example of the portable terminal 2 and the portable terminal 3 shown in FIG. 7 includes many structures which are not essential to a present Example, even if it is a structure without these, the effect of a present Example Will not be damaged. In addition, a configuration not shown in the figure, such as a digital television broadcast receiving function and an electronic money settlement function, may be further added.

  FIG. 8 is a functional block diagram of the mobile terminal 2 of the present embodiment. In FIG. 8, the same components as those in FIG. 3 which is a functional block diagram of the mobile terminal 1 of the first embodiment are denoted by the same reference numerals.

  In FIG. 8, each component of the mobile terminal 2 is the same as the configuration excluding the dynamic biological information acquisition unit 1120, the dynamic biological information storage unit 1032 and the state determination unit 1012 from the components of FIG. The description of the same components as those in FIG. 3 is omitted.

  The control unit 2010 controls each functional block of the mobile terminal 2. The control unit 2010 operates on the CPU 101 included in the mobile terminal 2 illustrated in FIG. 8, includes a personal authentication unit 1011, a lock control unit 1013, an application activation unit 1014, and the like, and based on an instruction from the user interface 1040, the storage unit 2030. The static biometric information acquisition unit 1110, the communication unit 1310, and the like are controlled to acquire, store, and compare static biometric information, lock / release the mobile terminal 2, and activate an application.

  The storage unit 2030 includes the memory 103 shown in FIG. 7 and the like. The storage unit 2030 has a level that permits activation of each of the static biometric information 1031, the application 1033, and each application in addition to the program for controlling the mobile terminal 2 and various setting information. A permission level table 1034, which is a table, is stored.

  Communication with the mobile terminal 3 is performed by the short-range communication device 133.

  FIG. 9 is a functional block diagram of the mobile terminal 3 of the present embodiment. In FIG. 9, the same components as those in FIG. 9, each constituent element of the mobile terminal 3 includes the dynamic biometric information acquisition unit 1120, the dynamic biometric information storage unit 1032, and the state determination unit 1012 that are the constituent elements of FIG. 3, and detailed description thereof is omitted. To do.

  Each functional block of the mobile terminal 3 is controlled by the control unit 3010. The control unit 3010 operates on the CPU 101 included in the mobile terminal 3 illustrated in FIG. 7, includes the state determination unit 1012 and the like, and based on an instruction from the user interface 3040, the dynamic biometric information acquisition unit 1120, the storage unit 3030, and the communication The unit 3310 and the like are controlled to acquire, store, transmit, display, etc. dynamic biological information.

  The user interface 3040 includes the operation device 104, the audio output device 142, the display device 152, and the like shown in FIG. 7, shows various information to the user, and transmits the user's instructions to the control unit 3010.

  The communication unit 3310 includes the short-range communication device 333 shown in FIG. 7 and performs communication with the mobile terminal 2.

  The storage unit 3030 includes the memory 103 illustrated in FIG. 7 and the like, and stores dynamic biometric information 1032 and the like in addition to a program for controlling the mobile terminal 3 and various setting information.

  The state determination unit 1012 determines the user's state by comparing the dynamic biological information acquired by the dynamic biological information acquisition unit 1120 with the dynamic biological information 1032 when the mobile terminal 3 is used, and the communication unit 3310. Is transmitted to the mobile terminal 2.

  For example, when it is determined that the person is in a sleeping state, the information is transmitted to the mobile terminal 2 via the communication unit 3310 and the mobile terminal 2 is locked. Moreover, the application started with the portable terminal 2 is limited according to a user's state. If it is determined that the person is in a normal state, all applications can be activated. If it is determined that the person is in a stressed state, the applications that can be activated are limited.

  FIG. 10 is a flowchart illustrating the app permission operation of the mobile terminal 2 and the mobile terminal 3 according to the present embodiment. This flowchart shows a process of performing personal authentication by the mobile terminal 2, confirming the state of the user by the mobile terminal 3, and limiting an application to be activated according to the state of the user.

  First, static biometric information is detected by the portable terminal 2 to perform personal authentication (S1001). For example, it is determined whether or not the person is the person by fingerprint authentication. That is, the fingerprint pattern detected by the user touching the fingerprint sensor 211 with the fingerprint pattern of the user registered in the memory 203 is compared to determine whether the fingerprints are the same. If it is determined that the fingerprints are the same, the portable terminal 2 is unlocked (S1002), and the activation of the permission level 1 application is permitted (S1003).

