EP2691940B1 - Management of access rights to operating and/or control data from buildings or building complexes - Google Patents

Management of access rights to operating and/or control data from buildings or building complexes Download PDF

Info

Publication number
EP2691940B1
EP2691940B1 EP12709625.3A EP12709625A EP2691940B1 EP 2691940 B1 EP2691940 B1 EP 2691940B1 EP 12709625 A EP12709625 A EP 12709625A EP 2691940 B1 EP2691940 B1 EP 2691940B1
Authority
EP
European Patent Office
Prior art keywords
user
building
access rights
communication
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP12709625.3A
Other languages
German (de)
French (fr)
Other versions
EP2691940A1 (en
Inventor
Adrian Bünter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inventio AG
Original Assignee
Inventio AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inventio AG filed Critical Inventio AG
Priority to EP12709625.3A priority Critical patent/EP2691940B1/en
Priority to PL12709625T priority patent/PL2691940T3/en
Publication of EP2691940A1 publication Critical patent/EP2691940A1/en
Application granted granted Critical
Publication of EP2691940B1 publication Critical patent/EP2691940B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/38Individual registration on entry or exit not involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration

Definitions

  • the invention relates to a system for managing access rights to operating and / or control data of buildings or building complexes. Furthermore, the invention relates to a method for operating such a system.
  • the access rights are usually assigned and managed for the individual systems or components. As a rule, this is an access of an authorized awarded and managed. As a rule, an access by an authorized user takes place via the interfaces provided by the building operator to the respective systems or installations.
  • the US 2002 099945 A1 discloses a system for door access controls and key management.
  • a door lock / control component is assigned to each shaft door. Such components are interconnected for communication via a communication network.
  • a key management system is for storing an identification code which is provided as a key for a single user.
  • the door lock / control member serves to read the user's key and check if that key has access to a landing door and operates that door in response to this access authorization. In this case, however, a user is only granted access rights to various doors of a building complex on the basis of an identity
  • the invention is based on the object of enabling a central service for enabling data access to one or more buildings.
  • a system for managing access rights to operating and / or control data of buildings or building complexes comprising: a first server for a building authorization service with at least one authorization database for storing user-specific access rights for specific buildings or building complexes, a second communication release service server having an authentication database for storing users registered in the system, the authentication database comprising a list of all users having user specific access rights, the list containing, for each user having access rights, the buildings or building complexes for which the User has access rights, wherein the communication release service for releasing a communication of a user with those for him in the list behind ten buildings or building complexes is provided and wherein the building authorization service to release the specific access rights for the user on operating and / or control data of the building or building complex is provided based on the stored in the authorization database access rights.
  • the object is further achieved by a method for operating a system for managing access rights to operating and / or control data of buildings or building complexes, in which a running on a first server communication release service communication of a user logged in with an identity with the for him in a list of stored buildings or building complexes, if its identity matches an identity stored in the list, and a building automation service running on a second server after the release of the communication by the communication release service grants the user specific access rights to the building's operation and / or control data or Building complex based on stored in an authentication database
  • the invention is based on the recognition that it is advantageous to provide access rights to building-specific data via a system in which the authentication of a user who wishes to have access to the data is separate from the specific access rights stored for the corresponding user.
  • the authentication of a registered user can be done in a simple manner via an application, for example via a web application provided by a service provider.
  • the service that regulates the authentication of the user does not require any special information as to which specific data or data sources the user has access to. Likewise, no information is needed about the specific role that the user fills in the system.
  • the authentication service merely has to determine whether the user has been registered at all and authorized for access, ie communication with a specific building or building complex. The operator of the system does not need to have any trustworthy data.
  • the trusted data can be managed directly in the building management.
  • the users registered in the system with their identity and also their role, i. which function they are allowed to perform and what they are allowed to do with the data released for communication. Likewise, it is stored, which extent of access rights they have.
  • the specific data maintenance can thus be carried out independently by the building management on site.
  • a user logon of the system can be made centrally via the authorization service for the respective buildings registered in the system.
  • the access of users to various buildings or building complexes that are managed in the system can be made possible in a simple manner.
  • the user thus has the ability to access different buildings from different owners and retrieve operational data there, as well as to perform operations such as data updating, through a single identity with which he is deposited in the system.
  • the system is advantageous because, for example, a service technician receives access to diagnostic data of different buildings or building complexes via a single logon in the system. This allows a service technician, for example, before his visit to a single site Application query the condition of certain system components in the different buildings and already take the necessary measures in advance, or order needed spare parts.
  • the system provides easy and consistent access to the building-specific data and easy management of the necessary access rights to multiple buildings or building complexes.
  • An advantageous embodiment of the invention consists in that the communication release service runs on a central server and is provided for the release of the communication of registered users for several buildings or building complexes, each building or each building complex has its own, decentralized server for the building authorization service and between the central server and the remote server, a communication connection is provided. If a user of the system logs on with his identity to the communication release service on the central server, then it merely has to be checked whether access rights to one or more buildings or building complexes exist at all. If this is the case, a message is sent from the central server to the remote server that has the user's specific access rights.
  • the communication can also be released for several buildings or building complexes.
  • the decentralized server it is then merely determined which specific access rights exist for the logged on user and released for communication, and then this data is then released for communication.
  • a further advantageous embodiment is that the communication release service has at least one data interface for receiving identities, the user stored in an authorization database of a building authorization service with user-specific access rights.
  • the users are stored with their user-specific access rights on the decentralized server or the authorization database of the decentralized server. In doing so, users are provided with their identity, their role and the amount of data they are allowed to access.
  • the identity of the user can now be received via the data interface of the communication release service from the communication release service and stored in the list in which the identities of the users with access rights are stored. In this way it is ensured that the user identity stored in the communication release service is identical to the user identity stored in the authorization database of the corresponding building or building complex for the user.
  • the data interface can in this case be designed such that a message sent by the decentralized server can be received directly with the identity of the user and the recognition of the building, for example via the Internet. It is also conceivable that the data interface is designed so that, for example, a communication with a mobile phone, wherein the mobile phone transmits its identity and this identity is deposited at the same time as the identity of the user in the system on both the authorization database and the authentication database.
  • the communication release service may have multiple interfaces that allow the reception of sent identities from different communication media. Overall, all identities received via such interfaces are stored in the list.
  • a further advantageous embodiment consists in that the communication release service has a user interface for registration by a user by means of an identity. The user must thereby use only the one identity that has been assigned to him by the building authorization service or that corresponds to the identity of his mobile telephone.
  • the application advantageously takes place centrally via an application which is provided by the communication release service. So the user always has the same "look and feel" and easy interaction with the system is possible.
  • a further advantageous embodiment is that the user interface is provided for providing a user environment adapted to the user-specific access rights.
  • the remote server or building authorization service sends information indicating which of the user-specific environments available in the system is most suitable for operating the system. For example, depending on the role of a user, either provided a surface on which only data can be read by the user.
  • the interface may be static, so that the user has no opportunity to gain more knowledge than those provided by the building management.
  • the user interface may also be dynamic and allow for user interaction so that it can navigate in different hierarchies of the operational data structure.
  • the user interface can be designed so that the user is allowed to manipulate or manipulate the data.
  • the user can change thresholds via the system, but it is also conceivable that the user can load software updates. It is advantageous here that the user-specific user environment is provided only when the communication is also enabled for the user and the system knows which user interface is the user interface suitable for its access rights.
  • the various user interfaces themselves are provided exclusively by the communication release service and are also stored there only.
  • the building authorization service only needs to report which user interface is appropriate for the role or scope that the user is claiming.
  • the communication release service thus does not need to have the confidential data of the individual users for the provision of the user-specific user interface. Again, all that suffices is the identity and the subsequent transmission of the preferred user interface by the building authorization service. As a result, a simple handling of the user interface by the operator of the service is possible.
  • the user interfaces can be designed centrally and also changed.
  • a further advantageous embodiment consists in that the user interface when registering by a user is already provided for providing a selection of user-specific roles.
  • the user can thereby immediately restrict which of the various applications for the communication with the building-specific data is useful or necessary for him. He can already select on the user interface if he is merely a visitor, if he needs access to control data, if he wants to change something in an elevator configuration, if he only wants to know about the performance of the system by means of a scorecard containing the metrics be registered, want to be informed. He can alternatively indicate whether he would like to carry out a remote maintenance. In all of these specific applications, the user will only be provided with data corresponding to his selected current role.
  • the system 1 for managing access rights to operating and / or control data of buildings or building complexes 5 consists of a first server 2 on which a building authorization service runs.
  • the server 2 has one or more authorization databases 20.
  • User-specific access rights for specific buildings or building complexes 5 are stored in the authorization database (s) 20.
  • an identity for a user 10 of the system 1 are stored.
  • the identity of the user 10 is further defined as to what role the user 10 has. For example, the role may be limited and the user only has rights to read data generated or present in various components of the building or building complex 5. However, the role may also be that the user may manipulate data of the building complex 5.
  • an entry can be added in the authorization database 20 to the identity of the user in which the spatial extent of his access rights is defined.
  • a user can only have access rights to certain buildings of a building complex or, within a building complex, only access rights to certain system components, for example exclusively elevators or exclusively building automation or exclusively to the heating system.
  • the system 1 also has a second server 3 on which a communication release service is running.
  • the second server 3 has an authentication database 30 on. In this database, all users registered in system 1 are stored in a list 4 with their identity 4.1. Each identity of a user is further included in the list 4, to which buildings or building complexes 5 the user may access by means of communication via the communication link 23.
  • the second server 3 can in this case be operated centrally by a service provider, while the first servers 2 are arranged decentrally in the system 1.
  • the first servers 2 can be located here at any locations selected by a customer of the system. However, the first servers 2 can also be accommodated directly in the buildings or building complexes.
  • a user 10 can access the operation or control data of the buildings or building complexes via the user interface 7, which is located on the second server 3 and provided by the communication release service. For this purpose, the user 10 logs on the user interface 7 with his identity, which he has in the system. The communication release service checks whether the identity matches an identity stored in the list 4. If this is the case, it is determined from column 4.2 of list 4 for which buildings or building complexes 5 the user has access rights. Subsequently, the user is enabled to communicate with the building or building complex or several buildings or building complexes stored in column 4.2. Via the communication connection 23, the user can now access the data of the building or building complex. On site, however, only the access rights are granted to him, which are stored on the first server 2 in the authorization database.
  • the basic communication possibility is thus made possible for the user 10 by the authentication service with the aid of the information stored in the authentication database.
  • the user 10 is then granted the special data access by means of the building authorization service on the basis of the information stored in the authorization database 20. Separation of authentication and authorization is achieved in this way.
  • the authentication service allows access to different buildings or building complexes without this authentication service having confidential data.
  • the user-specific roles and access rights are only stored on the first server 2 in the building authorization service.
  • the registration of a new user for access to a building or building complex 5 can be done in different ways.
  • the user 10 may log in to the authentication service via the user interface 7. However, it must be authorized by the building management of the building to which it wishes to have access rights in order for the authentication service to enable it for communication over the communication link 23.
  • the building management system assigns the user an identity that corresponds to the one with which he logged on to the authentication service. This identity is assigned a role and scope by the facility management.
  • the data is stored on the first server 2 in the authorization database 20. If the user 10 is detected by the building management and stored in the database 20, then a message is sent to the authentication service by the building authorization service.
  • the authentication service then enters the identity of the user in the list 4 on the authentication database 30.
  • the authentication service enters the building ID of the building or building complex 5 from which the message was sent.
  • the user 10 is now in the system 1 with his identity and the buildings to which he can get access stored.
  • any standard communication can be used.
  • communication via the Internet is possible, but it is also conceivable that the communication takes place via a telecommunication line or a leased line.
  • the communication can be wired or via radio.
  • the registration of a user 10 can also take place via a device which has an identity and is capable of communication, ie, of sending and receiving data.
  • a device which has an identity and is capable of communication, ie, of sending and receiving data.
  • This may be, for example, a mobile phone, an i-phone or i-pad.
  • a registration is made on the first server 2 by the user 10 with the aid of the communication device 8.
  • the communication device in this case sends its identity to the first server 2 via a communication connection 8.1. This is done together with a request from the user as to whether he is granted access rights.
  • the identity of the user in this case, the identity of his Communication device deposited and assigned to this identity role and its scope.
  • the deposit takes place in the authorization database 20.
  • the building authorization service then transmits the communication device 8 via the communication connection 8.1 an encrypted message in which the identity is stored.
  • the identity is noted in the encrypted message, from which building this message comes, ie it is the building code deposited, which allows access to the respective building or the building complex 5 together with the identity of the authentication service.
  • the communication device 8 now transmits the encrypted message to a data interface 6 of the authentication service running on the second server 3. Here, another communication connection is used.
  • the authentication service sends the communication device 8 after receiving the encrypted message confirmation that the message has arrived.
  • the encrypted information is decrypted by the authentication service and stored in the identity of the user 10 stored in it together with the identifier of the building for which he has registered in the list 4 on the authentication database.
  • the encrypted message may be, for example, a two-dimensional barcode that can be received by the mobile device and also sent.
  • Other ways of message encryption are also conceivable. If the user 10 is now stored in the authentication service on the authentication database, he can make an application in the system 1 via the user interface 7 by means of the mobile device, whose identity is now in the system, and if the identity of the mobile stored in the list 4 matches Device with the identity at login, the user via the communication link 23, the communication with the building or building complex 5 allows.
  • the user interface 7 can be configured in many ways.
  • the user interface may have various applications through which the user can select a user-specific role when logging into system 1, and a user-specific interface is then made available to him which is optimally adapted to his needs.
  • a user-specific interface is then made available to him which is optimally adapted to his needs.
  • someone who does not need to manipulate data, but only needs to read data will be provided with a surface that has no input capabilities. If somebody has to manipulate data, for example to change thresholds, it becomes user interfaces provided through which he can make a corresponding data entry.
  • the changed data is then transmitted via the communication link 23 to the building, or complex of buildings, where, depending on the user's access rights, the data change is made in the various components installed in the building.
  • the authorization service can provide the user with a very specific operator control and monitoring interface.
  • the user is also given all the usual possibilities of visualization or access.
  • a user can connect to the authentication service or the interface of the authentication service via the Internet, via VPN, via Facebook, via Twitter, or via a normal telecommunications connection and via the interface which is then displayed in his respective environment with the Building or complex of buildings.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Description

