LU92861B1 - Digital lock system - Google Patents
Digital lock system Download PDFInfo
- Publication number
- LU92861B1 LU92861B1 LU92861A LU92861A LU92861B1 LU 92861 B1 LU92861 B1 LU 92861B1 LU 92861 A LU92861 A LU 92861A LU 92861 A LU92861 A LU 92861A LU 92861 B1 LU92861 B1 LU 92861B1
- Authority
- LU
- Luxembourg
- Prior art keywords
- error
- string
- user
- lock
- error detection
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Abstract
The invention pertains to a digital lock system, comprising a digital lock (LK) and a server (SRV), whereby a first registered user may lock the digital lock (LK) and may request generation of a key for locking and unlocking (AP), whereby the server (SRV), the digital lock (LK) and the first user's communication device (SPI) each comprise a public key and a private key, whereby said first registered user by usage of a user's communication device (SPI) and said digital lock (LK) each may communicate with the server (SRV), and whereby the first registered user may by usage of a user's communication device (SPI) communicate with the digital lock (LK), whereby the server (SRV) stores public keys of the digital lock (LK) and said first user communication device (SPI) as well as challenges (CLK, CSPi) for the users communication device (SPI) and the digital lock (LK1) and a response (RSPi) for the challenge for the user's communication device
Description
Digital lock system
Background
Locks and keys therefore are known since the antique. As such locks and keys are used for granting access.
Nowadays almost everybody is in possession of a plurality of keys allowing to open and/or close respective locks.
In the past, complete new schemes of renting developed. Most of these schemes relate to vehicles and allow for renting cars on a need basis either at specific points or at the point where they were left by the last renter. Most of these schemes are internet based and allow for booking of a vehicle e.g. via a pre-registered smart phone.
They same scenario may be seen in context of housing. Nowadays, it is possible to rent a flat for a certain time from the owner or main tenant via internet. But also parking space is rented via such internet based platforms.
Within all these scenarios, a key problem is the key allowing access to a vehicle, a flat, a parking lot...
This is because nobody likes to share the real key while being away but at the same time the key is necessary for having access. While large firms may have found solutions for this problem, the problem still exists for those individuals participating in such scenarios as offerer.
Typically it is not always possible to provide for a key exchange in person, e.g. because a flat is offered while being away for vacation, or a parking lot is offered while away for business.
The same problem may arise when storing goods within a safe deposit box for exchange.
Numerous attempts have been made so far but none of these attempts allowed for a reliable key exchange. However, so far it was possible to provide for a reliable and secure exchange.
It is therefore an object of the invention to provide for a new solution which circumvents the pitfalls of so far solutions.
Brief description of the invention
The object is solved by a Digital lock system, comprising a digital lock and a server, whereby a first registered user may lock the digital lock and may request generation of a key for locking and unlocking, whereby the server, the digital lock and the first user each comprise a public key and a private key, whereby said first registered user by usage of a user's communication device and said digital lock each may communicate with the server, and whereby the first registered user may by usage of a user's communication device communicate with the digital lock, whereby the server stores public keys of the digital lock and said first user as well as challenges for the user and the digital lock and a response for the challenge for the user.
Further advantageous embodiments are subject of the dependent claims and the accompanying description and figures.
BRIEF DESCRIPTION OF THE FIGURES
Fig. 1 shows a schematic flowchart of processes associated to aspects of embodiments of the invention, and
Fig. 2 shows a further schematic flowchart of further processes associated to aspects of embodiments of the invention
DETAILED DESCRIPTION
The present disclosure describes preferred embodiments with reference to the Figures, in which like reference signs represent the same or similar elements. Reference throughout this specification to "one embodiment," "an embodiment," or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases "in one embodiment," "in an embodiment," and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.
The described features, structures, or characteristics of the invention may be combined in any suitable manner in one or more embodiments. In the description, numerous specific details are recited to provide a thorough understanding of embodiments of the invention. I.e., unless indicated as alternative only any feature of an embodiment may also be utilized in another embodiment.
In addition, even though at some occurrences certain features will be described with reference to a single entity, such a description is for illustrative purpose only and actual implantations of the invention may also comprise one or more of these entities. I.e. usage of singular also encompasses plural entities unless indicated.
