JPH10243105A - Access authentication system for voice information service - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide the information service possessed by a computer to a normal user by controlling an exchange so as to provide the information possessed by the computer on voice basis to a telephone terminal after the telephone terminal is authenticated. SOLUTION: A line switch section 12c receives an incoming call leading to a specific computer that serves an information service and is connected to a LAN 14 from a telephone terminal via a line interface 12a. An authentication section 12e receives name information in the call and returns a resulting voice signal to the user. The authentication section 12e receives a password and returns the resulting voice signal to the user and sends a signal denoting successful authentication to the line switch section 12c. Then the line switch section 12c transfers all voice signals from the user to a service control section 12f. Upon the receipt of all the voice signals from the user, the service control section 12f executes decision of a service from a specific computer, issue of a request to the computer serving the service and return of the result of the service to the telephone terminal.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an audio system for adding a function of controlling a user's access to a service by a user authentication based on voiceprint determination to a system in which a telephone terminal can access a service provided by a computer on an audio basis. The present invention relates to an access authentication system for an information service.

[0002]

2. Description of the Related Art As is well known, in an information system, a computer is accessed by voice using a telephone terminal.
It has become possible to receive specific information services provided by computers. This information system needs to be controlled so that only a specific user can access it from the viewpoint of security.

As a control method, in a method using a personal identification number, which is a typical method, a user must input his / her own ID number or personal identification number each time the computer is accessed. For this reason, there is a possibility that the user may forget the ID number or the password, or may be eavesdropped.

[0004] As another method, it is conceivable to determine whether a user who has accessed by voiceprint determination is a truly registered person.
Depending on the situation, sufficient quality may not be ensured. In such a situation, there may be a case where the authentication cannot be passed even though the registered regular user intends to use it. Then, there arises a problem that the reliability of service provision to authorized users is impaired.

[0005]

As described above, in the conventional information system, if a legitimate user requests access to the computer by voiceprint using a telephone terminal, authentication may not be able to be passed. However, there is a problem that the reliability of service provision to authorized users is impaired.

SUMMARY OF THE INVENTION An object of the present invention is to provide a voice information service access authentication system in which an authorized user who uses a telephone terminal can be reliably authenticated and an information service possessed by a plurality of types of computers can be provided. It is in.

[0007]

A voice information service access authentication system according to the present invention samples voice with sufficient quality for voiceprint determination, converts the voice into digital voice data, and transmits the voice data. A terminal having means for transmitting and receiving information, a computer for providing each information, a telephone terminal accommodated through a circuit switching network, and a computer connected through a computer network or a serial line. A switching device having a function of registering a specific computer or a telephone number dedicated to a specific service provided by the switching device, and a user connected to the switching device and having access to the computer. Voice data is stored in advance, and an incoming call from a telephone terminal to a specific computer arrives at the exchange. In this case, the voice data of the user is received from the telephone terminal, and when the received voice data of the user on the telephone terminal side matches the registered voice data as a voiceprint, the telephone terminal is identified. Authentication means for authenticating access to the computer, and when the authentication means gives authentication to the telephone terminal, causes the telephone terminal to access a specific computer or a specific service provided by the telephone terminal; Service control means for controlling the switching device so that the information held by the computer is provided on a voice basis.

[0008] According to this configuration, it is possible to control so that only a specific user can access the telephone terminal, and it is possible to secure the security of the system. In this case, the authentication can be surely passed, and an information service of a plurality of types of computers can be provided to an authorized user.

[0009]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 shows a system outline of the present invention. In FIG. 1, reference numeral 11 in the figure denotes a premises, and a switching device 12 is provided therein. The switching device 12 accommodates, in the premises 11, a premises wired line 13 as a line communication network and a local area network (hereinafter, referred to as LAN) 14 as a computer network. An extension telephone Te is connected to the premises wired line 13.
11 to Teln and the local wireless base stations CS1 to CSm are connected. In addition, a server 15, computer terminals PC1 to PCr, and a mail server 16 are connected to the LAN 14. The switching device 12 may connect at least one of the server 15, the computer terminals PC1 to PCr, and the mail server 16 by a serial line instead of the LAN 14.

The switching unit 12 accommodates a wireless base station 18 via a public network 17 which is a line communication network. The wireless base station 18 is connected to a telephone terminal 19 such as a cordless telephone via a wireless channel in a wireless zone formed by the wireless base station 18.

That is, the switching device 12 is connected to the telephone terminal 19
, The extension telephones Tel1 to Teln and the local radio base stations CS1 to CSm connected to the radio base station 18 to which the telephone terminal 19 is connected and the local wired circuit 13 are connected.
Is connected alternatively.