Die Erfindung betrifft ein System zur Verwaltung von Zugriffsrechten auf Betriebs- und/oder Steuerungsdaten von Gebäuden oder Gebäudekomplexen. Weiterhin betrifft die Erfindung ein Verfahren zum Betreiben eines derartigen Systems.The invention relates to a system for managing access rights to operating and / or control data of buildings or building complexes. Furthermore, the invention relates to a method for operating such a system.

In Gebäuden oder Gebäudekomplexen werden heutzutage zunehmend Funktionen wie die Bedienung von Storen oder Jalousien, die Bedienung einer Klimaanlage mit zugehörigen Funktionen wie heizen, kühlen und lüften durch moderne Steuerungssysteme, die die Bedienung automatisieren übernommen. Desgleichen werden beispielsweise Zutrittskontrollen zu Teilen von Gebäuden oder Gebäuden auf einem Campus mit Hilfe von zentral gespeicherten Daten umgesetzt. Des Weiteren gibt es in vielen Gebäuden oder Gebäudekomplexen Anlagen wie beispielsweise Aufzüge oder Fahrtreppen, die selbst wieder über Steuerungen, die die Funktion der Anlage regeln, gesteuert werden. Insgesamt stehen in Gebäuden heutzutage vermehrt Betriebsdaten und auch Steuerungsdaten für die verschiedenen angesprochenen Systeme zur Verfügung.In buildings or building complexes, functions such as the operation of shutters or blinds, the operation of an air conditioning system with associated functions such as heating, cooling and ventilating are being increasingly adopted by modern control systems that automate the operation. Likewise, for example, access control to parts of buildings or buildings on a campus is implemented using centrally stored data. Furthermore, in many buildings or complex of buildings, there are facilities such as elevators or escalators, which themselves are controlled by controllers that regulate the function of the system. All in all, nowadays operating data and also control data for the various systems addressed are increasingly available in buildings.

Zunehmend wird auch gefordert, dass ein Zugriff auf diese Gebäude und Komponenten spezifische Daten von einem anderen Ort, also Remote erfolgen kann. Hierbei ist es denkbar, dass lediglich auf Zustandsdaten zugegriffen wird, es ist jedoch auch gewünscht, dass über den Fernzugriff Manipulationen an Steuerungsdaten vorgenommen werden können, beispielsweise kann ein Update einer auf einer Steuerung lauffähigen Software über den Fernzugriff erfolgen.Increasingly, it is also required that access to these buildings and components specific data from another location, that can be done remotely. In this case, it is conceivable that only status data is accessed, but it is also desired that manipulation of control data can be performed via the remote access; for example, an update of a software executable on a controller can take place via the remote access.

Ein derartiger Fernzugriff auf gebäudespezifische Daten darf jedoch nur selektiv erfolgen, so dass der Zugriff nur denjenigen Personen ermöglicht wird, die für den Zugriff auch über Zugriffsrechte verfügen. Hierbei kann zudem für eine Person ein in Bezug auf ihre Rolle spezifisches Zugriffsrecht gewünscht sein. Es kann jedoch auch ein räumlich im Gebäude beschränkter Zugriff auf bestimmte Teilgebäude oder Räume gewünscht sein.However, such remote access to building-specific data may only be selective, so that access is only possible for those persons who also have access rights for access. In addition, a specific access right specific to their role may be desired for a person. However, it may also be desired to have limited access to certain building parts or rooms in the building.

Derzeit werden die Zugriffsrechte in der Regel für die einzelnen Anlagen oder Komponenten vergeben und verwaltet. In der Regel erfolgt dabei ein Zugriff eines autorisierten nenten vergeben und verwaltet. In der Regel erfolgt dabei ein Zugriff eines autorisierten Benutzers über die vom Gebäudebetreiber bereitgestellten Schnittstellen zu den jeweiligen Systemen oder Anlagen.Currently, the access rights are usually assigned and managed for the individual systems or components. As a rule, this is an access of an authorized awarded and managed. As a rule, an access by an authorized user takes place via the interfaces provided by the building operator to the respective systems or installations.