In the following we will first refer to a general lock system and later-on exemplify certain use cases which may benefit from the described inventive technology.
The digital key system according to the invention may be based on so called PUF technology. PUF technology - so called physical unclonable functions -, which are typically implemented in hardware. PUFs represent an innovative primitive which may be used for authentication and secret key storage without the requirement of secure EEPROMs and other expensive hardware. This is achieved, because - instead of storing secrets in digital memory - PUFs derive a secret from the physical characteristics of an integrated circuit. This physical characteristic is corresponding to a fingerprint of a human. PUF technology is based on challenge response authentication. Each PUF can be modeled as a blackbox challenge-response system.
In other words, a PUF is passed an input challenge c, and returns a response r =f(c) as a function of the challenge c. E.g. In a system there are parties SP1 and SP2. Suppose that SP1 has challenge-response list of SP2. Hence, when SP1 sends a challenge "c" to SP2, and SP2 runs the function f(c) leading to the response "r", SP1 will authenticate SP2 if the response is "r".
With this understanding one may turn towards a situation where a user wants to use a lock.
In the invention, the user has a smart device, preferably being hardware enabled to provide PUF functionality. However, this is no pre-condition. Such a smart device may be a smart phone, a tablet computer or any other kind device which allows for communicating with a server and a lock as will be described later-on.
Now suppose that the three (electronic) parties in this scenario, the server SRV, the (user's) smart phone SP1 and the digital lock LK each comprise associated public and private keys.
To distinguish these keys, said keys are displayed in the figures by respective shadings, i.e. the public key Pul of the server SRV is indicated by hatching from bottom left to top right will the private key Prl of the server SRV is indicated by hatching from top left to bottom right. The public key Pu2 of the smart phone SP1 is indicated by horizontal lines while the private key Pr2 of the smart phone SP1 is indicated by vertical lines. The public key Pu3 of the digital lock LK is indicated by a chess pattern while the private key Pr3 of the digital lock LK is indicated by a dotted pattern.
Within the invention digital locks LK may be sold for different purposes.
We now assume that a first user has acquired such an inventive digital lock LK.
The first user needs to register to a server SRV.
This can be done by a registration process as follows. The first user may use his smart phone SP1 and download an application, e.g. from an application store. The link thereto may be published or may be provided in a step 100 along with a digital lock, either electronically, or printed (e.g. a QR code) on the digital lock LK itself or on packing thereof. E.g. such a link may be provided via a respective wired (e.g. USB or the like) or wireless interface (e.g. NFC).
Registration may be based on a unique user name and may also be secured by a password.
The user's smart phone SP1 may allow for PUF by means of an integrated circuit. If no such PUF functionality is provided, additional security may be provided by a combination of cloud services and intrinsic device characteristics (IMEI code, phone Number, User's Fingerprint, etc.)
Next, in a step 200 a challenge CSpi and response RSPi pair is generated on the smart phone SP1 (e.g. by the app).
The generated challenge and response pair C/RSP1 is encrypted by public key Pul and forwarded to the server SRV in a step 300. I.e. the server now knows the challenge and response pair C/RSPiof the user's smart phone SP1. This challenge and response pair C/RSPi is stored. We will refer to this challenge and response pair C/RSPi also as "MPUF Package". Additionally or within a separate step the public key Pu2 is transferred to the server SRV and may be stored there.
Now the smart phone may be used within the invention.
Next we assume that the lock shall be registered into the system.
This can be done by a registration process as follows. The first user may use again his smart phone SP1 and connect with the digital lock LK. This may be embodied in separate steps 400 and 500 or may be integrated into a connection as detailed above with respect to step 100.
While connecting, the smart phone SP1 of the user acquires an identification of the lock LK|D and the public key PU3 of the digital lock.
The public key PU3 may be published or may be provided in a step 100 along with a digital lock, either electronically, or printed (e.g. a QR code) on the lock itself or on packing thereof. E.g. such a link may be provided via a respective wired (e.g. USB or the like) or wireless interface (e.g. NFC).