FIG. 2 shows details of the switching device 12 according to an embodiment of the present invention. That is, the switching device 12 includes line interfaces 12a and 12b, a line switch unit 12c, a LAN interface 12d, an authentication unit 12e, a service control unit 12f, a buffer 12g, and a voice packetizing unit 12h. The line interface 12a is an ISDN (Integrated Services Digital Network) which is a digital telephone line accommodated in the public network 17.
etwork) to connect to the switching equipment 12, and to switch the call control signal received from the telephone terminal 19 to the line switch unit 12c.
And sends the call control signal from the line switch unit 12c to the telephone terminal 19. The line interface 12
a connects to an authentication unit 12e for authenticating the telephone terminal 19.

The line interface 12b is used to connect the private line 13 to the switching equipment 12, and is used for the extension telephones Tel to Teln or the radio base stations CS1 to CS1.
m, and sends a call control signal received from a telephone terminal or the like connected to the line switch unit 12c to the line switch unit 12c. The call control signal from the line switch unit 12c is connected to the extension telephones Tel to Teln or the radio base stations CS1 to CSm. Send it to a telephone terminal or the like.

The line switch unit 12c is a switch for connecting the line interfaces 12a and 12b, the service control unit 12f, and the buffer 12g. The line switch unit 12c is provided with a CPU (Central Processing Unit).
It), which controls the operation of each interface and each circuit, and further has a dedicated telephone number database (not shown) for using an information service from the public network 17.

The service control unit 12f is connected to the LAN interface 12d, and the buffer 12g is connected to the LAN interface 12d via the voice packetizing unit 12h.
It is connected to the.

The LAN interface 12d is used to connect the switching device 12 and the LAN 14, and the server 1
5, the service control unit 12f receives the call control signal received from the computer terminals PC1 to PCr or the mail server 16.
And a function of sending voice data to the voice packetizer 12h, and a service control signal from the service controller 12f to the server 15, the computer terminals PC1 to PC
to the mail server 16 or to the voice packetizer 1
It has a function of transmitting the audio signal from 2h to the LAN 14.

The voice packetizing unit 12h converts a packet of voice data received from the LAN interface 12d into a format to be transmitted to the line switch unit 12c and transmits the packet.
The voice data from the line switch unit 12c is converted into a packet and transmitted to the LAN interface 12d.

That is, when the line interface 12a receives an incoming call from the telephone terminal 19 to a specific computer that provides an information service connected to the LAN 14, the line switch 12c requests the authentication unit 12e for authentication. The authentication unit 12e receives the name described by the user of the telephone terminal 19 as voice data, and returns a voice of the result (whether or not the authentication has been approved) to the user via the line interface 12a.

Next, the authentication unit 12e receives the personal identification phrase described by the user on the telephone terminal 19 side as voice data, returns the resulting voice to the user side via the line interface 12a, and determines that the authentication is OK. In this case, an authentication OK signal is sent to the line switch unit 12c via the line interface 12a.

Thereafter, the line switch section 12c transfers all voices from the user to the service control section 12f. When the service control unit 12f receives all the voices from the user, the service control unit 12f determines a service from a specific computer to be provided to the user, issues a request to the computer that provides the service, and outputs a service result to the telephone terminal 19.
Perform a return to the side.

FIG. 3 shows the details of the authentication section 12e. That is, the authentication unit 12e includes the input terminals 12e1,
Speech recognition unit 12e2, secret phrase database 12e3
Output terminal 12e4, input terminal 12e5, voiceprint comparison unit 12
e6 and an output terminal 12e7. In addition,
The voice authentication unit 12e2 records the name of the user in advance. The password phrase database 12e3 stores a table (not shown) in which the user's name is associated with the password phrase in advance.

That is, the voice data of the name described by the user supplied to the input terminal 12e1 is transmitted to the voice authentication unit 12e.
2 is supplied. The voice authentication unit 12e2 compares the input voice data of the name with the voice data of the name recorded in advance, and sends the voice data of the name to the personal identification phrase database 12e3 when they match based on the comparison result. And
At the same time, a voice prompting to utter a password is output to terminal 1.
2e4. In addition, when the voice data of the name does not match, the voice authentication unit 12e2 sends out a voice prompting the user to restate the name to the output terminal 12e4.

When password data of a name is given from the voice authentication unit 12e2, the password phrase database 12e3 sets a flag for a password phrase corresponding to the name. On the other hand, the voice data of the password phrase described by the user supplied to the input terminal 12e5 is supplied to one input terminal of the voice print comparing unit 12e6.