Die US 2002 099945 A1 offenbart ein System für Türzutrittskontrollen und Schlüsselverwaltung. Dabei wird zu jeder Schachttür ein Türverriegelungs-/Steuerbauteil zugeordnet. Solche Bauteile sind zur Kommunikation über ein Kommunikationsnetzwerk miteinander verbunden. Ein Schlüsselverwaltungssystem dient zum Speichern eines Identifikationscodes, welches als einen Schlüssel für einen einzigen Benutzer vorgesehen ist. Das Türverriegelungs-/Steuerbauteil dient dazu, den Schlüssel des Benutzers zu lesen und zu prüfen, ob dieser Schlüssel Zugangsberechtigung für eine Schachttür hat und diese Tür in Abhängigkeit von dieser Zugriffsberechtigung betätigt. Dabei werden anhand einer Identität einem Benutzer jedoch lediglich Zutrittsrechte zu verschiedenen Türen eines Gebäudekomplexes gewährleitetThe US 2002 099945 A1 discloses a system for door access controls and key management. In this case, a door lock / control component is assigned to each shaft door. Such components are interconnected for communication via a communication network. A key management system is for storing an identification code which is provided as a key for a single user. The door lock / control member serves to read the user's key and check if that key has access to a landing door and operates that door in response to this access authorization. In this case, however, a user is only granted access rights to various doors of a building complex on the basis of an identity

Der Erfindung liegt nun die Aufgabe zugrunde, einen zentralen Service zur Freigabe eines Datenzugriffs auf ein oder mehrere Gebäude zu ermöglichen.The invention is based on the object of enabling a central service for enabling data access to one or more buildings.

Die Aufgabe wird gelöst durch ein System zur Verwaltung von Zugriffsrechten auf Betriebs- und/oder Steuerungsdaten von Gebäuden oder Gebäudekomplexen, wobei das System folgendes aufweist: einen ersten Server für einen Gebäudeautorisierungsservice mit mindestens einer Autorisierungsdatenbank zur Speicherung von benutzerspezifischen Zugriffsrechten für bestimmte Gebäude oder Gebäudekomplexe, einen zweiten Server für einen Kommunikationsfreigabeservice mit einer Authentifizierungsdatenbank zur Speicherung von im System registrierten Benutzern, wobei die Authentifizierungsdatenbank eine Liste aller mit benutzerspezifischen Zugriffsrechten ausgestatteten Benutzer aufweist, wobei in der Liste für jeden mit Zugriffsrechten ausgestatteten Benutzer diejenigen Gebäude oder Gebäudekomplexe hinterlegt sind, für die der Benutzer über Zugriffsrechte verfügt, wobei der Kommunikationsfreigabeservice zur Freigabe einer Kommunikation eines Benutzers mit den für ihn in der Liste hinterlegten Gebäuden oder Gebäudekomplexen vorgesehen ist und wobei der Gebäudeautorisierungsservice zur Freigabe der spezifischen Zugriffsrechte für den Benutzer auf Betriebs- und/oder Steuerungsdaten des Gebäudes oder Gebäudekomplexes auf Basis der in der Autorisierungsdatenbank hinterlegten Zugriffsrechte vorgesehen ist.The object is achieved by a system for managing access rights to operating and / or control data of buildings or building complexes, the system comprising: a first server for a building authorization service with at least one authorization database for storing user-specific access rights for specific buildings or building complexes, a second communication release service server having an authentication database for storing users registered in the system, the authentication database comprising a list of all users having user specific access rights, the list containing, for each user having access rights, the buildings or building complexes for which the User has access rights, wherein the communication release service for releasing a communication of a user with those for him in the list behind ten buildings or building complexes is provided and wherein the building authorization service to release the specific access rights for the user on operating and / or control data of the building or building complex is provided based on the stored in the authorization database access rights.

Die Aufgabe wird weiterhin gelöst durch ein Verfahren zum Betreiben eines Systems zur Verwaltung von Zugriffsrechten auf Betriebs- und/oder Steuerungsdaten von Gebäuden oder Gebäudekomplexen, bei dem ein auf einem ersten Server laufender Kommunikationsfreigabeservice eine Kommunikation eines mit einer Identität angemeldeten Benutzers mit den für ihn in einer Liste hinterlegten Gebäuden oder Gebäudekomplexen freigibt, wenn seine Identität mit einer in der Liste hinterlegten Identität übereinstimmt und ein auf einem zweiten Server laufender Gebäudeautorisierungsservice nach erfolgter Freigabe der Kommunikation durch den Kommunikationsfreigabeservice spezifischen Zugriffsrechte für den Benutzer auf Betriebs- und/oder Steuerungsdaten des Gebäudes oder Gebäudekomplexes auf Basis von in einer Authentifizierungsdatenbank hinterlegten Zu-Der Erfindung liegt die Erkenntnis zugrunde, dass es vorteilhaft ist, Zugriffsrechte zu gebäudespezifischen Daten über ein System zu ermöglichen, bei dem die Authentifizierung eines Benutzers, der Zugriff auf die Daten haben möchte, getrennt von den für den entsprechenden Benutzer gespeicherten spezifischen Zugriffsrechten erfolgt. Die Authentifizierung eines registrierten Benutzers kann so auf einfache Weise über eine Applikation, beispielsweise über eine Webapplikation, die von einem Dienstleister zur Verfügung gestellt wird, erfolgen. Hierbei benötigt der Service, der die Authentifizierung des Benutzers regelt, keine speziellen Informationen, zu welchen spezifischen Daten, bzw. Datenquellen der Benutzer Zugriff hat. Desgleichen wird keine Information über die spezielle Rolle, die der Benutzer im System ausfüllt, benötigt. Von dem Authentifizierungsservice muss lediglich ermittelt werden, ob der Benutzer überhaupt registriert und für den Zugriff, d.h. die Kommunikation mit einem bestimmten Gebäude oder Gebäudekomplex zugelassen ist. Der Betreiber des Systems muss somit nicht über vertrauenswürdige Daten verfügen.The object is further achieved by a method for operating a system for managing access rights to operating and / or control data of buildings or building complexes, in which a running on a first server communication release service communication of a user logged in with an identity with the for him in a list of stored buildings or building complexes, if its identity matches an identity stored in the list, and a building automation service running on a second server after the release of the communication by the communication release service grants the user specific access rights to the building's operation and / or control data or Building complex based on stored in an authentication database To-The The invention is based on the recognition that it is advantageous to provide access rights to building-specific data via a system in which the authentication of a user who wishes to have access to the data is separate from the specific access rights stored for the corresponding user. The authentication of a registered user can be done in a simple manner via an application, for example via a web application provided by a service provider. In this case, the service that regulates the authentication of the user does not require any special information as to which specific data or data sources the user has access to. Likewise, no information is needed about the specific role that the user fills in the system. The authentication service merely has to determine whether the user has been registered at all and authorized for access, ie communication with a specific building or building complex. The operator of the system does not need to have any trustworthy data.

Die vertrauenswürdigen Daten können vielmehr direkt beim Gebäudemanagement verwaltet werden. Hierzu werden die im System registrierten Benutzer mit ihrer Identität und auch ihrer Rolle, d.h. welche Funktion sie ausüben dürfen und was sie mit den zur Kommunikation freigegebenen Daten machen dürfen, hinterlegt. Desgleichen wird gespeichert, über welchen Umfang von Zugriffsrechten sie verfügen. Die spezifische Datenpflege kann somit von dem Gebäudemanagement vor Ort eigenständig durchgeführt werden. Eine Anmeldung eines Benutzers des Systems kann jedoch an zentraler Stelle über den Autorisierungsservice für die jeweiligen im System erfassten Gebäude erfolgen.Rather, the trusted data can be managed directly in the building management. For this purpose, the users registered in the system with their identity and also their role, i. which function they are allowed to perform and what they are allowed to do with the data released for communication. Likewise, it is stored, which extent of access rights they have. The specific data maintenance can thus be carried out independently by the building management on site. However, a user logon of the system can be made centrally via the authorization service for the respective buildings registered in the system.

Hierdurch kann auf einfache Weise auch der Zugriff von Benutzern auf verschiedenste Gebäude oder Gebäudekomplexe, die in dem System verwaltet werden, ermöglicht werden. Der Benutzer hat somit durch eine einzige Identität, mit der er in dem System hinterlegt ist, die Möglichkeit, auf verschiedene Gebäude von verschiedenen Besitzern zuzugreifen und dort die Betriebsdaten abzurufen, bzw. auch Eingriffe wie eine Datenaktualisierung durchzuführen. Insbesondere für Servicearbeiten ist das System von Vorteil, weil beispielsweise ein Servicetechniker über eine einzige Anmeldung im System den Zugriff auf Diagnosedaten verschiedenster Gebäude oder Gebäudekomplexe erhält. Hierdurch kann ein Servicetechniker beispielsweise vor seinem Besuch vor Ort über eine einzige Applikation den Zustand bestimmter Systemkomponenten in den unterschiedlichen Gebäuden abfragen und im Vorfeld bereits die notwendigen Massnahmen treffen, bzw. benötigte Ersatzteile bestellen. Insgesamt ermöglicht das System einen einfachen und einheitlichen Zugriff auf die gebäudespezifischen Daten und eine einfache Verwaltung der notwenigen Zugriffsrechte für mehrere Gebäude oder Gebäudekomplexe.In this way, the access of users to various buildings or building complexes that are managed in the system can be made possible in a simple manner. The user thus has the ability to access different buildings from different owners and retrieve operational data there, as well as to perform operations such as data updating, through a single identity with which he is deposited in the system. Especially for service work, the system is advantageous because, for example, a service technician receives access to diagnostic data of different buildings or building complexes via a single logon in the system. This allows a service technician, for example, before his visit to a single site Application query the condition of certain system components in the different buildings and already take the necessary measures in advance, or order needed spare parts. Overall, the system provides easy and consistent access to the building-specific data and easy management of the necessary access rights to multiple buildings or building complexes.