Now, as the smart phone SP1 is in possession of the public key Pu3 of the digital lock, said public key may be forwarded in step 600 towards the server SRV. Again said step may be embodied as a separate step or may be integrated into step 300.
It may also be foreseen that the forwarded public key Pu3 of the digital lock LK is encrypted by the public key Pul of the server SRV either by the digital lock itself (step 500) or by the smart phone SP1 (step 100 respectively 600). We will refer to this as "SPLUF1 Package"
In order to be able to use the digital lock LK, the digital lock LK is initialized for usage by the first user.
Therefore, the server SRV generates and stores a challenge CLK. The challenge is CLK encrypted at least by the public key Pu3 and forwarded to the first user's smart phone SP1 in a step 700.
Obviously, said forwarded message may be super-encrypted by the public key Pu2 of the smart phone SP1. If it is additionally encrypted, it will be decrypted by the private key Pr2 of the smart phone after receipt.
The smart phone SP1 then forwards in step 800 the encrypted challenge towards the digital lock via a respective communication means. The digital lock in turn decrypts the challenge CLKand performs the respective function thereby generating the response RLK. The response RLK is encrypted by the public key Pul of the server and forwarded to the smart phone SP1 in step 900.
Obviously, said forwarded message may be super-encrypted by the public key Pu2 of the smart phone SP1. If it is additionally encrypted, it will be decrypted by the private key Pr2 of the smart phone SP1 after receipt. The digital lock LK may have acquired the public key Pu2 of the smart phone SP1 in step 400 and/or 800.
The smart phone SP1 forwards the encrypted message towards the server SRV in step 1000.
Now the server SRV is in possession of challenge and response pairs for the smart phone C/RSPi and for the lock C/RLK.
For usage of the digital lock, the server now generates an access package for the user. This access package comprises: • challenge response pair C/RSP of the smart phone SP1, whereby the C/RSP is encrypted by response RLK of the digital lock • challenge of the lock CL«
The access package itself is encrypted by the public key Pu3 of the digital lock LK.
This access package is forwarded to the user's smart phone SP1 in step 1100.
Obviously, said forwarded message may be super-encrypted by the public key Pu2 of the smart phone SP1. If it is additionally encrypted, it will be decrypted by the private key Pr2 of the smart phone SP1 after receipt.
Now having detailed aspects relating to the registration of the user, smart phone and lock as well as initialization of a lock for usage by a user, we may now turn to the actual locking/unlocking procedures.
These procedures are from the perspective of the system similar and will be detailed with reference to figure 2.
We assume that the Access Package (provided in step 1100) is stored in the first user's smart phone SP1.
Now the smart phone SP1 is brought into connection (wired or wireless) to the digital lock LK and the Access Package AP is transferred to the digital lock in step 2100.
The digital lock LK deciphers in step 2300 the access package by use of the private key Pr3 of the digital lock LK. The result of this process is the challenge CLK and the still encrypted challenge/response pair of the smart phone SP1.
Using the challenge - response function with the challenge CLK will result again in the response RLK.
Using the response RLK for deciphering of the still encrypted challenge/response pair of the smart phone SP1 will lead in step 2400 to the challenge/response pair C/RSPi.
Now that the digital lock knows the challenge/response pair C/RSP1of the user's smart phone SP1, the digital lock LK responds in step 2500 with the challenge CSPi.
Obviously, said forwarded message may be encrypted by the public key Pu2 of the smart phone SP1. If it is additionally encrypted, it will be decrypted by the private key Pr2 of the smart phone SP1 after receipt.
The smart phone SP1 will generate a response RSpito the challenge CSPi in step 2600 and forward the result to the digital lock in step 2700.
Obviously, said forwarded message may be encrypted by the public key Pu3 of the digital lock. If it is additionally encrypted, it will be decrypted by the private key Pr3 of the digital lock after receipt.
The digital lock compares the received result RSPi with the expected result contained in the deciphered challenge/response pair C/RSP1. In case of a match a locking/unlocking operation is authorized, in case of mismatch no operation is allowed.
As such a user may have a plurality of digital locks associated to him. The respective access packages may be stored in the smart phone SP1 of the users.