The voiceprint comparing unit 12e6 compares the input speech data of the password phrase with the password data of the password phrase stored in the password phrase database 12e3, and when they match, an authentication OK signal and a voice for transmitting the signal. Output terminal 12
e7. If they do not match, an authentication NG signal and a voice for transmitting the signal are sent to the output terminal 12e7.

FIG. 4 is a flow chart for explaining the operation of the line switch section 12c in the switching device 12 when the access to the information service of the computer is authenticated.

That is, when a call is received from a user of the telephone terminal 19 to a specific computer (step S1).
1) In step SS12, the line switch unit 12c in the switching device 12 retrieves the received telephone number from the information service telephone number database, and in step S13,
It is determined whether there is a telephone number. If the telephone number is found (YES), the line switch unit 12c
In step S14, the user of the telephone terminal 19 is prompted to utter the name, and in step S15, voice data of the name is received from the telephone terminal 19, and it is determined whether the name is correct. In this case, the line switch unit 12c requests the voice authentication unit 12e2 in the authentication unit 12e to determine whether the input name is correct (recognized as a registered name).

If the name is not recognized (N
O) In step S19, the line switch unit 12c determines whether or not the telephone terminal 19 has disconnected the call. If it is determined that the call has been disconnected (YES), step S20.
Then, if cutting is not performed (NO), the process returns to step S14. If the name has been authenticated (YES), the line switch unit 12c prompts the user of the telephone terminal 19 to utter a password in step S16, and in step S17, the voice data of the password is transmitted from the telephone terminal 19 to the user. Then, it is determined whether or not the voice data of the password matches the voice data of the password stored in advance. In this case, the line switch unit 12c
It requests the voiceprint comparing unit 12e6 of the authentication unit 12e to determine whether the input speech data of the password matches the voice data of the password stored in advance.

If it is determined that they do not match (N
O), similarly to step S19, the line switch unit 12c performs a disconnection process when the telephone terminal 19 disconnects the call, and again executes step S when the telephone terminal 19 has not disconnected.
The process proceeds to the process of No. 16 and when it is determined that they match (YE
S), an authentication process is executed in step S18, and an authentication OK signal is sent to the telephone terminal 19.

If it is determined in step S13 that the telephone number is not an information service exclusive number (NO), the line switch unit 12c performs a normal telephone call process with the telephone terminal 19.

Next, an example in which an information service is provided from a specific computer connected to the LAN 14 to the telephone terminal 19 will be described. That is, the line switch unit 12c in the switching device 12 is provided with a service management table in which information services and their ID numbers are associated with each information service dedicated telephone number, as shown in FIG. 5, for example.
The operation of the line switch unit 12c will be described with reference to the flowchart shown in FIG.

That is, upon receiving an incoming call from a user of the telephone terminal 19 to a specific computer that provides an information service (step S21), the line switch unit 12c
In step S22, the telephone number of the specific computer is searched from the service management table, and in step S23
Then, it is determined whether or not authentication has been obtained. Then, when the authentication is received (YES), the line switch unit 12c executes an authentication process for the user in step S24 to permit access to the service, and in step S25, pushes the service type ID number with a push sound. Prompt the user for input.

Then, the user on the telephone terminal 19 side inputs and transmits the ID number of the desired service with a push tone, and thereafter, the line switch unit 12c proceeds to step S2.
At 6, it is determined whether a service has been designated. Here, when the service is specified (YES), the line switch unit 12c requests the service control unit 12f to issue a request to the computer that provides the specified service in step S27, and sends the processing result of the computer. It requests the audio packetizer 12h to receive it, convert it to audio, and return it to the user.

Next, an example of a voice reading service for unread mail to a user of the telephone terminal 19 will be described.
That is, when the user of the telephone terminal 19 makes a call to the ID number N to the mail service and obtains the authentication, the exchange device 1
The second line switch unit 12c performs a user authentication process. Here, the line switch unit 12c searches the service management table and determines that the destination is the mail server 16. After that, the service control unit 12h requests the mail server 16 for the mail addressed to the user,
The text data is received by the interface 12d.

The voice packetizing unit 12h converts the received text data into voice data, and transmits the voice data to the telephone terminal 19 via the buffer 12g, the line switch unit 12c, and the line interface 12a.

Thus, the user of the telephone terminal 19 can
By dialing the telephone number 3000, for example, from outside, the contents of the mail can be heard by voice. FIG. 7 shows details of a switching device 21 according to a second embodiment of the present invention.