A display example of the screen of the portable terminal 2 at this time is shown in FIG. The clock app, web browser, map app, camera app, weather forecast app, music app, calculator app, dictionary app can be launched because it is a permission level 1 application, and other applications have different icon colors and launch It is impossible.

  In addition to fingerprint authentication, personal authentication may be performed by other biometric authentication such as vein authentication, face authentication, iris authentication, and retina authentication, or may be unlocked by entering a passcode. The pattern lock may be released by.

  The portable terminal 3 measures the heart rate with the heart rate sensor 312, measures the blood pressure with the blood pressure sensor 313, and measures the body temperature with the temperature sensor 314 (S1011).

  The mobile terminal 2 requests the mobile terminal 3 to confirm the user state via the short-range communication device 233 (S1012).

  The portable terminal 3 detects dynamic biometric information and determines the user's state (S1013). For example, the state of the user is determined from the measurement results of heart rate, blood pressure, and body temperature. That is, for example, when the heart rate, blood pressure, and body temperature measured by the heart rate sensor 312, the blood pressure sensor 313, and the temperature sensor 114 of the mobile terminal 3 are equal to or lower than the lower limit values of the normal state, the sleep state is determined. For example, when the heart rate and the blood pressure are equal to or higher than the upper limit of the normal state, it is determined as a stress state, and a state that is neither a sleep state nor a stress state is determined as a normal state.

  The mobile terminal 3 always acquires dynamic biometric information, and performs state determination based on biometric information for the last 30 seconds, for example.

  Next, the mobile terminal 3 replies the user status to the mobile terminal 2 via the short-range communication device 333 (S1014).

  The portable terminal 2 switches processing depending on whether or not the state of the user received via the short-range communication device 233 is a sleep state (S1005). When it determines with it being a sleep state, the portable terminal 2 is locked (S1010) and a process is complete | finished.

  Also, when the user does not wear the mobile terminal 3 or when there is no answer of the user status from the terminal device 3 to the mobile terminal 2, the mobile terminal 2 is locked and the process is terminated.

Steps S1006 to 1009, which are subsequent processes when it is determined that the user state is not the sleep state, are the same as steps S406 to 409 in FIG.

Incidentally, indicating when to allow permission level 1 and start of application of the authorization level 2 of S1007, a display example of the portable terminal 2 screen in FIG. 11 (B). In addition to the above-described permission level 1 application being activated, the schedule application, the mail application, the photo application, the telephone application, and the address book application can be activated because they are permitted level 2 applications. The icon color is different, indicating that it cannot be started.

Further, the S1008, when permitting the activation of all application permission level 1 to permission level 3 shows a display example of the portable terminal 2 screen in FIG. 11 (C). In addition to the above-mentioned permission level 1 application and permission level 2 application being able to start, the electronic money application and the net banking application are startable because they are permission level 3 applications, and all applications can be started. It shows that there is.

  In the present embodiment, the portable terminal 3 has been described as performing the user state determination. However, the portable terminal 3 does not perform the user state determination, and transmits measured values such as heart rate, blood pressure, and body temperature to the portable terminal 2. And the portable terminal 2 may perform a user's state determination.

  Further, the terminal device 2 may not perform user identity authentication, but the terminal device 3 may perform identity authentication by fingerprint authentication or the like, and transmit the authentication result to the terminal device 2 to control the lock of the terminal device 2. . At that time, the terminal device 3 may authenticate the person not by static biometric information such as fingerprints but by dynamic biometric information such as heartbeat waveforms and brain waves.

  In the present embodiment, an example in which there are two portable terminals is shown, but the number of portable terminals may be three or more, and the authentication function and the state determination function may be further separated. That is, the system composed of a plurality of portable terminals according to the present embodiment can be rephrased as an application software activation system composed of a plurality of information processing apparatuses.

  As described above, in this embodiment, as an application software activation method of an application software activation system including a plurality of information processing apparatuses, at least one information processing apparatus authenticates the identity of the user based on static biometric information of the user's body. Then, the dynamic biometric information acquired from the user's body by another information processing apparatus is compared with the dynamic biometric information measured in advance to determine the user's state, and the permission level set in advance for each application software Based on the determined user status, application software to be activated is limited.