Also a plurality of users may be equipped with access to a same digital lock as is apparent from the above. In this case after all users are registered it is only necessary to provide user specific access packages towards the respective users, e.g. an access package with respect to a first user's smart phone SP1 and another access package with respect to a second user's smart phone SP2. E.g. a user may grant access by allowing generation of access keys via the server SRV.
It is to be appreciated that the access packages may provide for additional features. E.g. an access package may contain information with respect to a certain number of locking operations, a certain time within said access package may validly be used, etc.
Even though described with reference to a smart phone, there might also be cases where there are other means available. E.g. in emergency cases, in which a smart phone might not be accessible, a programmable digital key may be provided. Such a digital key may (as well as the digital lock) comprise a PUF integrated circuit. This digital key may also be replaced as detailed above by another smart phone.
To program the digital key it can be connected to smart phone, laptop or desktop via USB. The digital key may be used as a Master key or "Mainkey". "Mainkey" will be replaced by all of keys in key chain. By using "Mainkey" as backup key, user can be sure that he/she will never be locked out. Each Mainkey is unique. The technology behind Mainkey makes duplicating nearly impossible. I.e. by using Mainkey as backup key, this backup key cannot be copied by hackers and thieves. Mainkey may contain a rechargeable backup battery and/or a micro USB port. By connecting micro USB port to smart phone SP1, the smart phone may even be charged.
Preferably such a Main Key for a digital lock comprises a display for showing e.g. location information of digital locks LK able to be un-locked by the key.
Imagine a first user wants to share his key with a second user. To transfer an access package to the second smart phone SP2, the following steps may be performed:
The first user connects his backup digital key "Main key" to any smart phone (e.g. via micro USB or Bluetooth). The server will authenticate backup digital key by running a challenge response process. The connection of backup key to server is via smart phone or Laptop( By SMS or Online). After running this process, the first user is allowed to request the server to generate an access package for the second user. The server generates an access package for the second user's smart phone SP2 based on respective data stored on the server.
Note, communication of the digital lock LK and a user's communication device SP1, SP2 may be wired, e.g. via a respective interface such as (micro-) USB and/or wireless. In case of a wireless communication, near field communication, such as NFC, RFID, ZigBee, Bluetooth, Bluetooth low energy, WLAN etc. is preferred.
In addition the digital lock LK may also be equipped in certain scenarios, such as usage for locking vehicles, with a second alternative communication device.
Said second communication device is different from the first communication device. Preferably said second communication device allows for accessing the server respectively allows the server SRV to directly access the digital lock LK. E.g. the second communication device may allow access to a mobile communication system such as the GSM, UMTS, LTE system or any other comparable mobile communication system allowing for data transport.
Furthermore, in some embodiments the digital lock may also be tracked with respect to its location. Tracking may be performed by an integrated location detector such as a GPS system within the digital lock LK and/or by usage of location information derived from the first and or second communication system, e.g. via triangulation, delay measurements, etc.
Still further, the digital lock may also comprise one or more sensors allowing for detecting theft attempts. Such sensors may be pressure sensors measuring sharp pressure changes but also location sensors indicating a certain displacement. Such sensors may also sense integrity of certain parts of a vehicle and may be integrated into the vehicle. In case a theft attempt is detected, such a theft attempt may be reported to the registered user SP1, security and/or the person attempting theft.
Additionally the digital lock LK may further comprise alarm equipment, whereby the alarm equipment is activated when a theft attempt is detected. Such detection may be performed locally and stand-alone or it may be alternatively or additionally be performed within or by a communication network or by the server SRV.
Suppose the digital lock LK is a lock used for a vehicle such as a bicycle. In such cases it may be beneficial if the digital lock LK further comprises a lamp. Preferably, the lamp is equipped with a detector for detecting ambient light conditions, whereby the lamp is switched on in response to a detected lack of ambient light.
As such a digital lock may be used in connection with any kind of vehicle such as a land craft, an air craft or a sea craft.
Usage of a digital lock system with respect to a vehicle will be further described with respect to a digital bike lock.
The digital bike lock LK may be used by users to lock / unlock bicycles with any smart phone SP1.