In FIG. 7, the same parts as those in FIG. The difference from FIG. 7 is that the authentication unit 12 e and the service control unit 12 f provided in the switching device 12 are connected on the LAN 14. That is, the switching device 21 includes the line interfaces 12a and 12a.
b, line switch section 12c, LAN interface 12
d, a buffer 12g and an audio packetizer 12h. An authentication server computer 22 is connected to the LAN 14.

The authentication server computer 22 includes a LAN interface 22a, an authentication unit 22b, and a service control unit 22c.
It consists of. LAN interface 22a
Connects the authentication unit 22b and the service control unit 22c, and is further connected to the LAN 14.

That is, upon receiving an incoming call from the telephone terminal 19 to a specific computer connected to the LAN 14 for providing an information service, the line switch unit 12c in the switching device 21 receives the buffer 12g and the voice packetizing unit 12h.
And requests authentication to the authentication server computer 22 on the LAN 14 via the LAN interface 12d. Then, the voice packetizing unit 12h converts the name and the password described by the user into a voice packet based on the command from the line switch unit 12c, and transmits the voice packet to the authentication server computer 22 via the LAN interface 12d. The voice packetizer 12h converts voice packets from the authentication server computer 22 into voice data, and stores the voice data in the buffer 12
g, line switch unit 12c and line interface 12
A is transmitted to the user on the telephone terminal 19 side via a.

On the other hand, the authentication unit 2 in the authentication server computer 22
2b compares the authentication phrase stored corresponding to the user's name with the received voice data, and executes an authentication process according to the comparison result.

When the line switch unit 12c receives the authentication OK signal from the authentication server computer 22, the line switch unit 12c converts all the voices from the user into a voice packet, and transfers the voice packet to the service control unit 22c of the authentication server computer 22. Request to the conversion unit 12h.

Thereafter, upon receiving all voices from the user, the service control unit 22c determines a service to be provided to the user from a specific computer, issues a request to the computer providing the service, and returns a service result. Run.

FIG. 8 is a flowchart for explaining the operation of the line switch section 12c in the switching device 22 when the computer accesses the information service.

That is, when a call is received from a user of the telephone terminal 19 to a specific computer and a specific telephone number is searched from the information service telephone number database (step S41), the line switch unit 12c proceeds to step S42. Then, an authentication request is issued to the authentication unit 22b of the authentication server computer 22, and in step S43, the user of the telephone terminal 19 is urged to utter the name. If the voice data of the user's name is received in step S44 (YES), the line switch unit 12c proceeds to step S4.
In step S5, the voice packetizing unit 12h requests the voice packetizing unit 12h to voice-packet the received voice data of the user's name and send it to the authentication unit 22b. In step S46, the user of the telephone terminal 19 utters a password. Prompt.

The line switch unit 12c determines in step S47
Then, it is determined whether or not a password phrase has been received from the telephone terminal 19, and if the password phrase has been received (YES), the password packetization unit converts the password phrase into a voice packet and sends it to the authentication unit 22b. Request to 12h. If the password has not been received (NO), the line switch unit 12c performs a disconnection process when the telephone terminal 19 disconnects the telephone call. If not, the line switch unit 12c returns to the process of step S46 again. Transition.

Thereafter, in step S49, the line switch unit 12c determines whether or not the authentication is successful from the authentication unit 22b of the authentication server computer 22. If the authentication is OK (YES), in step S50, The voice packetizing unit 12h is requested to voice-packet all voices from the user and to transfer the voice-voice to the service control unit 22c.

If the user's name has not been input in step S44 (NO), the line switch unit 12c determines in step S51 whether the telephone terminal 19 has disconnected the call, and the connection has been disconnected. In this case (YES), the disconnection process is performed in step S52, and if the disconnection has not been made (NO), the process returns to step S43.

FIG. 9 shows details of the telephone terminal 19 used in each of the above embodiments. In FIG. 9, for example, a telephone terminal 19 such as a PHS (Personal Handy phone System) terminal includes, for example, a data transmission unit 191, a data buffer 192, a voice conversion unit 193, and a microphone 19.
4. That is, when the user who owns the telephone terminal 19 puts sound into the microphone 194, the sound is converted by the sound conversion unit 193 into a digital signal sampled with sufficient quality for voiceprint determination. Then, the digital signal output from the audio conversion unit 193 is
The data is transmitted by the data transmission unit 191 via the data buffer 192.

When data from the other party is supplied to the data transmission section 191, the data is converted into voice by the voice conversion section 193 via the data buffer 192. As described above, according to each embodiment, the voiceprint of the user, that is, the password phrase is registered in the exchange device in advance,
When a user of the telephone terminal 19 requests an information service from a specific computer connected to the LAN 14, the entered password and the registered password are compared, and based on the comparison result, Since authentication is given to the user, it is possible to control so that only a specific user can access, and to secure the security of the system.