Eine vorteilhafte Ausbildung der Erfindung besteht darin, dass der Kommunikationsfreigabeservice auf einem zentralen Server läuft und zur Freigabe der Kommunikation von registrierten Benutzern für mehrere Gebäude oder Gebäudekomplexe vorgesehen ist, jedes Gebäude oder jeden Gebäudekomplex über einen eigenen, dezentralen Server für den Gebäudeautorisierungsservice verfügt und zwischen dem zentralen Server und dem dezentralen Server eine Kommunikationsverbindung vorgesehen ist. Meldet sich ein Benutzer des Systems mit seiner Identität bei dem Kommunikationsfreigabeservice auf dem zentralen Server an, so muss hier lediglich geprüft werden, ob überhaupt Zugriffsrechte zu einem oder mehreren Gebäuden oder Gebäudekomplexen bestehen. Ist dies der Fall, so wird von dem zentralen Server aus eine Nachricht an den dezentralen Server, der über die spezifischen Zugriffsrechte des Benutzers verfügt, gesendet. Damit für den Benutzer die Kommunikation mit dem Gebäude freigegeben werden kann und ist der Benutzer für mehrere Gebäude oder Gebäudekomplexe registriert, so kann die Kommunikation auch für mehrere Gebäude oder Gebäudekomplexe freigegeben werden. Auf dem oder den dezentralen Servern wird dann lediglich ermittelt, welche speziellen Zugriffsrecht für den angemeldeten und zur Kommunikation freigegebenen Benutzer bestehen und ihm werden dann diese Daten zur Kommunikation freigegeben.An advantageous embodiment of the invention consists in that the communication release service runs on a central server and is provided for the release of the communication of registered users for several buildings or building complexes, each building or each building complex has its own, decentralized server for the building authorization service and between the central server and the remote server, a communication connection is provided. If a user of the system logs on with his identity to the communication release service on the central server, then it merely has to be checked whether access rights to one or more buildings or building complexes exist at all. If this is the case, a message is sent from the central server to the remote server that has the user's specific access rights. So that the user can be enabled to communicate with the building and the user is registered for several buildings or building complexes, the communication can also be released for several buildings or building complexes. On the decentralized server (s), it is then merely determined which specific access rights exist for the logged on user and released for communication, and then this data is then released for communication.

Eine weitere vorteilhafte Ausbildung besteht darin, dass der Kommunikationsfreigabeservice über mindestens eine Datenschnittstelle zum Empfang von Identitäten, der in einer Autorisierungsdatenbank eines Gebäudeautorisierungsservices mit benutzerspezifischen Zugriffsrechten gespeicherten Benutzer verfügt. Dies ist besonders günstig, da die Benutzer mit ihren benutzerspezifischen Zugriffsrechten auf dem dezentralen Server bzw. der Autorisierungsdatenbank des dezentralen Servers hinterlegt werden. Hierbei werden die Benutzer mit ihrer Identität, ihrer Rolle und dem Umfang an Daten, auf die sie zugreifen dürfen, hinterlegt. Nach der erfolgten Speicherung eines Benutzers mit seinen benutzerspezifischen Zugriffsrechten kann nun die Identität des Benutzers über die Datenschnittstelle des Kommunikationsfreigabeservices vom Kommunikationsfreigabeservice empfangen werden und in der Liste, in der die Identitäten der Benutzer mit Zugriffsrechten hinterlegt sind, gespeichert werden. Auf diese Weise ist sichergestellt, dass die im Kommunikationsfreigabeservice gespeicherte Benutzeridentität identisch ist mit der Benutzeridentität, die in der Autorisierungsdatenbank des entsprechenden Gebäudes oder Gebäudekomplexes für den Benutzer gespeichert ist. Eine einmal vom Gebäudeautorisierungsservice vergebene Identität wird somit vom Kommunikationsfreigabeservice zur Authentifizierung genutzt. Die Datenschnittstelle kann hierbei so ausgebildet sein, dass eine vom dezentralen Server versendete Nachricht mit der Identität des Benutzers und der Erkennung des Gebäudes direkt empfangen werden kann, beispielsweise über Internet. Es ist auch vorstellbar, dass die Datenschnittstelle so ausgebildet ist, dass beispielsweise eine Kommunikation mit einem Mobiltelefon erfolgt, wobei das Mobiltelefon seine Identität übermittelt und diese Identität gleichzeitig als Identität des Benutzers im System sowohl auf der Autorisierungsdatenbank als auch der Authentifizierungsdatenbank hinterlegt wird. Der Kommunikationsfreigabeservice kann natürlich über mehrere Schnittstellen verfügen, die den Empfang von gesendeten Identitäten von unterschiedlichen Kommunikationsmedien ermöglichen. Insgesamt werden alle über derartige Schnittstellen empfangenen Identitäten in der Liste gespeichert.A further advantageous embodiment is that the communication release service has at least one data interface for receiving identities, the user stored in an authorization database of a building authorization service with user-specific access rights. This is particularly advantageous since the users are stored with their user-specific access rights on the decentralized server or the authorization database of the decentralized server. In doing so, users are provided with their identity, their role and the amount of data they are allowed to access. After the successful storage of a user with his user-specific access rights, the identity of the user can now be received via the data interface of the communication release service from the communication release service and stored in the list in which the identities of the users with access rights are stored. In this way it is ensured that the user identity stored in the communication release service is identical to the user identity stored in the authorization database of the corresponding building or building complex for the user. An identity once assigned by the building authorization service is thus used by the communication release service for authentication. The data interface can in this case be designed such that a message sent by the decentralized server can be received directly with the identity of the user and the recognition of the building, for example via the Internet. It is also conceivable that the data interface is designed so that, for example, a communication with a mobile phone, wherein the mobile phone transmits its identity and this identity is deposited at the same time as the identity of the user in the system on both the authorization database and the authentication database. Of course, the communication release service may have multiple interfaces that allow the reception of sent identities from different communication media. Overall, all identities received via such interfaces are stored in the list.

Eine weitere vorteilhafte Ausbildung besteht darin, dass der Kommunikationsfreigabeservice eine Benutzeroberfläche zur Anmeldung durch einen Benutzer mittels einer Identität aufweist. Der Benutzer muss hierdurch nur die eine Identität, die ihm vom Gebäudeautorisierungsservice zugeteilt worden ist, bzw. die der Identität seines Mobiltelefons entspricht, verwenden. Die Anmeldung erfolgt vorteilhafterweise zentral über eine Applikation, die vom Kommunikationsfreigabeservice bereitgestellt wird. So hat der Benutzer immer das gleiche "Look and Feel" und eine einfache Interaktion mit dem System ist möglich.A further advantageous embodiment consists in that the communication release service has a user interface for registration by a user by means of an identity. The user must thereby use only the one identity that has been assigned to him by the building authorization service or that corresponds to the identity of his mobile telephone. The application advantageously takes place centrally via an application which is provided by the communication release service. So the user always has the same "look and feel" and easy interaction with the system is possible.

Eine weitere vorteilhafte Ausbildung besteht darin, dass die Benutzeroberfläche zur Bereitstellung einer an die benutzerspezifischen Zugriffsrechte angepassten Benutzerumgebung vorgesehen ist. Wird einmal eine Kommunikation vom Kommunikationsfreigabeservice ermöglicht, so sendet der dezentrale Server bzw. der Gebäudeautorisierungsservice eine Information, in der hinterlegt ist, welche von den im System zur Verfügung stehenden benutzerspezifischen Umgebungen für die Bedienung des Systems am besten geeignet ist. Beispielsweise kann in Abhängigkeit von der Rolle eines Benutzers entweder eine Oberfläche bereitgestellt werden, auf der lediglich Daten durch den Benutzer gelesen werden können. Die Oberfläche kann statisch sein, so dass der Benutzer keine Möglichkeit hat, sich weitere Kenntnisse zu verschaffen, als die, die vom Gebäudemanagement bereitgestellt werden. Die Benutzeroberfläche kann jedoch auch dynamisch gestaltet sein und eine Interaktion des Benutzers ermöglichen, so dass er in verschiedenen Hierarchien der Betriebsdatenstruktur navigieren kann. Zudem kann die Benutzeroberfläche so gestaltet sein, dass dem Benutzer eine Manipulation, bzw. ein Eingriff in die Daten ermöglicht wird. Beispielsweise ist denkbar, dass der Benutzer über das System Schwellwerte verändern kann, es ist jedoch auch vorstellbar, dass der Benutzer Software Updates laden kann. Vorteilhaft ist hierbei, dass die benutzerspezifische Benutzerumgebung erst dann bereit gestellt wird, wenn die Kommunikation für den Benutzer auch freigegeben ist und im System bekannt ist, welche Benutzerofläche die für seine Zugriffsrechte passenden Benutzeroberfläche ist.A further advantageous embodiment is that the user interface is provided for providing a user environment adapted to the user-specific access rights. Once communication from the communication release service is enabled, the remote server or building authorization service sends information indicating which of the user-specific environments available in the system is most suitable for operating the system. For example, depending on the role of a user, either provided a surface on which only data can be read by the user. The interface may be static, so that the user has no opportunity to gain more knowledge than those provided by the building management. However, the user interface may also be dynamic and allow for user interaction so that it can navigate in different hierarchies of the operational data structure. In addition, the user interface can be designed so that the user is allowed to manipulate or manipulate the data. For example, it is conceivable that the user can change thresholds via the system, but it is also conceivable that the user can load software updates. It is advantageous here that the user-specific user environment is provided only when the communication is also enabled for the user and the system knows which user interface is the user interface suitable for its access rights.

