WO2008051075A2 - Acces control system - Google Patents

Acces control system Download PDF

Info

Publication number
WO2008051075A2
WO2008051075A2 PCT/NL2007/050446 NL2007050446W WO2008051075A2 WO 2008051075 A2 WO2008051075 A2 WO 2008051075A2 NL 2007050446 W NL2007050446 W NL 2007050446W WO 2008051075 A2 WO2008051075 A2 WO 2008051075A2
Authority
WO
WIPO (PCT)
Prior art keywords
access control
information
control system
operating system
communicative connection
Prior art date
Application number
PCT/NL2007/050446
Other languages
French (fr)
Other versions
WO2008051075A9 (en
WO2008051075A3 (en
Inventor
Petrus Wilhelmus Maria Paijens
Maurice Erick Rensink
Original Assignee
N.V. Nederlandsche Apparatenfabriek Nedap
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by N.V. Nederlandsche Apparatenfabriek Nedap filed Critical N.V. Nederlandsche Apparatenfabriek Nedap
Priority to EP07808577A priority Critical patent/EP2070054A2/en
Publication of WO2008051075A2 publication Critical patent/WO2008051075A2/en
Publication of WO2008051075A3 publication Critical patent/WO2008051075A3/en
Publication of WO2008051075A9 publication Critical patent/WO2008051075A9/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Definitions

  • the invention relates to a system for access control provided with at least one local access control system which is arranged for detecting, reading and/or recognizing electronic keys, such as for instance access control cards, in particular cards in which electronic information is stored, identification codes, such as PIN codes, biometric features such as irises and the like.
  • electronic keys such as for instance access control cards, in particular cards in which electronic information is stored, identification codes, such as PIN codes, biometric features such as irises and the like.
  • Such a system is known per se and can for instance be used in commercial and institutional buildings, but also in shops, hotels and recreational residences. Persons can then obtain access to particular spaces or parts of buildings by presenting themselves at an access control unit of the access control system which is for instance installed at a door. Also objects, such as showcases, cash registers and computer systems, can be secured with such system ' s for access control.
  • the access control unit reads for instance a card in which electronic information is stored, or scans an iris, or an identification code, such as a PIN code, is entered at the access control unit. On the basis of this information, the access control system verifies if the person in question can be granted access to a particular space or a part of a building. If verification shows that the person in question can be granted access, the access control system can for instance unlock a door to provide the access.
  • an administrator manages a plurality of local access control systems situated at mutually different locations, this entails the disadvantage that the administrator will have to go to the respective locations in order for the new information regarding existing or new cards, identification codes, biometric features and the like, to be inputted at the local access control system.
  • This requires traveling and hence costs.
  • administrators are not as yet prepared to input such new information remotely from the respective local access control system, for instance via the Internet. If an access control system were made accessible, for instance via the Internet, for the purpose of inputting information, this would entail the risk of third parties from outside also gaining access to the access control system, which is evidently felt to be undesirable.
  • a further drawback of the known system for access control is that to enable the respective new information to be inputted locally, the local access control system is typically provided with a computer, which has a cost-increasing effect.
  • an administrator will want log files, which are generated by the local access control system and which contain for instance information about when and to which persons access to any specific space has been granted or the technical status of the system and its components, to be directly fetchable locally at the access control system. In this respect too, an administrator will not as yet be prepared to fetch such information remotely from an access control system, via the Internet.
  • the object of the invention is to provide a system that meets the disadvantages mentioned.
  • the system is further provided with: a central operating system; and at least one first communicative connection between the at least one access control system and the operating system for exchanging information between the operating system and the at least one access control system; wherein the operating system is provided with a communication server, such as an FTP-, TCP/IP- or Internet-type server, and the at least one access control system is provided with a communication client, such as an FTP-, TCP/IP- or Internet-type client, for the purpose of the at least one access control system sending information such as a log file to the operating system and for the purpose of the at least one access control system fetching information, such as new information regarding access rights of existing or new cards, identification codes, biometric features, system settings, software updates and the like, from the operating system.
  • a communication server such as an FTP-, TCP/IP- or Internet-type server
  • a communication client such as an FTP-, TCP/IP- or Internet-type client
  • a communication server such as an FTP-, TCP/IP- or Internet-type server
  • a communication client such as an FTP-, TCP/IP- or Internet-type client
  • the security problem mentioned does not occur or does so to a much lesser extent.
  • the access control system itself that determines when information is fetched from the central operating system and hence when for that purpose a connection is made with the at least one first communicative connection. After this information has been fetched, the connection with the at least one first communicative connection is terminated and the access control system is not accessible to other systems that might be coupled to the first communicative connection.
  • the initiative to send log files from the access control system to the central operating system originates from the access control system. In this way too, what is achieved again is that third parties could not fetch such log files or system settings from the access control system via the first communicative connection.
  • the network in which the access control system is included is provided with a firewall, there is no need to provide any holes or pipelines in the network for access from outside.