The communication between lock LK and smart phone SP1 may be provided by Bluetooth Low Energy. A user - by installing and using the respective app - may be granted access to a map in order to find a bike at a certain location. The location may also be provided to track an individual bike.
This digital bike lock LK may be equipped with Internet access via first and/or second communication means and a GPS device, thus bikes can be easily traced to create a new access and also remove an access to a bike.
Imagine user "A" wants to get a bike to go from point "Al" to "A2", he would checkout the mobile application and find a nearest bike around "Al", then he will purchase a digital code from the server SRV via a mobile app. The digital access code is limited to a certain time interval, when users don't extend the access time the code will be automatically revoked.
The digital bike lock LK may also benefits from anti-theft functionality. E.g. there may be sensors provided e.g. in the chain and/or the frame of the lock which detect temperature and pressure changes and thereby activate a respective sensor leading e.g. to an alarm buzzing and may also trigger a notification towards the owner of the bike.
In addition to the theft alarm, the sensors may also be beneficial to detect crashes.
Imagine a kid sing a bike equipped with a digital bike lock LK according to the invention. Such a bike may easily be customized by the supervising persons, such as the parents. E.g. in case of danger, such as a detected accident, a certain person may automatically be informed of the location of the accident event. Also it may be provided for a certain allowed range within which the children may move. If the digital bike lock is detected to be outside of the allowed range, the digital bike lock LK and/or the server SRV may activate a respective notice towards the supervising person. Obviously, such functionality may not only be beneficial for underage persons but also for grown up persons.
In some embodiments, the digital bike lock LK may also be equipped with energy storage such as a (super) capacitor, rechargeable batteries, etc.
Furthermore, in some embodiments of the digital bike lock LK the energy storage allows for powering by energy harvesting, such as energy harvesting from mechanical energy, solar power e.g. via respective solar cells, a DC generator being arranged for powering a head light of the bicycle, piezoelectricity, etc.
Obviously, by usage of the digital bike lock LK according to the invention also sharing of a bike is enabled. I.e. as described before a first user may trigger the generation of an access package for a second user and thereby allow usage of the bike.
It is noted that knowledge about the type of digital lock also may be beneficial in the analysis of habits of users.
For instance, one may deduce where bikes are accumulating, how many km are travelled in a certain time, where bikers go mostly to visit, where bikers eat food, ....
But the digital bike lock is not only beneficial for individuals but may also be used in renting scenarios as will be highlighted in the following.
Suppose there is a bike retailer owning a plurality of bikes equipped with digital bike locks LK according to the invention. The retailer may than monitor all bikes e.g. via a web based application. At a certain moment a user searches via his smart phone app for a nearest bike location. Then he rents a bike through his mobile application for 1.5 hour. The renting process leads to the generation of an access package AP as detailed above, which will be forwarded to the user.
The user goes to the bike and by connecting his mobile phone to the digital bike lock LK, the digital bike lock LK will be opened in the manner as described above.
Suppose that twilight is beginning, the lamp integrated into the digital bike lock may be activated.
After the pre-booked time the user is warned that the booked time is over. The user may then lock the digital bike lock LK again by use of the smart phone and the access package. Once locked, the position of the bike may be updated either by the user's smart phone and or by the digital bike lock LK via a respective communication interface itself.
Suppose another use case. Here, we assume that the digital lock LK is for a safe within a digital lock system. Again the digital lock LK is enabled for communicating with a communication device SP1 of a user via a near filed communication system. Near filed communication near field communication may be embodied e.g. as NFC, RFID, ZigBee, Bluetooth, Bluetooth low energy, WLAN etc.
The user may by use of the communication device SP1 and the access package AP lock/un-lock the digital lock LK of the safe via communicating with the digital lock LK via the near field communication system. In case the digital lock authenticates the challenge and response of the user's communication device SP1 physical access to the safe compartment is allowed in step 2800.
Again the digital lock LK may be equipped with a second communication device allowing for access of a wireless communication system.