  In addition, as an application software activation system including the first information processing apparatus and the second information processing apparatus, the first information processing apparatus includes a static biological information acquisition unit that acquires static biological information of the body, and an acquisition A personal authentication unit that compares the static biometric information that has been registered with the static biometric information registered in advance and authenticates the identity, a lock control unit that unlocks the mobile terminal by authentication of the personal authentication unit, and a plurality of application software An application activation unit that activates application software selected by the user, and a first communication unit that receives the user's state from the second information processing device. The dynamic biological information acquisition unit that acquires dynamic biological information from the body, the acquired dynamic biological information, and the dynamic biological information measured in advance are compared, and the state of the user is determined. And a second communication unit that transmits the determined user status to the first information processing device, and the application activation unit is configured based on a permission level set in advance for each application software. The application software to be activated is limited according to the user status received from one communication unit.

  Thus, in this embodiment, the same effects as in the first embodiment are obtained, and furthermore, a plurality of portable terminals are registered in advance with each other, and the authentication function and the state determination function of each person are assigned to each biometric information. Can be attached to a body part suitable for obtaining the device, and can be in the form of a portable terminal optimal for each function.

  FIG. 12 is a flowchart showing the app permission operation of the mobile terminal 1 according to the present embodiment. In FIG. 12, steps S1201 to S1204 are the same as steps S401 to S404 of FIG.

  In step S1205, the process is switched depending on whether the user is in a sleep state. When it determines with it being a sleep state, the portable terminal 1 is locked (S1210) and a process is complete | finished. If it is determined in step S1205 that the user's state is not a sleeping state, activation of all applications of permission level 1 to permission level 3 is permitted (S1208).

  However, the processing is switched depending on whether or not the user's state is a stress state (S1206). If it is determined that the user is in a stressed state, a caution screen is displayed when the user selects an application of permission level 3 (S1221), and is activated only when the user confirms. When it is determined that the user state is not a stress state (normal state), the caution screen is not displayed.

  For example, when activation of an application of permission level 3 such as an electronic money application or a net banking application is requested, an application software activation confirmation screen as shown in FIG. 13 is displayed on the display device 152.

  Steps S1209 to S1210 are the same as steps S409 to S410 in FIG.

  Note that the user's state determination may be performed based on other dynamic biological information such as an electroencephalogram and a sweat amount in addition to the heart rate, blood pressure, and body temperature.

  In the present embodiment, an example in which there is one mobile terminal is shown, but two or more mobile terminals may be used to separate the authentication function and the state determination function.

  With the above configuration, in this embodiment, the same effect as in the first embodiment can be obtained, and further, confirmation is performed at the time of starting a specific application in accordance with the user's state, and thus the person's judgment ability is suspected For example, it is possible to encourage reconsideration of the launch of a specific application.

  FIG. 14 is a flowchart showing the app permission operation of the mobile terminal 1 according to the present embodiment. 14, steps S1401 to S1403 are the same as steps S401 to S403 in FIG. 4, but a process of inputting a passcode (S1431 to S1433) is added.

  First, static biometric information is detected and personal authentication is performed. Static biometric information is acquired by the static biometric information acquisition unit 1110, and comparison with static biometric information 1031 registered in advance is performed by the personal authentication unit 1011. S1401). For example, if a fingerprint, which is static biometric information, is detected and the user is authenticated, and if it is determined that the fingerprint is the same as the registered fingerprint, the process proceeds to step S1431. The personal authentication may be performed by other biometric authentication such as vein authentication, face authentication, iris authentication, and retina authentication in addition to fingerprint authentication.

  Next, the processing is switched depending on whether there is a log of sleep state detection described later in the memory 103 (S1431). If there is no sleep state detection log, the process proceeds to step S1402, the lock control unit 1013 unlocks the portable terminal 1, and the application activation unit 1014 permits activation of the permission level 1 application (S1403).

  If there is a log of sleep state detection, the process proceeds to step S1432, and a passcode input request screen as shown in FIG. 15 is displayed. In step S1433, the input is performed from the user interface 1040 such as the operation device 104 or the voice input device 141. Only when the passcode, which is information other than the biometric information, matches a preset passcode, the process proceeds to step S1402. Note that the pattern lock may be released not by a passcode but by a finger trajectory.

  Steps S1404 to S1410 are the same as steps S404 to S410 in FIG. 4, but a process of recording a sleep state detection log (S1434) is added.