  • the at least one access control system is provided with a microcontroller on which embedded client software runs.
  • the access control system does not need to be provided with a relatively expensive computer such as a PC.
  • an administrator can place the new information in readiness in the operating system, so that the access control system can fetch it at times determined by the access control system.
  • an administrator can place for a plurality of access control systems a plurality of new information in readiness, which can be fetched by the respective access control systems.
  • Each access control system itself then fetches the information that is intended for the respective access control system.
  • the operating system is preferably further provided with a Web server
  • the system for access control is further provided with at least one computer, preferably provided with a Web client, for an administrator of the at least one access control system, and at least one second communicative connection between the operating system and the at least one computer
  • the system is so arranged that the administrator can send information such as new information regarding existing or new cards, identification codes, biometric features and the like, software updates or information about the technical status of the system and its components, with the at least one computer via the second communicative connection to the operating system, which information, after being optionally processed by the operating system, is placed in readiness in the operating system, so that the at least one access control system can fetch this information via the at least one first communicative connection through the FTP-, TCP/IP- or Internet-type protocol for further processing by the at least one access control system and/or wherein the system is so arranged that an administrator can fetch information from the operating system that has been sent previously
  • an administrator can, from any position, worldwide, send new information regarding existing or new cards, identification codes, biometric features, system settings, software updates and the like, to the operating system and/or fetch information.
  • the information to be sent is then placed in readiness, so that this information can be fetched by the access control system for which it is intended.
  • information can be fetched which has been sent previously by an access control system to the operating system.
  • the access control system is well-protected because it is only on its own initiative that it fetches information from the operating system and/or sends information to the operating system and only at these times is it connected with the at least one first communicative connection.
  • an administrator can also fetch information from the operating system that was sent previously by the access control system to the operating system, such as the log files mentioned earlier.
  • the at least one access control system comprises at least one port which is coupled to the at least one first communicative connection and which is not permanently open. More particularly, it holds here that the at least one port of the at least one access control system opens only under control of the at least one access control system for the purpose of sending the information to the operating system or for fetching information from the operating system. Practically speaking, the system will be provided with a plurality of access control systems and a plurality of computers that belong to different administrators.
  • Each administrator can then via his computer make a connection with the operating system for sending new information intended for those access control systems that are under his management. Similarly, an administrator can make a connection with the operating system for fetching information coming from those access control systems that are under his management.
  • the operating system can thus be utilized by a plurality of administrators each having a plurality of access control systems under their management. An advantage of this is that the individual administrators do not each need to bear the costs of a communication server, such as an FTP, TCP/IP- or Internet-type server, since it is utilized in common for different administrators.
  • the first and the second communicative connection For both the first and the second communicative connection, it holds that they comprise the Internet, UMTS, WAN, LAN, GPRS and/or like connections. In particular, it holds here furthermore that the system for access control is arranged to encrypt the information that is sent via the at least one first communicative connection. Also, it holds, in particular, that the system for access control is arranged to encrypt the information that is sent via the at least one second communicative connection.
  • Figure 1 shows a possible embodiment of a system according to the invention.
  • reference numeral 1 designates a system for access control according to the invention.
  • the system for access control is provided with a first local access control system 2.1 and a second local access control system 2.2. Both for the first and for the second local access control system, it holds that they are arranged for detecting, reading and/or recognizing, for instance, access control cards, identification codes, biometric features such as irises and the like. Both access control systems can work autonomously.
  • the access control system 2.1 is provided with a first access control unit 3.1 and a second access control unit 3.2.
  • the access control units 3.1 and 3.2 are each arranged for reading access control cards which are for instance provided with RFID chips with identification codes that can be read out by means of an electromagnetic interrogation field.
  • the access control units 3.1 and 3.2 in this example are connected with a microcontroller 8 which operates the access control system 2.1. If for instance a card is read out by the access control unit 3.1, information about this card is sent to the microcontroller 8.
  • the microcontroller 8 analyzes in a manner known per se whether the read-out information (identification code) relates to a card of someone who has access to a particular space, which space in this example is behind a door 5.1.
  • the microcontroller 8 will cause a locking mechanism 7.1 of the door 5.1 to be released, so that the door 5.1 can be opened. If this is not the case, the locking mechanism will remain closed.
  • the information about cards with which access to particular spaces can be obtained is stored, in this example, in the microcontroller 8. Entirely analogously, a card can be read out using the access control unit 3.2, for the purpose of opening the locking mechanism 7.2 of the door 5.2 in order to obtain access to a space behind the door 5.2.
  • the access control system 2.2 in this example is provided with three access control units 3.1, 3.2 and 3.3, respectively arranged adjacent three doors 5.1, 5.2 and 5.3.
  • the access control units 3.1, 3.2 and 3.3 are coupled to a microcontroller 8 of the access control system 2.2 and the doors 5.1, 5.2 and 5.3 are respectively provided with locking mechanisms 7.1, 7.2 and 7.3.