Said second communication device is different from the first communication device. Preferably said second communication device allows for accessing the server respectively allows the server SRV to directly access the digital lock LK. E.g. the second communication device may allow access to a mobile communication system such as the GSM, UMTS, LTE system or any other comparable mobile communication system allowing for data transport.
Furthermore, in some embodiments the digital lock may also be tracked with respect to its location. Tracking may be performed by an integrated location detector such as a GPS system within the digital lock LK and/or by usage of location information derived from the first and or second communication system, e.g. via triangulation, delay measurements, etc.
Still further, the digital lock may also comprise one or more sensors allowing for detecting theft attempts. Such sensors may be pressure sensors measuring sharp pressure changes but also location sensors indicating a certain displacement. In case a theft attempt is detected, such a theft attempt may be reported to the registered user SP1, security and/or the person attempting theft.
Additionally the digital lock LK may further comprise alarm equipment, whereby the alarm equipment is activated when a theft attempt is detected. Such detection may be performed locally and stand-alone or it may be alternatively or additionally be performed within or by a communication network or by the server SRV.
The digital lock LK may further comprise a shaft movable relative to the housing, the digital lock further comprising a compartment for storing physical subjects.
The housing itself may also comprise means for recognizing objects such that the stored physical objects, e.g. a physical key allowing access to an apartment, may be removed temporarily, and integrity of returned physical key is ensured. E.g. imagine another authorized user is using a first user's physical key stored in the safe. Then the first user can be sure that a physical key put back into the storage compartment is the same as the one which has been put in there by the first user.
Means for recognizing may be optical means such as a (light field) camera and/or a scale weighing a key, just to mention some.
That is, by means of the invention a first user may share his physical key with another user, even though there is no physical access to a person in a manner of time and location. Using a digital lock for a safe according to the invention allows users to lock their key inside the safe compartment. Location of the Digital lock LK comprising the physical key may be determined as detailed above. The location and the generated access package AP for the second user may then be send to the second user for accessing the digital lock safe LK. This digital lock safe LK may again use different energy harvesting methods such as solar cell and DC generator which promises the long life time of the digital lock safe LK.
In another scenario, the digital lock LK is intended for a door within a digital lock system.
Again the digital lock LK is enabled for communicating with a communication device SP1 of a user via a near filed communication system. Near filed communication near field communication may be embodied e.g. as NFC, RFID, ZigBee, Bluetooth, Bluetooth low energy, WLAN etc.
The user may by use of the communication device SP1 and the access package AP lock/un-lock the digital lock LK of the safe via communicating with the digital lock LK via the near field communication system. In case the digital lock authenticates the challenge and response of the user's communication device SP1 opening of the door is allowed in step 2800.
Again the digital lock LK may be equipped with a second communication device allowing for access of a wireless communication system.
Said second communication device is different from the first communication device. Preferably said second communication device allows for accessing the server respectively allows the server SRV to directly access the digital lock LK. E.g. the second communication device may allow access to a mobile communication system such as the GSM, UMTS, LTE system or any other comparable mobile communication system allowing for data transport.
Still further, the digital lock LK may also comprise one or more sensors allowing for detecting housebreaking attempts. Such sensors may be pressure sensors measuring sharp pressure changes but also location sensors indicating a certain displacement. In case a housebreaking attempt is detected, such a theft attempt may be reported to the registered user SP1, security and/or the person attempting theft.
Additionally the digital lock LK may further comprise alarm equipment, whereby the alarm equipment is activated when a housebreaking attempt is detected. Such detection may be performed locally and stand-alone or it may be alternatively or additionally be performed within or by a communication network or by the server SRV.
By usage of the digital door lock LK in the form of a conventionally shaped locking cylinder, ease replacement of the new technology for standard locking cylinders is ensured thereby allowing for easy upgrade. Thereby users are enabled to lock and unlock the door with their mobile app.
This digital lock LK is equipped with internet connectivity, and Bluetooth low energy communication. Users may communicate with the device via their smart phone app and also through the web based application. Simply, when a user is close to the door, the digital lock may be unlocked.
Again, a user may grant access to another user by instructing the Server SRV to generate an access package AP for the second user.