Die verschiedenen Benutzeroflächen selbst werden ausschliesslich vom Kommunikationsfreigabeservice bereitgestellt und sind auch nur dort gespeichert. Von dem Gebäudeautorisierungsservice muss lediglich gemeldet werden, welche Benutzeroberfläche für die Rolle, bzw. den Umfang den der Benutzer beansprucht, die geeignete ist. Der Kommunikationsfreigabeservice muss somit auch für die Bereitstellung der benutzerspezifischen Benutzeroberfläche nicht über die vertraulichen Daten der einzelnen Benutzer verfügen. Auch hierzu genügen lediglich die Identität und die anschliessende Übermittlung der bevorzugten Benutzeroberfläche durch den Gebäudeautorisierungsservice. Hierdurch ist auch eine einfache Handhabung der Benutzeroberfläche durch den Betreiber des Services möglich. Die Benutzeroberflächen können zentral gestaltet und auch verändert werden.The various user interfaces themselves are provided exclusively by the communication release service and are also stored there only. The building authorization service only needs to report which user interface is appropriate for the role or scope that the user is claiming. The communication release service thus does not need to have the confidential data of the individual users for the provision of the user-specific user interface. Again, all that suffices is the identity and the subsequent transmission of the preferred user interface by the building authorization service. As a result, a simple handling of the user interface by the operator of the service is possible. The user interfaces can be designed centrally and also changed.

Eine weitere vorteilhafte Ausbildung besteht darin, dass die Benutzeroberfläche bei Anmeldung durch einen Benutzer bereits zur Bereitstellung einer Auswahl von benutzerspezifischen Rollen vorgesehen ist. Der Benutzer kann hierdurch gleich einschränken, welche der verschiedenen Applikationen für die Kommunikation mit den gebäudespezifischen Daten für ihn nützlich bzw. notwendig ist. Er kann auf der Benutzeroberfläche bereits auswählen, ob er lediglich ein Besucher ist, ob er Zugriff auf Steuerungsdaten benötigt, ob er beispielsweise an einer Aufzugskonfiguration etwas ändern möchte, ob er lediglich über die Performence des Systems mittels einer Score-Card, in der die Metriken eingetragen werden, informiert werden möchte. Er kann alternativ auch angeben, ob er eine Fernwartung durchführen möchte. Bei all diesen spezifischen Applikationen werden dem Benutzer lediglich Daten, die seiner ausgewählten momentanen Rolle entsprechen, zur Verfügung gestellt. Dies ist besonders vorteilhaft für einen Benutzer, der über umfangreiche Rechte verfügt, und daher keine spezifische Rolle im System hat, so dass allein aufgrund seiner Rolle vom System eine benutzerspezifische Oberfläche zur Verfügung gestellt werden kann. Der Benutzer schlüpft in diesem Fall selbst in die entsprechende Rolle, so dass die bereitgestellten Daten der von ihm ausgewählten Rolle entsprechend adaptiert werden.A further advantageous embodiment consists in that the user interface when registering by a user is already provided for providing a selection of user-specific roles. The user can thereby immediately restrict which of the various applications for the communication with the building-specific data is useful or necessary for him. He can already select on the user interface if he is merely a visitor, if he needs access to control data, if he wants to change something in an elevator configuration, if he only wants to know about the performance of the system by means of a scorecard containing the metrics be registered, want to be informed. He can alternatively indicate whether he would like to carry out a remote maintenance. In all of these specific applications, the user will only be provided with data corresponding to his selected current role. This is particularly advantageous for a user who has extensive rights and therefore has no specific role in the system, so that a user-specific interface can be provided by the system solely because of its role. In this case, the user himself slips into the appropriate role, so that the data provided are adapted to the role he has selected.

Im Folgenden wird die Erfindung anhand der Figur näher beschrieben und erläutert:

  • Figur 1 zeigt eine schematische Darstellung des Systems zur Verwaltung von Zugriffsrechten.
In the following the invention will be described and explained in more detail with reference to the drawing:
  • FIG. 1 shows a schematic representation of the system for managing access rights.

Das System 1 zur Verwaltung von Zugriffsrechten auf Betriebs- und/oder Steuerungsdaten von Gebäuden oder Gebäudekomplexen 5 besteht aus einem ersten Server 2 auf dem ein Gebäudeautorisierungsservice läuft. Der Server 2 verfügt über eine oder mehrere Autorisierungsdatenbanken 20. In der bzw. den Autorisierungsdatenbanken 20 werden benutzerspezifische Zugriffsrechte für bestimmte Gebäude oder Gebäudekomplexe 5 gespeichert. Hierbei werden beispielsweise eine Identität für einen Benutzer 10 des Systems 1 hinterlegt. Zu der Identität des Benutzers 10 wird weiterhin hinterlegt, welche Rolle der Benutzer 10 hat. Beispielsweise kann die Rolle eingeschränkt sein und der Benutzer hat nur Rechte, Daten, die in verschiedenen Komponenten des Gebäudes oder Gebäudekomplexes 5 erzeugt werden oder vorhanden sind, zu lesen. Die Rolle kann jedoch auch darin bestehen, dass der Benutzer Daten des Gebäudekomplexes 5 manipulieren darf. Neben der Rolle kann in der Autorisierungsdatenbank 20 der Identität des Benutzers weiterhin ein Eintrag hinzugefügt werden, in dem der räumliche Umfang seiner Zugriffsrechte definiert ist. Beispielsweise kann ein Benutzer nur auf bestimmte Gebäude eines Gebäudekomplexes Zugriffsrechte haben oder innerhalb eines Gebäudekomplexes nur Zugriffsrechte auf bestimmte Systemkomponenten, beispielsweise ausschliesslich Aufzüge oder ausschliesslich Gebäudeautomatisierung oder ausschliesslich auf die Heizanlage.The system 1 for managing access rights to operating and / or control data of buildings or building complexes 5 consists of a first server 2 on which a building authorization service runs. The server 2 has one or more authorization databases 20. User-specific access rights for specific buildings or building complexes 5 are stored in the authorization database (s) 20. Here, for example, an identity for a user 10 of the system 1 are stored. The identity of the user 10 is further defined as to what role the user 10 has. For example, the role may be limited and the user only has rights to read data generated or present in various components of the building or building complex 5. However, the role may also be that the user may manipulate data of the building complex 5. In addition to the role, an entry can be added in the authorization database 20 to the identity of the user in which the spatial extent of his access rights is defined. For example, a user can only have access rights to certain buildings of a building complex or, within a building complex, only access rights to certain system components, for example exclusively elevators or exclusively building automation or exclusively to the heating system.

Das System 1 verfügt weiterhin über einen zweiten Server 3 auf dem ein Kommunikationsfreigabeservice läuft. Der zweite Server 3 weist eine Authentifizierungsdatenbank 30 auf. In dieser Datenbank sind in einer Liste 4 alle im System 1 registrierten Benutzer mit ihrer Identität 4.1 hinterlegt. Jede Identität eines Benutzers ist in der Liste 4 weiterhin beigefügt, auf welche Gebäude oder Gebäudekomplexe 5 der Benutzer mittels einer Kommunikation über die Kommunikationsverbindung 23 zugreifen darf. Der zweite Server 3 kann hierbei von einem Dienstleister zentral betrieben werden, während die ersten Server 2 dezentral im System 1 angeordnet sind. Die ersten Server 2 können hierbei an beliebigen, von einem Kunden des Systems gewählten Orten stehen. Die ersten Server 2 können jedoch auch direkt bei den Gebäuden oder Gebäudekomplexen untergebracht sein.The system 1 also has a second server 3 on which a communication release service is running. The second server 3 has an authentication database 30 on. In this database, all users registered in system 1 are stored in a list 4 with their identity 4.1. Each identity of a user is further included in the list 4, to which buildings or building complexes 5 the user may access by means of communication via the communication link 23. The second server 3 can in this case be operated centrally by a service provider, while the first servers 2 are arranged decentrally in the system 1. The first servers 2 can be located here at any locations selected by a customer of the system. However, the first servers 2 can also be accommodated directly in the buildings or building complexes.