  • the operation of the access control system 2.2 is entirely analogous to that discussed above for the access control system 2.1.
  • the access control system 2.1 is situated in a first building, while the access control system 2.2 is situated in another building.
  • the system according to the invention is further provided with an operating system 4, which in this example is situated at a distance from the access control systems 2.1 and 2.2, more specifically in a wholly different building.
  • the operating system 4 is provided with a computer 14 which is provided with software, so that the computer 14 has the function of a communication server, such as an FTP, TCP/IP- or Internet-type server; this computer with software will hereinafter also be designated as communication server, in this example an FTP-type server (14).
  • the access control system 2.1 is provided with a communication client, such as an FTP, TCP/IP- or Internet-type client.
  • the microcontroller 8 is provided with FTP-type client software.
  • the access control system 2.1 in this example is furthermore provided with a modem 16, which in this example is provided with a firewall.
  • the computer 14 is likewise provided with a modem 18, in this example also provided with a firewall.
  • the system 1 is furthermore provided with a first communicative connection 6, such as the Internet or a point-to- point connection, between the modem 16 and the modem 18, Le. between the at least one access control system 2.1 and the operating system 4.
  • the access control system 2.2 it holds, entirely analogously to the access control system 2.1 as discussed, that it is provided with a modem 16, while the access control system 2.2 is provided with an FTP-type client.
  • the operating system 4 is further provided with a computer 20 provided with web server software, so that the computer 20 functions as a web server 20.
  • the operating system is provided with a database server 22.
  • the FTP server 14, the database server 22 and the web server 20 are mutually interconnected.
  • the system is furthermore provided with a first computer 23.1, which belongs to a first administrator, and a second computer 23.2, which belongs to a second administrator.
  • the first administrator manages the access control system 2.1
  • the second administrator manages the access control system 2.2.
  • the computer 23.1 and 23.2 it holds that they are each provided with web client software, while between the computer 23.1 (web client) and the web server 20 at least one second communicative connection 10.1 extends, and between the computer 23.2 and the web server 20 likewise a second communicative connection 10.2 extends.
  • the operation of the system described up to this point is as follows.
  • the first administrator wishes, via his computer 23.1, to input new information regarding existing and/or new authorization, cards, software and/or system settings, in the first access control system 2.1.
  • the administrator with his computer 23.1, makes a connection via the second communicative connection 10.1, in this example comprising the Internet, with the web server 20.
  • the system in this example is so arranged that an administrator can send the information to the web server 20 with the computer 23.1 only with the proper access rights.
  • the administrator needs to enter a password which is verified by the web server 20.
  • the administrator 23.1 can proceed to supply the new information via the web server 20 to the database server 22.
  • the administrator also indicates that the respective information is intended for the access control system 2.1.
  • the access control system is identifiable in the system in a manner known per se and for that purpose may for instance be provided with a unique designation.
  • the operating system 4 processes the received information, such that it can be fetched at a later time through, in this example, the FTP protocol.
  • the processed information inclusive of the identity of a destination for this information, is placed in readiness in the database server 22 to be fetched.
  • the access control system 2.1 is programmed to make a communicative connection at predetermined times via the at least one first communicative connection 6 with the operating system 4 for fetching the information mentioned.
  • this program is in the microcontroller 8.
  • the microcontroller 8 makes a connection via modem 16 via the first communicative connection 6, which in this example also comprises Internet, and via modem 18, with the FTP server 14. Doing so, the microcontroller 8 sends information about its identity to the client server 14.
  • the FTP server 14 verifies if in the database server 22 there is any information ready for the access control system 2.1 having the respective identity.
  • the FTP server 14 causes this information to be supplied through the FTP protocol to the microcontroller 8.
  • This information in this example relating to new information on existing and new cards, authorizations, software updates and/or system settings, can be taken in and recorded by the microcontroller 8, so that the access control system 2.1 is updated.
  • the connection between the access control system and the operating system is broken. Since the access control system is not remotely accessible, but can only itself build up a connection with the operating system, there is hence no need to provide any pipelines in the firewall to allow access from outside. In fact, the firewall provided in the modem 16 can simply stop all access from outside because access from outside is only initialized by the access control system itself, since it functions as an FTP-type client.
  • the second administrator of the access control system 2.2 can supply new information to the web server 20 with his computer 23.2. To this end, also the second administrator must enter a password via the computer 23.2 before he can supply the new information via the web server 20 to the database server 22. The second administrator, too, must then indicate for which access control system the new information is intended. In this example, this concerns the access control system 2.2. If he were to indicate the access control system 2.1, the database server 22 will not place the respective information in readiness, because according to data stored in the database server 22 the respective second administrator is administrator of the access control system 2.2 alone, not of the access control system 2.1.
  • the database server will process the respective information and place it in readiness together with an indication that it is intended for the access control system 2.2, so that the access control system 2.2 can fetch the respective new information.