Further, since the telephone terminal 19 converts the voice of the user into digital data sampled with a quality sufficient for voiceprint determination, when the authorized user registered in the exchange uses the authenticated data, the authentication is reliably performed. Can be passed, and information services possessed by a plurality of types of computers can be provided to authorized users.

In each of the above embodiments, the telephone terminal 19 connected to the exchange 12 via the public network 17 has been described. However, the extension telephones Tel1 to Teln connected to the private line 13 of the private campus 11, etc. It goes without saying that the same can be performed for

[0051]

As described in detail above, according to the present invention,
It is possible to provide a system for authenticating access to a voice information service capable of providing an information service possessed by a plurality of types of computers by reliably authenticating a legitimate user using a telephone terminal.

[Brief description of the drawings]

FIG. 1 is a diagram showing an overall system configuration of a voice information service access authentication system according to the present invention.

FIG. 2 is a block diagram showing a specific configuration of the switching device according to the embodiment of the present invention;

FIG. 3 is a block diagram showing details of an authentication unit according to the embodiment;

FIG. 4 is an exemplary flowchart for explaining the operation of the line switch unit of the switching device when performing access authentication to the computer according to the embodiment;

FIG. 5 is a diagram showing a service management table in which the information service and its ID number are associated with each other for the information service dedicated telephone number in the embodiment;

FIG. 6 is an exemplary flowchart illustrating the operation of the line switch unit of the switching device when the information service is provided from the specific computer to the telephone terminal in the embodiment.

FIG. 7 is a block diagram showing a specific configuration of an exchange device and an authentication server computer according to a second embodiment of the present invention.

FIG. 8 is a flowchart for explaining the operation of the line switch unit of the switching device when performing access authentication to a computer according to the second embodiment;

FIG. 9 is a block diagram showing a specific configuration of a telephone terminal used in the first and second embodiments.

[Explanation of symbols]

 12, 21 ... exchange device, 12c ... line switch unit, 12e, 22b ... authentication unit, 12e1, 12e5 ... input terminal, 12e2 ... voice authentication unit, 12e3 ... password database, 12e4, 12e7 ... output terminal, 12e6 ... voiceprint comparison Units 12f, 22c: Service control unit, 14: LAN, 15: Server, 16: Mail server, 17: Public network, 19: Telephone terminal, 22: Authentication server computer, PC1 to PCr: Computer terminal.

Continued on the front page (51) Int.Cl. ⁶ Identification code FI H04L 12/58 H04L 11/20 101B H04M 11/00 303 H04Q 11/04 R H04Q 11/04

Claims (4)

[Claims] 1. A telephone terminal having means for sampling voice and converting it into digitized voice data by sampling at a quality sufficient for voiceprint determination and transmitting the voice data, and having a function of transmitting and receiving information. A computer for providing the information of the above, a device for accommodating the telephone terminal via a line communication network, and an accommodation for accommodating the computer via a computer network or a serial line. A switching device having a function of registering a telephone number dedicated to a service; and means connected to the switching device, wherein data of a voice of a user who can access the computer is stored in advance and specified from the telephone terminal. When an incoming call to the computer arrives at the switching device, data of a user's voice is transmitted from the telephone terminal. And when the received voice data of the user on the telephone terminal side matches the registered voice data as a voiceprint, authenticates access to the specific computer to the telephone terminal. Authentication means, when authentication is given to the telephone terminal by the authentication means, allows the telephone terminal to access a specific computer or a specific service provided by the computer, A service control unit for controlling the switching device so as to provide the information to be provided on a voice basis. 2. The apparatus according to claim 1, wherein the authentication unit stores user identification information accessible to the computer and a voiceprint thereof in advance in association with the voiceprint, and receives a call from the telephone terminal to a specific computer. Receiving means for receiving, from the telephone terminal, user identification information and voice data including the voiceprint when the mobile phone arrives at the apparatus; and storing a voiceprint corresponding to the user identification information received by the receiving means in the voiceprint storage means. Voiceprint determining means for determining whether the voiceprint matches the voiceprint corresponding to the identified user identification information, and when the voiceprint matches, the telephone terminal authenticates access to the specific computer or a specific service provided by the computer. 2. The system for authenticating access to a voice information service according to claim 1, wherein: 3. The system according to claim 1, wherein said authentication means and said service control means are built in said switching device. 4. The system according to claim 1, wherein said authentication means and said service control means are connected to said computer network.