Ein Benutzer 10 kann über die Benutzerschnittstelle bzw. Benutzeroberfläche 7, die auf dem zweiten Server 3 angeordnet ist und vom Kommunikationsfreigabeservice bereitgestellt wird, auf die Betriebs- bzw. Steuerungsdaten der Gebäude oder Gebäudekomplexe zugreifen. Hierzu meldet der Benutzer 10 sich auf der Benutzeroberfläche 7 mit seiner Identität, die er im System hat, an. Der Kommunikationsfreigabeservice überprüft, ob die Identität mit einer in der Liste 4 hinterlegten Identität übereinstimmt. Ist dies der Fall, so wird aus der Spalte 4.2 der Liste 4 ermittelt, für welche Gebäude oder Gebäudekomplexe 5 der Benutzer Zugriffsrechte hat. Anschliessend wird dem Benutzer die Kommunikation mit dem in der Spalte 4.2 hinterlegten Gebäude bzw. Gebäudekomplex oder mehreren Gebäuden bzw. Gebäudekomplexen freigegeben. Über die Kommunikationsverbindung 23 kann der Benutzer nun auf die Daten des Gebäudes oder Gebäudekomplexes zugreifen. Vor Ort werden ihm jedoch nur die Zugriffsrechte erteilt, die auf dem ersten Server 2 in der Autorisierungsdatenbank hinterlegt sind. Die grundsätzliche Kommunikationsmöglichkeit wird dem Benutzer 10 somit durch den Authentifizierungsservice mit Hilfe der in der Authentifizierungsdatenbank hinterlegten Informationen ermöglicht, der spezielle Datenzugriff wird dem Benutzer 10 dann mit Hilfe der Gebäudeautorisierungsservice aufgrund der in der Autorisierungsdatenbank 20 hinterlegten Informationen erteilt. Eine Trennung der Authentifizierung und der Autorisierung wird auf diese Weise erreicht. Über einen einheitlichen Service, den Authentifizierungsservice wird der Zugang zu verschiedenen Gebäuden oder Gebäudekomplexen ermöglicht, ohne dass dieser Authentifizierungsservice über vertrauliche Daten verfügt. Die benutzerspezifischen Rollen und Zugriffsrechte sind lediglich auf dem ersten Server 2 im Gebäudeautorisierungsservice hinterlegt.A user 10 can access the operation or control data of the buildings or building complexes via the user interface 7, which is located on the second server 3 and provided by the communication release service. For this purpose, the user 10 logs on the user interface 7 with his identity, which he has in the system. The communication release service checks whether the identity matches an identity stored in the list 4. If this is the case, it is determined from column 4.2 of list 4 for which buildings or building complexes 5 the user has access rights. Subsequently, the user is enabled to communicate with the building or building complex or several buildings or building complexes stored in column 4.2. Via the communication connection 23, the user can now access the data of the building or building complex. On site, however, only the access rights are granted to him, which are stored on the first server 2 in the authorization database. The basic communication possibility is thus made possible for the user 10 by the authentication service with the aid of the information stored in the authentication database. The user 10 is then granted the special data access by means of the building authorization service on the basis of the information stored in the authorization database 20. Separation of authentication and authorization is achieved in this way. Through a single service, the authentication service allows access to different buildings or building complexes without this authentication service having confidential data. The user-specific roles and access rights are only stored on the first server 2 in the building authorization service.

Die Registrierung eines neuen Benutzers für den Zugriff auf ein Gebäude oder Gebäudekomplex 5 kann auf unterschiedliche Weise erfolgen. Der Benutzer 10 kann sich beispielsweise beim Authentifizierungsservice über die Benutzeroberfläche 7 anmelden. Er muss jedoch vom Gebäudemanagement des Gebäudes auf das er Zugriffsrechte haben möchte, autorisiert sein, damit der Authentifizierungsservice ihn für die Kommunikation über die Kommunikationsverbindung 23 frei schaltet. Hierzu wird dem Benutzer vom Gebäudemanagement eine Identität zugewiesen, die derjenigen entspricht, mit der er sich im Authentifizierungsservice angemeldet hat. Dieser Identität wird vom Gebäudemanagement eine Rolle und der Umfang zugewiesen. Die Daten werden auf dem ersten Server 2 in der Autorisierungsdatenbank 20 hinterlegt. Ist der Benutzer 10 vom Gebäudemanagement erfasst und in der Datenbank 20 hinterlegt, so wird von dem Gebäudeautorisierungsservice eine Nachricht an den Authentifizierungsservice gesendet. Der Authentifizierungsservice trägt daraufhin die Identität des Benutzers in die Liste 4 auf der Authentifizierungsdatenbank 30 ein. In der Spalte 4.2 trägt der Authentifizierungsservice die Gebäudekennung des Gebäudes bzw. Gebäudekomplexes 5 ein, von dem die Nachricht gesendet wurde. Der Benutzer 10 ist nunmehr im System 1 mit seiner Identität und den Gebäuden, auf die er Zugriff erhalten kann, hinterlegt.The registration of a new user for access to a building or building complex 5 can be done in different ways. For example, the user 10 may log in to the authentication service via the user interface 7. However, it must be authorized by the building management of the building to which it wishes to have access rights in order for the authentication service to enable it for communication over the communication link 23. For this purpose, the building management system assigns the user an identity that corresponds to the one with which he logged on to the authentication service. This identity is assigned a role and scope by the facility management. The data is stored on the first server 2 in the authorization database 20. If the user 10 is detected by the building management and stored in the database 20, then a message is sent to the authentication service by the building authorization service. The authentication service then enters the identity of the user in the list 4 on the authentication database 30. In column 4.2, the authentication service enters the building ID of the building or building complex 5 from which the message was sent. The user 10 is now in the system 1 with his identity and the buildings to which he can get access stored.

Für die Kommunikation zwischen dem ersten Server 2 und dem zweiten Server 3 kann jede beliebige Standardkommunikation verwendet werden. Beispielsweise ist eine Kommunikation über Internet möglich, es ist jedoch auch denkbar, dass die Kommunikation über eine Telekommunikationsleitung oder eine Standleitung erfolgt. Die Kommunikation kann dabei drahtgebunden oder auch über Funk erfolgen.For the communication between the first server 2 and the second server 3, any standard communication can be used. For example, communication via the Internet is possible, but it is also conceivable that the communication takes place via a telecommunication line or a leased line. The communication can be wired or via radio.

Die Registrierung eines Benutzers 10 kann auch über ein Gerät, welches eine Identität hat und zur Kommunikation, d.h. zum Senden und Empfangen von Daten fähig ist, erfolgen. Hierbei kann es sich beispielsweise um ein Mobiltelefon, ein i-phone oder i-pad handeln. Hierbei wird durch den Benutzer 10 mit Hilfe des Kommunikationsgerätes 8 eine Registrierung auf dem ersten Server 2 vorgenommen. Das Kommunikationsgerät sendet hierbei dem ersten Server 2 über eine Kommunikationsverbindung 8.1 seine Identität. Dies erfolgt gemeinsam mit einer Anfrage des Benutzers, ob ihm Zugriffsrechte erteilt werden. Vom Gebäudemanagement werden nun in dem Gebäudeautorisierungsservice, wie im bereits geschilderten Fall, die Identität des Benutzers, in diesem Fall die Identität seines Kommunikationsgerätes hinterlegt und die dieser Identität zugewiesene Rolle und deren Umfang. Die Hinterlegung erfolgt in der Autorisierungsdatenbank 20. Der Gebäudeautorisierungsservice übermittelt dem Kommunikationsgerät 8 anschliessend über die Kommunikationsverbindung 8.1 eine verschlüsselte Nachricht, in der die Identität hinterlegt ist. Neben der Identität ist in der verschlüsselten Nachricht vermerkt, von welchem Gebäude diese Nachricht kommt, d.h. es ist die Gebäudekennung hinterlegt, die zusammen mit der Identität über den Authentifizierungsservice einen Zugriff auf das jeweilige Gebäude bzw. auf den Gebäudekomplex 5 ermöglicht. Das Kommunikationsgerät 8 übermittelt nunmehr an eine Datenschnittstelle 6 des auf dem zweiten Server 3 laufenden Authentifizierungsservice die verschlüsselte Nachricht. Hierbei wird eine weitere Kommunikationsverbindung genutzt. Der Authentifizierungsservice schickt dem Kommunikationsgerät 8 nach Erhalt der verschlüsselten Nachricht eine Bestätigung, dass die Nachricht eingegangen ist. Die verschlüsselte Information wird von dem Authentifizierungsservice entschlüsselt und die in ihr hinterlegte Identität des Benutzers 10 zusammen mit der Kennung des Gebäudes, für das er sich hat registrieren lassen, in der Liste 4 auf der Authentifizierungsdatenbank hinterlegt. Bei der verschlüsselten Nachricht kann es sich beispielsweise um einen zweidimensionalen Barcode handeln, der von dem mobilen Gerät empfangen und auch gesendet werden kann. Andere Möglichkeiten der Nachrichtenverschlüsselung sind jedoch auch denkbar. Ist der Benutzer 10 nunmehr in dem Authentifizierungsservice auf der Authentifizierungsdatenbank hinterlegt, so kann er über die Benutzerofläche 7 mittels des mobilen Geräts, dessen Identität nunmehr im System ist, eine Anmeldung im System 1 vornehmen und bei Übereinstimmung der in der Liste 4 hinterlegten Identität des mobilen Geräts mit der Identität bei Anmeldung wird dem Benutzer über die Kommunikationsverbindung 23 die Kommunikation mit dem Gebäude bzw. Gebäudekomplex 5 ermöglicht.The registration of a user 10 can also take place via a device which has an identity and is capable of communication, ie, of sending and receiving data. This may be, for example, a mobile phone, an i-phone or i-pad. Here, a registration is made on the first server 2 by the user 10 with the aid of the communication device 8. The communication device in this case sends its identity to the first server 2 via a communication connection 8.1. This is done together with a request from the user as to whether he is granted access rights. From the building management now in the building authorization service, as in the case already described, the identity of the user, in this case, the identity of his Communication device deposited and assigned to this identity role and its scope. The deposit takes place in the authorization database 20. The building authorization service then transmits the communication device 8 via the communication connection 8.1 an encrypted message in which the identity is stored. In addition to the identity is noted in the encrypted message, from which building this message comes, ie it is the building code deposited, which allows access to the respective building or the building complex 5 together with the identity of the authentication service. The communication device 8 now transmits the encrypted message to a data interface 6 of the authentication service running on the second server 3. Here, another communication connection is used. The authentication service sends the communication device 8 after receiving the encrypted message confirmation that the message has arrived. The encrypted information is decrypted by the authentication service and stored in the identity of the user 10 stored in it together with the identifier of the building for which he has registered in the list 4 on the authentication database. The encrypted message may be, for example, a two-dimensional barcode that can be received by the mobile device and also sent. Other ways of message encryption are also conceivable. If the user 10 is now stored in the authentication service on the authentication database, he can make an application in the system 1 via the user interface 7 by means of the mobile device, whose identity is now in the system, and if the identity of the mobile stored in the list 4 matches Device with the identity at login, the user via the communication link 23, the communication with the building or building complex 5 allows.