  • the access control system 2.2 is likewise programmed such that at predetermined times it makes contact with the FTP server 14.
  • the FTP server 14 will verify, in response to the connection made by the access control system 2.2, if there is any new information ready that is intended for the access control system 2.2. If this is the case, this information will be supplied through the FTP protocol to access control system 2.2, after which the access control system 2.2 can process this information analogously to access control system 2.1 as discussed. After this, the connection between the access control system and the operating system is broken.
  • the access control system 2.1 is also programmed to make a communicative connection at predetermined times via the at least one first communicative connection 6 with the operating system 4 for sending information to the operating system 4.
  • information may for instance involve log files comprising information about when, and to whom, at which doors access has been granted, or the technical status of the system and its components.
  • This information too is supplied through the FTP protocol to the FTP server 14 which ensures that the respective information is stored in the database server 22.
  • the connection between the access control system and the operating system is broken.
  • the administrator with his computer 23.1, makes a connection with the web server 20, he can ask the web server 20 if there is any information ready in the database server 22 that comes from the access control system 2.1. If this is the case, the operating system 4 in this example causes the log file to be supplied via the web server 20 to the web client of the computer 23.1.
  • information coming from the access control system 2.2 can be supplied to the operating system 4 at predetermined times determined by the access control system 2.2.
  • the second administrator can then make contact, via the computer 23.2, with the web server 20 in order to verify if any information coming from access control systems under his management is ready to be fetched.
  • the access control systems 2.1 and 2.2 are each arranged to work autonomously, independently of the operating system 4.
  • the access control system 2.1 When the access control system 2.1 is for instance put into use for the first time, it is already programmed at predetermined times to enter into a communicative connection, via the first communicative connection, with the operating system 4 for fetching information from the operating system 4.
  • This information can also comprise information about new predetermined times at which the access control system 2.1 should enter into a connection with the operating system for fetching new information.
  • This information about new times may for instance have been inputted in the operating system 4 by the first administrator via his computer 23.1, entirely analogously to the input of new information on new or existing cards as discussed. AU this holds mutatis mutandis entirely analogously for the access control system 2.2.
  • each access control system 2.1, 2.2 comprises at least one port which is connected with the respective first communicative connections 6.1 and 6.2, which ports are not permanently open. It holds here, in this example, that such a port of the access control system 2.1 opens only under control of the access control system 2.1 itself, i.e. in this example under control of the microcontroller 8 of the access control system 2.1, for the purpose of sending the information to operating system 4 or for fetching information from the operating system 4. This holds analogously for the at least one port of the access control system 2.2.
  • the first communicative connections 6.1 and 6.2 comprise Internet. It is also possible that (optionally in addition) other connections such as UMTS, WAN, LAN and/or GPRS and the like are comprised. In this example, it further holds that the second communicative connection 10.1 and the second communicative connection 10.2 comprises Internet. Other connections, however, such as UMTS, WAN, LAN and/or GPRS and the like, are also possible. In this example, it holds furthermore that the first administrator, with the computer 23.1, can send and fetch information to and from the access control system 2.1. It is also possible, however, that the first administrator has more than one access control system under his management.
  • the second administrator in addition to the access control system 2.2, has still other access control systems under his management.
  • the computers 23.1 and 23.2 are arbitrary computers. Accordingly, anywhere in the world, with any computer, an administrator can make contact with the web server 20 (after he has correctly identified himself, has entered passwords and the like) to place the information mentioned in readiness in the database server 22 to be fetched later by the access control systems designated by him. Also, he can then fetch information such as log files which have been supplied by access control systems under his management to the operating system 4 for his benefit.
  • the system for access control is arranged to encrypt the information that is sent via the at least one first communicative connection.
  • the respective information is sent via a secure protocol, for instance the SFTP protocol.
  • a secure protocol for instance the SFTP protocol.
  • information that is exchanged between the computer 23.1 and the web server 20 via the at least one second communicative connection may be encrypted in a manner known per se.
  • the respective information is sent via a secure protocol, such as the SFTP protocol. This holds likewise for information that is exchanged between the computer 23.2 and the web server 20.
  • the access control systems are each provided with local access control units in the form of a card reader. Other access control units such as Iris scanners or units where an identification code can be entered are naturally options as well.
  • the system can comprise (many) more than two access control systems.
  • the system comprises the computers 23.1 and 23.2 for the benefit of two administrators. Naturally, (many) more than two administrators may be involved, making use of more computers, which, however, does not preclude the possibility that different administrators make use of one and the same computer.