  If it is determined in step S1405 that the user's state is the sleep state, it is suspected that another person has contacted the mobile terminal 1 with the person's finger to perform the person authentication, and in step S1434, the person authentication is performed. The GPS receiving device 121 identifies the location information that is the location that was broken, records it in the log together with the time information, locks the portable terminal 1 (S1410), and ends the process. The log is recorded in the memory 103.

  In step S1434, a warning is further displayed on the display device 152, the incoming vibrator is operated, a picture or video is taken by the video input device 151, attached to the mail together with the log, and sent to a predetermined address. May be.

  In the present embodiment, an example in which there is one mobile terminal is shown, but two or more mobile terminals may be used to separate the authentication function and the state determination function.

  With the above configuration, in this embodiment, the same effect as in the first embodiment can be obtained, and further, when there is a possibility that another person has operated the mobile terminal, warning, photography, log recording, etc. Therefore, deterrence against eavesdropping of emails by family members and others can be expected. Further, when the log recording is performed, the pass code input is indispensable when the mobile terminal is unlocked next time, so that it is possible to prevent others from unlocking.

  FIG. 16 is a flowchart showing the app permission operation of the mobile terminal 1 according to the present embodiment. In FIG. 16, steps S1601 to S1603 are the same as steps S401 to S403 of FIG. 4 of the first embodiment, but a process of inputting a passcode (S1631 to S1633) is added.

  First, static biometric information is detected and personal authentication is performed. Static biometric information is acquired by the static biometric information acquisition unit 1110, and comparison with static biometric information 1031 registered in advance is performed by the personal authentication unit 1011. S1601). For example, when a fingerprint, which is static biometric information, is detected to perform personal authentication and is determined to be the same as the registered fingerprint, the process proceeds to step S1631. The personal authentication may be performed by other biometric authentication such as vein authentication, face authentication, iris authentication, and retina authentication in addition to fingerprint authentication.

  Next, the process is switched depending on whether or not there is a period during which dynamic biological information cannot be measured after the mobile terminal 1 is unlocked last time (S1631). If there is no unmeasurable period, the process proceeds to step S1602, where the lock control unit 1013 unlocks the mobile terminal 1, and the application activation unit 1014 permits the activation of the permission level 1 application (S1603).

  If there is a non-measurable period, there is a possibility that another person wears the mobile terminal 1 and then the mobile terminal 1 is brought into contact with the person's finger to authenticate the person. A pass code input request screen is displayed, and the process proceeds to step S1602 only when it matches the preset pass code in step S1633. The pattern lock may be released not by the passcode but by the finger trajectory.

  Steps S1604 to S1610 are the same as steps S404 to S410 in FIG.

  In the present embodiment, an example in which there is one mobile terminal is shown, but two or more mobile terminals may be used to separate the authentication function and the state determination function.

  With the above configuration, the present embodiment can obtain the same effects as those of the first embodiment. Further, when the mobile terminal is detached, it is necessary to input a passcode when unlocking the mobile terminal next time. Therefore, it is possible to prevent others from releasing the lock.

  FIG. 17 is a flowchart showing the app permission operation of the mobile terminal 1 according to the present embodiment. In FIG. 17, Steps S1701 to S1710 are the same as Steps S401 to S410 of FIG. 4 of the first embodiment, but a process of switching applications (S1741) according to the current position is added.

  In step S1706, the process is switched depending on whether or not the user is in a stressed state. If it is determined that the application is in the stress state, the activation of the permission level 1 and permission level 2 applications is permitted (S1707). If it is determined that it is not in a stress state (normal state), the processing is switched depending on the current position of the mobile terminal 1 (S1741). The current position is specified by the GPS receiving device 121. If the current position is a predetermined position set in advance, activation of all applications of permission level 1 to permission level 3 is permitted (S1708). The predetermined position is, for example, a home or a company. If the predetermined position is not set in advance, the activation of the permission level 1 and permission level 2 applications is permitted (S1707).

  Alternatively, the activation of all applications of permission level 1 to permission level 3 may be permitted only at a predetermined time set in advance.

  Alternatively, the user's face photograph may be registered, the face may be photographed by the video input device 151, and activation of all applications of permission level 1 to permission level 3 may be permitted only when the person can be recognized. Alternatively, activation of all applications of permission level 1 to permission level 3 may be permitted only when the person can be recognized and the presence of a person other than the person in the surroundings cannot be recognized.

  Note that the user's state determination may be performed based on other dynamic biological information such as an electroencephalogram and a sweat amount in addition to the heart rate, blood pressure, and body temperature.