In all of the above described embodiments, the digital lock LK may further comprise a physical I/O interface allowing for wired access to the digital lock for locking /unlocking operations. E.g. when a user's smart phone SP1 is out of battery, he may directly connect the smart phone SP1 to the physical I/O interface such as an USB port provided in the digital lock LK and therefore the use will be enabled to unlock / lock the digital lock LK.
As is apparent from the above, the digital lock system may be practiced in different scenarios. I.e. a first user may use his Smart Phone for locking/unlocking e.g. vehicles equipped with a digital lock according to the invention while at the same time he may provide access to a second user to his flat by use of a digital door look LK according to the invention.
Hence, by the invention a secure and reliable exchange of keys among different users having different needs is provided.
The inventive system allows for added functionality such as increased security options and allows for new business models.
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
LU92861A LU92861B1 (en) | 2015-10-30 | 2015-10-30 | Digital lock system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
LU92861A LU92861B1 (en) | 2015-10-30 | 2015-10-30 | Digital lock system |
Publications (1)
Publication Number | Publication Date |
---|---|
LU92861B1 true LU92861B1 (en) | 2017-05-02 |
Family
ID=54849680
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
LU92861A LU92861B1 (en) | 2015-10-30 | 2015-10-30 | Digital lock system |
Country Status (1)
Country | Link |
---|---|
LU (1) | LU92861B1 (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110313922A1 (en) * | 2009-06-22 | 2011-12-22 | Mourad Ben Ayed | System For NFC Authentication Based on BLUETOOTH Proximity |
US20150067792A1 (en) * | 2013-08-27 | 2015-03-05 | Qualcomm Incorporated | Owner access point to control the unlocking of an entry |
-
2015
- 2015-10-30 LU LU92861A patent/LU92861B1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110313922A1 (en) * | 2009-06-22 | 2011-12-22 | Mourad Ben Ayed | System For NFC Authentication Based on BLUETOOTH Proximity |
US20150067792A1 (en) * | 2013-08-27 | 2015-03-05 | Qualcomm Incorporated | Owner access point to control the unlocking of an entry |
Non-Patent Citations (1)
Title |
---|
"USA", 1 January 1997, CRC PRESS LLC, USA, article MENEZES ET AL: "Handbook of Applied Cryptography - Chapters10,13", XP055252492 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102196431B (en) | Internet of things application scene-based protection method of privacy query and private identity verification | |
US8078885B2 (en) | Identity authentication and secured access systems, components, and methods | |
US20060085847A1 (en) | Locking system and locking method | |
CN108009830A (en) | Products in circulation tracking and system based on block chain | |
CN107438230A (en) | Safe wireless ranging | |
JP5706029B1 (en) | Apparatus and method for lending and returning rental object to user by input of dynamic encryption by user | |
CN107689097A (en) | Synchronizing Passwords generation and checking system and its application based on frequency hopping | |
CN116318617B (en) | Medical rescue material charity donation method based on RFID and blockchain | |
JP2017073158A (en) | Rental system and rental method | |
CN109147103A (en) | dynamic password intelligent unlocking system and method | |
US11395145B2 (en) | Systems and methods of electronic lock control and audit | |
JP6593958B2 (en) | Rental system | |
Wazid et al. | Blockchain-envisioned secure authentication approach in AIoT: Applications, challenges, and future research | |
CN107424259B (en) | Order processing method, smart lock, sharing articles and the system of sharing articles | |
US20220020235A1 (en) | Blockchain-controlled and location-validated locking systems and methods | |
LU92861B1 (en) | Digital lock system | |
NL2013502B1 (en) | A method for providing a user authorization allowing operating a lock selected from a series of locks, and a lock system. | |
JP6054562B2 (en) | Rental system | |
JP6600441B2 (en) | Rental system | |
CN114333115B (en) | Unlocking method and device based on dynamic password, electronic lock device and control system | |
Gala et al. | Electric Bike Security: Biometric & GPS Integration for Intrusion Detection | |
JP6873524B2 (en) | Rental system | |
JP6831956B2 (en) | Rental system and rental method | |
JP6799868B2 (en) | Rental system | |
Chhabria et al. | Online Voting System using Blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FG | Patent granted |
Effective date: 20170502 |