  • Such variants are each and all understood to fall within the framework of the invention. It is also conceivable that the system is not provided with computers 23.1 and 23.2 situated at a distance from operating system 4. Instead, the administrator can enter or fetch the respective information directly at the operating system 4. Such variants are each and all understood to fall within the framework of the invention.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Small-Scale Networks (AREA)

Abstract

System for access control provided with at least one local access control system which is arranged for detecting, reading and/or recognizing, for instance, access control cards, identification codes, biometric features such as irises, system settings, software updates and the like. The system is further provided with a central operating system and at least one first communicative connection between the at least one access control system and the operating system for exchanging information between the operating system (4) and the at least one access control system. The operating system is provided with a communication protocol-type server and the at least one access control system is provided with a communication protocol-type client for the purpose of the at least one access control system sending and fetching information.

Description

P78482PC00
Title: System for access control
The invention relates to a system for access control provided with at least one local access control system which is arranged for detecting, reading and/or recognizing electronic keys, such as for instance access control cards, in particular cards in which electronic information is stored, identification codes, such as PIN codes, biometric features such as irises and the like.
Such a system is known per se and can for instance be used in commercial and institutional buildings, but also in shops, hotels and recreational residences. Persons can then obtain access to particular spaces or parts of buildings by presenting themselves at an access control unit of the access control system which is for instance installed at a door. Also objects, such as showcases, cash registers and computer systems, can be secured with such system's for access control. The access control unit reads for instance a card in which electronic information is stored, or scans an iris, or an identification code, such as a PIN code, is entered at the access control unit. On the basis of this information, the access control system verifies if the person in question can be granted access to a particular space or a part of a building. If verification shows that the person in question can be granted access, the access control system can for instance unlock a door to provide the access.
In the known access control system, new information regarding existing or new cards, identification codes, biometric features and the like is inputted by an administrator. For security reasons, an administrator does so directly at the access control system, which system, for that purpose, is for instance provided with an input terminal such as a computer.
If an administrator manages a plurality of local access control systems situated at mutually different locations, this entails the disadvantage that the administrator will have to go to the respective locations in order for the new information regarding existing or new cards, identification codes, biometric features and the like, to be inputted at the local access control system. This requires traveling and hence costs. In view of security aspects, administrators are not as yet prepared to input such new information remotely from the respective local access control system, for instance via the Internet. If an access control system were made accessible, for instance via the Internet, for the purpose of inputting information, this would entail the risk of third parties from outside also gaining access to the access control system, which is evidently felt to be undesirable. A further drawback of the known system for access control is that to enable the respective new information to be inputted locally, the local access control system is typically provided with a computer, which has a cost-increasing effect.
Also, in connection with the security aspects referred to, an administrator will want log files, which are generated by the local access control system and which contain for instance information about when and to which persons access to any specific space has been granted or the technical status of the system and its components, to be directly fetchable locally at the access control system. In this respect too, an administrator will not as yet be prepared to fetch such information remotely from an access control system, via the Internet.
The object of the invention is to provide a system that meets the disadvantages mentioned.
According to the invention, it holds that the system is further provided with: a central operating system; and at least one first communicative connection between the at least one access control system and the operating system for exchanging information between the operating system and the at least one access control system; wherein the operating system is provided with a communication server, such as an FTP-, TCP/IP- or Internet-type server, and the at least one access control system is provided with a communication client, such as an FTP-, TCP/IP- or Internet-type client, for the purpose of the at least one access control system sending information such as a log file to the operating system and for the purpose of the at least one access control system fetching information, such as new information regarding access rights of existing or new cards, identification codes, biometric features, system settings, software updates and the like, from the operating system.
By making use of a communication server, such as an FTP-, TCP/IP- or Internet-type server, and a communication client, such as an FTP-, TCP/IP- or Internet-type client, the security problem mentioned does not occur or does so to a much lesser extent. This is because it is the access control system itself that determines when information is fetched from the central operating system and hence when for that purpose a connection is made with the at least one first communicative connection. After this information has been fetched, the connection with the at least one first communicative connection is terminated and the access control system is not accessible to other systems that might be coupled to the first communicative connection. Also the initiative to send log files from the access control system to the central operating system originates from the access control system. In this way too, what is achieved again is that third parties could not fetch such log files or system settings from the access control system via the first communicative connection.
Thus, according to the invention, no VPN or private network is necessary. If the network in which the access control system is included is provided with a firewall, there is no need to provide any holes or pipelines in the network for access from outside. Preferably, it holds that the at least one access control system is provided with a microcontroller on which embedded client software runs. By making use only of a microcontroller, the access control system does not need to be provided with a relatively expensive computer such as a PC. In the system discussed so far, an administrator can place the new information in readiness in the operating system, so that the access control system can fetch it at times determined by the access control system. In particular, an administrator can place for a plurality of access control systems a plurality of new information in readiness, which can be fetched by the respective access control systems. Each access control system itself then fetches the information that is intended for the respective access control system.