Die Benutzeroberfläche 7 kann auf vielfältige Weise ausgestaltet sein. Beispielsweise kann die Benutzeroberfläche über verschiedene Applikationen verfügen, über die der Benutzer bereits beim Anmelden im System 1 eine benutzerspezifische Rolle auswählen kann und es wird ihm anschliessend eine benutzerspezifische Oberfläche zur Verfügung gestellt, die optimal an seine Bedürfnisse angepasst ist. Beispielsweise wird jemandem der keine Datenmanipulation vornehmen muss, sondern lediglich Daten lesen muss, eine Oberfläche zur Verfügung gestellt, die keine Eingabemöglichkeiten aufweist. Muss jemand Daten manipulieren, beispielsweise Schwellwerte verstellen, so werden ihm Benutzeroberflächen zur Verfügung gestellt, über die er eine entsprechende Dateneingabe tätigen kann. Die geänderten Daten werden dann über den Kommunikationsverbindung 23 an das Gebäude, bzw. den Gebäudekomplex übermittelt und dort je nach Zugriffsrechten des Benutzers wird in den verschiedenen Komponenten, die in dem Gebäude installiert sind, die Datenänderung vorgenommen. Hierbei kann dem Benutzer vom Autorisierungsservice eine sehr spezifische Bedien- und Beobachtungsoberfläche bereitgestellt werden. Dem Benutzer sind dabei auch alle gängigen Möglichkeiten der Visualisierung bzw. des Zugriffs gegeben. So kann ein Benutzer sich über das Internet, über VPN, über Facebook, über Twitter, oder über eine normale Telekommunikationsverbindung mit dem Authentifizierungsservice, bzw. der Oberfläche des Authentifizierungsservices verbinden und über die Oberfläche, die dann in seiner jeweiligen Umgebung angezeigt wird, mit dem Gebäude- bzw. dem Gebäudekomplex kommunizieren.The user interface 7 can be configured in many ways. For example, the user interface may have various applications through which the user can select a user-specific role when logging into system 1, and a user-specific interface is then made available to him which is optimally adapted to his needs. For example, someone who does not need to manipulate data, but only needs to read data, will be provided with a surface that has no input capabilities. If somebody has to manipulate data, for example to change thresholds, it becomes user interfaces provided through which he can make a corresponding data entry. The changed data is then transmitted via the communication link 23 to the building, or complex of buildings, where, depending on the user's access rights, the data change is made in the various components installed in the building. In this case, the authorization service can provide the user with a very specific operator control and monitoring interface. The user is also given all the usual possibilities of visualization or access. Thus, a user can connect to the authentication service or the interface of the authentication service via the Internet, via VPN, via Facebook, via Twitter, or via a normal telecommunications connection and via the interface which is then displayed in his respective environment with the Building or complex of buildings.

Claims (11)

  1. A system (1) for managing user access rights to operating and/or control data of buildings or building complexes (5), wherein the system (1) comprises:
    • a first server (2) for a building authorization service, having at least one authorization database (20) for storing user-specific access rights for certain buildings or building complexes (5),
    • a second server (3) for a communication enabling service, having an authentication database (30) for storing users registered in the system (1),
    ∘ wherein the authentication database (30) has a list (4) of all users granted user-specific access rights in the at least one authorization database,
    ∘ wherein the specific buildings or building complexes (5) for which the user has access rights are stored in the list (4) for each user who has access rights,
    wherein the communication enabling service enables communication of a user with the buildings or building complexes (5) which are stored for him in the list (4), and wherein the building authorization service enables specific access rights for the user to operating and/or control data of the building or building complex (5) according to the access rights stored in the authorization database (20),
    characterized in that
    the specific access rights are defined for a user by his identity and a role which is assigned to that identity, and the user is able to access data, by reading or manipulating the same, of components of the building or building complex according to his role.
  2. The system according to claim 1, wherein
    • the communication enabling service runs on a central server (3), and enables the communication of registered users for multiple buildings or building complexes (5),
    • each building or each building complex (5) has its own, decentralized server (2) for the building authorization service, and
    • there is a communication connection (23) between the central server (3) and each decentralized server (2).
  3. The system according to claim 1 or 2, wherein the communication enabling service has at least one data interface (6) to receive identities of the users stored in an authorization database (20) of a building authorization service with user-specific access rights.
  4. The system according to one of the previous claims, wherein the communication enabling service has a user interface (7) for the user to log in by means of an identity.
  5. The system according to claim 4, wherein the user interface (7) provides a user environment which is customized to the user-specific access rights.
  6. The system according to claim 4 or 5, wherein the user interface (7) provides a selection of user-specific roles as soon as a user logs in.
  7. A method for the operation of a system for managing user access rights to operating and/or control data of buildings or building complexes (5) according to one of the claims 1 to 6, wherein
    • a communication enabling service running on a first server (3) enables a communication of a user, logged in with an identity, with the buildings or building complexes (5) stored for him in a list (4) if his identity matches an identity stored in the list (4), and
    • a building authorization service running on a second server (2) enables, after the communication enabling service enables the communication, specific access rights for the user to operating and/or control data of the building or building complex (5) according to access rights stored in an authorization database (20),
    characterized in that
    the specific access rights are defined for a user by his identity and a role which is assigned to that identity, and the user is able to access data, by reading or manipulating the same, of components of the building or building complex according to his role.
  8. The method according to claim 7, wherein
    • the communication of users for multiple buildings or building complexes (5) is enabled by the communication enabling service running on a central server (3),
    • a message about the enabling of communication is transmitted via the communication connection (23) by the central server (2) to a decentralized server (2) of the building or building complex (5) on which the building authorization service is running.
  9. The method according to claim 7 or 8, wherein a user environment which is customized to the user-specific access rights is provided to a user who is logged in by means of an identity, via a user interface (7) of the communication enabling service, following the enabling of communication.
  10. The method according to claim 7 or 8, wherein a user who is logged in by means of an identity via a user interface (7) of the communication enabling service is provided with a selection of user-specific roles.
  11. A method according to one of the claims 7 to 10, wherein, for the registration of a new user,
    • user-specific access rights for certain buildings or building complexes (5) are granted by the building authorization service,
    • the user-specific access rights are stored in at least one authorization database (20), wherein an identity, a role and a scope of the access rights are stored for each user who has access rights,
    • the identities of the users to whom user-specific access rights have been granted are transmitted via the data interface (6) to the communication enabling service, and
    the identities in the list (4) of the authentication database (30) of the communication enabling service are stored together with an identifier for the particular building or complex of buildings (5) for which the user has access rights.
EP12709625.3A 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes Active EP2691940B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP12709625.3A EP2691940B1 (en) 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes
PL12709625T PL2691940T3 (en) 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP11160155 2011-03-29
PCT/EP2012/054679 WO2012130640A1 (en) 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes
EP12709625.3A EP2691940B1 (en) 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes

Publications (2)

Publication Number Publication Date
EP2691940A1 EP2691940A1 (en) 2014-02-05
EP2691940B1 true EP2691940B1 (en) 2017-10-18

Family

ID=44170245

Family Applications (1)

Application Number Title Priority Date Filing Date
EP12709625.3A Active EP2691940B1 (en) 2011-03-29 2012-03-16 Management of access rights to operating and/or control data from buildings or building complexes

Country Status (5)