  Further, although an example in which the number of mobile terminals is one is shown in this embodiment, the authentication function and the state determination function may be separated by using two or more mobile terminals.

  With the above configuration, the present embodiment can obtain the same effects as those of the first embodiment, and further, allows the activation of a specific application only at a safe position set in advance by the principal. It is possible to limit the activation of the application at the place.

  The above-described embodiments have been described in detail for easy understanding of the present invention, and are not necessarily limited to those having all the configurations described. Further, a part of the configuration of one embodiment can be replaced with the configuration of another embodiment, and the configuration of another embodiment can be added to the configuration of one embodiment. Further, it is possible to add, delete, and replace other configurations for a part of the configuration of each embodiment.

  Each of the above-described configurations, functions, processing units, processing means, and the like may be realized by hardware by designing a part or all of them with, for example, an integrated circuit. Each of the above-described configurations, functions, and the like may be realized by software by interpreting and executing a program that realizes each function by the processor. Information such as programs, tables, and files for realizing each function can be stored in a memory, a hard disk, a recording device such as an SSD (Solid State Drive), or a recording medium such as an IC card or an SD card.

  Further, the control lines and information lines indicate what is considered necessary for the explanation, and not all the control lines and information lines on the product are necessarily shown. Actually, it may be considered that almost all the components are connected to each other.

1, 2, 3 ... mobile terminal, 5 ... base station, 6 ... network, 7 ... router, 101 ... CPU,
102 ... System bus, 103 ... Memory, 104 ... Operating device,
105 ... expansion interface, 111 ... fingerprint sensor, 112 ... heart rate sensor,
113 ... Blood pressure sensor, 114 ... Temperature sensor, 121 ... GPS receiving device,
122 ... Acceleration sensor, 123 ... Gyro sensor, 124 ... Geomagnetic sensor,
125 ... Proximity sensor 131 ... Mobile communication device 132 ... LAN communication device
133: Near field communication device, 141 ... Audio input device, 142 ... Audio output device,
151 ... Video input device, 152 ... Display device, 1010 ... Control unit,
1011 ... Identity authentication unit, 1012 ... State determination unit, 1013 ... Lock control unit,
1014: Application activation unit, 1030: Storage unit, 1031: Static biometric information,
1032 ... Dynamic biometric information, 1033 ... Application,
1034 ... permission level table, 1040 ... user interface,
1110: Static biometric information acquisition unit, 1120 ... Dynamic biometric information acquisition unit, 1310 ... Communication unit

Claims (5)

A system comprising a first information processing terminal and a second information processing terminal,
The first information processing terminal
A dynamic biological information acquisition unit for acquiring dynamic biological information from the user's body;
A first communication unit that transmits the dynamic biological information acquired by the dynamic biological information acquisition unit;
With
The second information processing terminal is
A static biological information acquisition unit for acquiring static biological information;
An authentication unit for authenticating that the person is a registered person based on the acquired static biometric information;
A second communication unit that transmits an authentication result by the authentication unit to the first information processing terminal or receives dynamic biometric information transmitted by the first communication unit of the first information processing terminal; ,
A state determination unit that determines a user's state based on the dynamic biological information received by the second communication unit ;
A display unit,
The first information processing terminal
The authentication result by the authentication unit of the second information processing terminal is received by the first communication unit,
Control to unlock based on the received authentication result,
Even after the unlocking, the dynamic biological information acquisition unit continuously acquires dynamic biological information,
When the dynamic biological information can be continuously acquired , control is performed so that the unlocked state continues ,
The second information processing terminal is
The dynamic biometric information continuously acquired and transmitted by the first information processing terminal is received by the second communication unit, and the user determined by the state determination unit based on the received dynamic biometric information And controlling to display a display corresponding to the determination result of the state on the display unit. The system of claim 1, comprising:
The dynamic biometric information acquired by the dynamic biometric information acquisition unit is any one of heart rate, blood pressure, body temperature, electroencephalogram, and sweating amount . The system according to claim 1 or 2, wherein
The second information processing terminal has a function of restricting usable application software according to a determination result of a user state determined by the state determination unit based on the received dynamic biometric information. Feature system . The system according to any one of claims 1 to 3,
The system in which the first communication unit and the second communication unit exchange information with each other by wireless communication using Bluetooth . The system according to any one of claims 1 to 3,
The system in which the first communication unit and the second communication unit transmit and receive information to and from each other by wireless communication using Wi-Fi .

Images