According to a further elaboration of the system according to the invention, it holds that the operating system is preferably further provided with a Web server, while the system for access control is further provided with at least one computer, preferably provided with a Web client, for an administrator of the at least one access control system, and at least one second communicative connection between the operating system and the at least one computer, wherein the system is so arranged that the administrator can send information such as new information regarding existing or new cards, identification codes, biometric features and the like, software updates or information about the technical status of the system and its components, with the at least one computer via the second communicative connection to the operating system, which information, after being optionally processed by the operating system, is placed in readiness in the operating system, so that the at least one access control system can fetch this information via the at least one first communicative connection through the FTP-, TCP/IP- or Internet-type protocol for further processing by the at least one access control system and/or wherein the system is so arranged that an administrator can fetch information from the operating system that has been sent previously by the at least one access control system to the operating system. In this way, an administrator can, from any position, worldwide, send new information regarding existing or new cards, identification codes, biometric features, system settings, software updates and the like, to the operating system and/or fetch information. In the operating system, the information to be sent is then placed in readiness, so that this information can be fetched by the access control system for which it is intended. Furthermore, worldwide, information can be fetched which has been sent previously by an access control system to the operating system. For this further elaboration, too, it holds that the access control system is well-protected because it is only on its own initiative that it fetches information from the operating system and/or sends information to the operating system and only at these times is it connected with the at least one first communicative connection. In particular, with the computer, an administrator can also fetch information from the operating system that was sent previously by the access control system to the operating system, such as the log files mentioned earlier. In particular, it holds here that the at least one access control system comprises at least one port which is coupled to the at least one first communicative connection and which is not permanently open. More particularly, it holds here that the at least one port of the at least one access control system opens only under control of the at least one access control system for the purpose of sending the information to the operating system or for fetching information from the operating system. Practically speaking, the system will be provided with a plurality of access control systems and a plurality of computers that belong to different administrators. Each administrator can then via his computer make a connection with the operating system for sending new information intended for those access control systems that are under his management. Similarly, an administrator can make a connection with the operating system for fetching information coming from those access control systems that are under his management. The operating system can thus be utilized by a plurality of administrators each having a plurality of access control systems under their management. An advantage of this is that the individual administrators do not each need to bear the costs of a communication server, such as an FTP, TCP/IP- or Internet-type server, since it is utilized in common for different administrators.
For both the first and the second communicative connection, it holds that they comprise the Internet, UMTS, WAN, LAN, GPRS and/or like connections. In particular, it holds here furthermore that the system for access control is arranged to encrypt the information that is sent via the at least one first communicative connection. Also, it holds, in particular, that the system for access control is arranged to encrypt the information that is sent via the at least one second communicative connection.
The invention will presently be further elucidated with reference to the drawing.
In the drawing:
Figure 1 shows a possible embodiment of a system according to the invention. In Fig. 1, reference numeral 1 designates a system for access control according to the invention. The system for access control is provided with a first local access control system 2.1 and a second local access control system 2.2. Both for the first and for the second local access control system, it holds that they are arranged for detecting, reading and/or recognizing, for instance, access control cards, identification codes, biometric features such as irises and the like. Both access control systems can work autonomously. In the example, the access control system 2.1 is provided with a first access control unit 3.1 and a second access control unit 3.2. In the example, the access control units 3.1 and 3.2 are each arranged for reading access control cards which are for instance provided with RFID chips with identification codes that can be read out by means of an electromagnetic interrogation field. The access control units 3.1 and 3.2 in this example are connected with a microcontroller 8 which operates the access control system 2.1. If for instance a card is read out by the access control unit 3.1, information about this card is sent to the microcontroller 8. The microcontroller 8 analyzes in a manner known per se whether the read-out information (identification code) relates to a card of someone who has access to a particular space, which space in this example is behind a door 5.1. If this is the case, the microcontroller 8 will cause a locking mechanism 7.1 of the door 5.1 to be released, so that the door 5.1 can be opened. If this is not the case, the locking mechanism will remain closed. The information about cards with which access to particular spaces can be obtained is stored, in this example, in the microcontroller 8. Entirely analogously, a card can be read out using the access control unit 3.2, for the purpose of opening the locking mechanism 7.2 of the door 5.2 in order to obtain access to a space behind the door 5.2.
The access control system 2.2 in this example is provided with three access control units 3.1, 3.2 and 3.3, respectively arranged adjacent three doors 5.1, 5.2 and 5.3. The access control units 3.1, 3.2 and 3.3 are coupled to a microcontroller 8 of the access control system 2.2 and the doors 5.1, 5.2 and 5.3 are respectively provided with locking mechanisms 7.1, 7.2 and 7.3. The operation of the access control system 2.2 is entirely analogous to that discussed above for the access control system 2.1. In the example, the access control system 2.1 is situated in a first building, while the access control system 2.2 is situated in another building.