Country Link
US (1) US8689353B2 (en)
EP (1) EP2691940B1 (en)
ES (1) ES2647295T3 (en)
PL (1) PL2691940T3 (en)
WO (1) WO2012130640A1 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7706778B2 (en) 2005-04-05 2010-04-27 Assa Abloy Ab System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone
US9985950B2 (en) 2006-08-09 2018-05-29 Assa Abloy Ab Method and apparatus for making a decision on a card
US8074271B2 (en) 2006-08-09 2011-12-06 Assa Abloy Ab Method and apparatus for making a decision on a card
US8914851B2 (en) * 2010-12-06 2014-12-16 Golba Llc Method and system for improved security
US8924713B2 (en) 2012-03-30 2014-12-30 Golba Llc Method and system for state machine security device
CA2836137C (en) 2012-12-05 2020-12-01 Braeburn Systems Llc Climate control panel with non-planar display
EP2821970B2 (en) 2013-07-05 2019-07-10 Assa Abloy Ab Access control communication device, method, computer program and computer program product
EP2821972B1 (en) 2013-07-05 2020-04-08 Assa Abloy Ab Key device and associated method, computer program and computer program product
US9443362B2 (en) * 2013-10-18 2016-09-13 Assa Abloy Ab Communication and processing of credential data
CA2894359C (en) 2014-06-16 2022-07-05 Braeburn Systems Llc Graphical highlight for programming a control
US8966578B1 (en) * 2014-08-07 2015-02-24 Hytrust, Inc. Intelligent system for enabling automated secondary authorization for service requests in an agile information technology environment
CN107077763B (en) 2014-09-10 2021-07-06 亚萨合莱有限公司 First entry notification
MX2015014860A (en) 2014-10-22 2017-03-13 Braeburn Systems Llc Thermostat code input system and method therefor using ssid.
CA2910895C (en) 2014-10-30 2023-01-10 Braeburn Systems Llc System and method for monitoring building environmental data
MX360294B (en) 2014-10-30 2018-10-29 Braeburn Systems Llc Quick edit system.
MX365282B (en) * 2014-12-02 2019-05-29 Inventio Ag Method for providing a visitor controlled access into a building.
CA2920281C (en) 2015-02-10 2021-08-03 Daniel S. Poplawski Thermostat configuration duplication system
US10317867B2 (en) 2016-02-26 2019-06-11 Braeburn Systems Llc Thermostat update and copy methods and systems
JP6728390B2 (en) 2016-04-06 2020-07-22 オーチス エレベータ カンパニーOtis Elevator Company Mobile visitor management
US10317919B2 (en) 2016-06-15 2019-06-11 Braeburn Systems Llc Tamper resistant thermostat having hidden limit adjustment capabilities
MX2017011987A (en) 2016-09-19 2018-09-26 Braeburn Systems Llc Control management system having perpetual calendar with exceptions.
EP4290400A3 (en) * 2018-04-03 2024-03-06 Palantir Technologies Inc. Controlling access to computer resources
US10921008B1 (en) 2018-06-11 2021-02-16 Braeburn Systems Llc Indoor comfort control system and method with multi-party access
BR102018068736A2 (en) * 2018-09-14 2020-03-24 Haganá Comércio De Sistemas Eletrônicos Ltda. METHOD FOR ACCESS CONTROL THROUGH REMOTE COMMUNICATION DEVICES
US10802513B1 (en) 2019-05-09 2020-10-13 Braeburn Systems Llc Comfort control system with hierarchical switching mechanisms
US11704441B2 (en) 2019-09-03 2023-07-18 Palantir Technologies Inc. Charter-based access controls for managing computer resources
CN111192393B (en) * 2019-09-19 2022-04-22 腾讯科技(深圳)有限公司 Network door opening method and device and computer equipment
CN113900753B (en) * 2021-10-09 2023-09-22 国家电网有限公司客户服务中心 Intelligent energy information management system and method
US11925260B1 (en) 2021-10-19 2024-03-12 Braeburn Systems Llc Thermostat housing assembly and methods

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5850518A (en) * 1994-12-12 1998-12-15 Northrup; Charles J. Access-method-independent exchange
US7194554B1 (en) * 1998-12-08 2007-03-20 Nomadix, Inc. Systems and methods for providing dynamic network authorization authentication and accounting
SE516208C2 (en) * 2000-03-30 2001-12-03 Vattenfall Ab Procedures and systems for identification
US8479258B2 (en) * 2011-01-06 2013-07-02 Martin Herman Weik, III Garage management system
CA2324679A1 (en) * 2000-10-26 2002-04-26 Lochisle Inc. Method and system for physical access control using wireless connection to a network
JP3474548B2 (en) * 2001-04-09 2003-12-08 アライドテレシス株式会社 Collective building
WO2004011747A1 (en) * 2002-07-31 2004-02-05 Sony Corporation Collective housing shared entrance device, collective housing door-to-door interphone device, door-to-door container box management device, and communication system
US7831628B1 (en) * 2005-06-01 2010-11-09 Osiris Quintana System and method for management of building department services
US20090138953A1 (en) * 2005-06-22 2009-05-28 Dennis Bower Lyon User controlled identity authentication
GB0623842D0 (en) * 2006-11-29 2007-01-10 British Telecomm Secure access
US8239922B2 (en) * 2007-08-27 2012-08-07 Honeywell International Inc. Remote HVAC control with user privilege setup
TWI389536B (en) * 2008-11-07 2013-03-11 Ind Tech Res Inst Access control system and method based on hierarchical key, and authentication key exchange thereof
FI122260B (en) * 2010-05-10 2011-11-15 Kone Corp Procedure and system for limiting passing rights

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None *

Also Published As

Publication number Publication date
EP2691940A1 (en) 2014-02-05
WO2012130640A1 (en) 2012-10-04
ES2647295T3 (en) 2017-12-20
PL2691940T3 (en) 2018-04-30
US8689353B2 (en) 2014-04-01
US20120278901A1 (en) 2012-11-01

Similar Documents

Publication Publication Date Title
EP2691940B1 (en) Management of access rights to operating and/or control data from buildings or building complexes
WO2018091354A1 (en) Access control system having automatic status update
EP1942466A2 (en) Access, monitoring and communication device and access, monitoring and communication method
AT516188B1 (en) Service and information system for buildings and procedures for this
EP2956913A1 (en) Arrangement for the authorised access of at least one structural element located in a building
EP1321901B1 (en) Method for controlling access rights to an object
EP3647887B1 (en) Method and apparatus for the transmission of an access token for access to a field device used in the processing industry
DE102016107450A1 (en) Secure gateway
AT503783B1 (en) SYSTEM FOR CONTROLLING PERSONS 'AUTHORIZATION TO DO AUTHORIZED ACTIVITIES
DE102005015792A1 (en) Electronic system for numerically controlled industrial processing machine, has computer operating printing machine, and another computer including authorization device storing access data for personnel with access authorization
WO2018114102A1 (en) Method for checking a client assignment, computer program product, and device
EP0904644A1 (en) Distributed closed and/or open-loop control device for building management systems with network and local bus
EP3358802B1 (en) Method for securely providing a cryptographic key
EP1658704B1 (en) Update of presence data allocated to the user of a communication service
DE102006018889A1 (en) A method for restricting access to data of group members and group management computers
DE102014005945A1 (en) Method for transmitting information
WO2018114101A1 (en) Method for checking a tenant assignment, computer program product, and automation system having field devices
BE1030391B1 (en) Service provider-customer communication system with central data storage and management, integrated synchronized time recording system and local terminals
DE602004010754T2 (en) Expandable, local network associated with a building
WO1999063697A2 (en) Programme-controlled device
EP2645630A1 (en) Adaptive remote service protocol
EP4050545A1 (en) Method for the installation of multiple door components
DE102006051878B4 (en) Apparatus and method for establishing a secure connection between a terminal and an Internet server
DE102013112730B4 (en) Computer center and method for operating a computer center
WO2022180088A1 (en) Method for installing a plurality of door components

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20130814

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20160719

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20170515

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 938557

Country of ref document: AT

Kind code of ref document: T

Effective date: 20171115

Ref country code: IE

Ref legal event code: FG4D

Free format text: LANGUAGE OF EP DOCUMENT: GERMAN

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 502012011476

Country of ref document: DE

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2647295

Country of ref document: ES

Kind code of ref document: T3

Effective date: 20171220

REG Reference to a national code

Ref country code: NL

Ref legal event code: FP

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 7

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180118

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180218

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180119

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180118

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: AT

Payment date: 20180322

Year of fee payment: 7

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 502012011476

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

26N No opposition filed

Effective date: 20180719

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180316

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20180316

REG Reference to a national code

Ref country code: AT

Ref legal event code: MM01

Ref document number: 938557

Country of ref document: AT

Kind code of ref document: T

Effective date: 20190316

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20190316

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20120316

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

Ref country code: MK

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20171018

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20171018

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: CH

Payment date: 20220324

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: PL

Payment date: 20220304

Year of fee payment: 11

Ref country code: NL

Payment date: 20220325

Year of fee payment: 11

Ref country code: IT

Payment date: 20220323

Year of fee payment: 11

Ref country code: BE

Payment date: 20220325

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: ES

Payment date: 20220418

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230323

Year of fee payment: 12

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

REG Reference to a national code

Ref country code: NL

Ref legal event code: MM

Effective date: 20230401

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20230331

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20230401

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20230331

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20230331

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20230331

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20230316

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20240328

Year of fee payment: 13

Ref country code: GB

Payment date: 20240319

Year of fee payment: 13

REG Reference to a national code

Ref country code: ES

Ref legal event code: FD2A

Effective date: 20240507