The system according to the invention is further provided with an operating system 4, which in this example is situated at a distance from the access control systems 2.1 and 2.2, more specifically in a wholly different building. The operating system 4 is provided with a computer 14 which is provided with software, so that the computer 14 has the function of a communication server, such as an FTP, TCP/IP- or Internet-type server; this computer with software will hereinafter also be designated as communication server, in this example an FTP-type server (14). Furthermore, the access control system 2.1 is provided with a communication client, such as an FTP, TCP/IP- or Internet-type client. For that purpose, in this example, the microcontroller 8 is provided with FTP-type client software. Wherever in this example reference is made to a communication protocol, such as the FTP-type protocol, this should be understood to encompass also the possibility of a TCP/IP- or Internet-type protocol. Naturally, the same holds also for the communication means that make use of these protocols. On the microcontroller 8 runs embedded client software. The access control system 2.1 in this example is furthermore provided with a modem 16, which in this example is provided with a firewall. The computer 14 is likewise provided with a modem 18, in this example also provided with a firewall. The system 1 is furthermore provided with a first communicative connection 6, such as the Internet or a point-to- point connection, between the modem 16 and the modem 18, Le. between the at least one access control system 2.1 and the operating system 4.
For the access control system 2.2, it holds, entirely analogously to the access control system 2.1 as discussed, that it is provided with a modem 16, while the access control system 2.2 is provided with an FTP-type client. In this example, it holds that the operating system 4 is further provided with a computer 20 provided with web server software, so that the computer 20 functions as a web server 20. Further, the operating system is provided with a database server 22. The FTP server 14, the database server 22 and the web server 20 are mutually interconnected. In this example, the system is furthermore provided with a first computer 23.1, which belongs to a first administrator, and a second computer 23.2, which belongs to a second administrator. In the example, the first administrator manages the access control system 2.1, while the second administrator manages the access control system 2.2. For the computer 23.1 and 23.2, it holds that they are each provided with web client software, while between the computer 23.1 (web client) and the web server 20 at least one second communicative connection 10.1 extends, and between the computer 23.2 and the web server 20 likewise a second communicative connection 10.2 extends.
The operation of the system described up to this point is as follows. Suppose the first administrator wishes, via his computer 23.1, to input new information regarding existing and/or new authorization, cards, software and/or system settings, in the first access control system 2.1. To this end, the administrator, with his computer 23.1, makes a connection via the second communicative connection 10.1, in this example comprising the Internet, with the web server 20. The system in this example is so arranged that an administrator can send the information to the web server 20 with the computer 23.1 only with the proper access rights. To this end, in this example, the administrator needs to enter a password which is verified by the web server 20. Assuming that in this example the correct password is entered, the administrator 23.1 can proceed to supply the new information via the web server 20 to the database server 22. In doing so, the administrator also indicates that the respective information is intended for the access control system 2.1. For that purpose, the access control system is identifiable in the system in a manner known per se and for that purpose may for instance be provided with a unique designation.
The operating system 4 processes the received information, such that it can be fetched at a later time through, in this example, the FTP protocol. In this example, the processed information, inclusive of the identity of a destination for this information, is placed in readiness in the database server 22 to be fetched.
In the example, it holds further that the access control system 2.1 is programmed to make a communicative connection at predetermined times via the at least one first communicative connection 6 with the operating system 4 for fetching the information mentioned. In the example, this program is in the microcontroller 8. The result is that at a predetermined time the microcontroller 8 makes a connection via modem 16 via the first communicative connection 6, which in this example also comprises Internet, and via modem 18, with the FTP server 14. Doing so, the microcontroller 8 sends information about its identity to the client server 14. The FTP server 14 then verifies if in the database server 22 there is any information ready for the access control system 2.1 having the respective identity. If this is the case, the FTP server 14 causes this information to be supplied through the FTP protocol to the microcontroller 8. This information, in this example relating to new information on existing and new cards, authorizations, software updates and/or system settings, can be taken in and recorded by the microcontroller 8, so that the access control system 2.1 is updated. After this, the connection between the access control system and the operating system is broken. Since the access control system is not remotely accessible, but can only itself build up a connection with the operating system, there is hence no need to provide any pipelines in the firewall to allow access from outside. In fact, the firewall provided in the modem 16 can simply stop all access from outside because access from outside is only initialized by the access control system itself, since it functions as an FTP-type client.
Entirely analogously, the second administrator of the access control system 2.2 can supply new information to the web server 20 with his computer 23.2. To this end, also the second administrator must enter a password via the computer 23.2 before he can supply the new information via the web server 20 to the database server 22. The second administrator, too, must then indicate for which access control system the new information is intended. In this example, this concerns the access control system 2.2. If he were to indicate the access control system 2.1, the database server 22 will not place the respective information in readiness, because according to data stored in the database server 22 the respective second administrator is administrator of the access control system 2.2 alone, not of the access control system 2.1. If we suppose, however, that the second administrator supplies new information while specifying that it is intended for the access control system 2.2, the database server will process the respective information and place it in readiness together with an indication that it is intended for the access control system 2.2, so that the access control system 2.2 can fetch the respective new information. The access control system 2.2 is likewise programmed such that at predetermined times it makes contact with the FTP server 14. The FTP server 14 will verify, in response to the connection made by the access control system 2.2, if there is any new information ready that is intended for the access control system 2.2. If this is the case, this information will be supplied through the FTP protocol to access control system 2.2, after which the access control system 2.2 can process this information analogously to access control system 2.1 as discussed. After this, the connection between the access control system and the operating system is broken.
In the example, the access control system 2.1 is also programmed to make a communicative connection at predetermined times via the at least one first communicative connection 6 with the operating system 4 for sending information to the operating system 4. Such information may for instance involve log files comprising information about when, and to whom, at which doors access has been granted, or the technical status of the system and its components. This information too is supplied through the FTP protocol to the FTP server 14 which ensures that the respective information is stored in the database server 22. After this, the connection between the access control system and the operating system is broken. When the administrator, with his computer 23.1, makes a connection with the web server 20, he can ask the web server 20 if there is any information ready in the database server 22 that comes from the access control system 2.1. If this is the case, the operating system 4 in this example causes the log file to be supplied via the web server 20 to the web client of the computer 23.1.
Entirely analogously, information coming from the access control system 2.2 can be supplied to the operating system 4 at predetermined times determined by the access control system 2.2. The second administrator can then make contact, via the computer 23.2, with the web server 20 in order to verify if any information coming from access control systems under his management is ready to be fetched.
In this example, it holds that the access control systems 2.1 and 2.2 are each arranged to work autonomously, independently of the operating system 4.
When the access control system 2.1 is for instance put into use for the first time, it is already programmed at predetermined times to enter into a communicative connection, via the first communicative connection, with the operating system 4 for fetching information from the operating system 4. This information can also comprise information about new predetermined times at which the access control system 2.1 should enter into a connection with the operating system for fetching new information. This information about new times may for instance have been inputted in the operating system 4 by the first administrator via his computer 23.1, entirely analogously to the input of new information on new or existing cards as discussed. AU this holds mutatis mutandis entirely analogously for the access control system 2.2.
In particular, it holds that each access control system 2.1, 2.2 comprises at least one port which is connected with the respective first communicative connections 6.1 and 6.2, which ports are not permanently open. It holds here, in this example, that such a port of the access control system 2.1 opens only under control of the access control system 2.1 itself, i.e. in this example under control of the microcontroller 8 of the access control system 2.1, for the purpose of sending the information to operating system 4 or for fetching information from the operating system 4. This holds analogously for the at least one port of the access control system 2.2.
In the example, it holds that the first communicative connections 6.1 and 6.2 comprise Internet. It is also possible that (optionally in addition) other connections such as UMTS, WAN, LAN and/or GPRS and the like are comprised. In this example, it further holds that the second communicative connection 10.1 and the second communicative connection 10.2 comprises Internet. Other connections, however, such as UMTS, WAN, LAN and/or GPRS and the like, are also possible. In this example, it holds furthermore that the first administrator, with the computer 23.1, can send and fetch information to and from the access control system 2.1. It is also possible, however, that the first administrator has more than one access control system under his management. Entirely analogously, it is possible that the second administrator, in addition to the access control system 2.2, has still other access control systems under his management. It is noted that the computers 23.1 and 23.2 are arbitrary computers. Accordingly, anywhere in the world, with any computer, an administrator can make contact with the web server 20 (after he has correctly identified himself, has entered passwords and the like) to place the information mentioned in readiness in the database server 22 to be fetched later by the access control systems designated by him. Also, he can then fetch information such as log files which have been supplied by access control systems under his management to the operating system 4 for his benefit. In particular, it holds that the system for access control is arranged to encrypt the information that is sent via the at least one first communicative connection. It holds here, in particular, that the respective information is sent via a secure protocol, for instance the SFTP protocol. This is a further elaboration of the FTP protocol that enables encryption. Similarly, information that is exchanged between the computer 23.1 and the web server 20 via the at least one second communicative connection may be encrypted in a manner known per se. It holds here, in particular, that the respective information is sent via a secure protocol, such as the SFTP protocol. This holds likewise for information that is exchanged between the computer 23.2 and the web server 20.
The invention is not limited in any way to the embodiments outlined above. In this example, the access control systems are each provided with local access control units in the form of a card reader. Other access control units such as Iris scanners or units where an identification code can be entered are naturally options as well. Also, the system can comprise (many) more than two access control systems. In this example, the system comprises the computers 23.1 and 23.2 for the benefit of two administrators. Naturally, (many) more than two administrators may be involved, making use of more computers, which, however, does not preclude the possibility that different administrators make use of one and the same computer. Such variants are each and all understood to fall within the framework of the invention. It is also conceivable that the system is not provided with computers 23.1 and 23.2 situated at a distance from operating system 4. Instead, the administrator can enter or fetch the respective information directly at the operating system 4. Such variants are each and all understood to fall within the framework of the invention.

Claims

1. A system for access control (1) provided with at least one local access control system (2) which is arranged for detecting, reading and/or recognizing, for instance, access control cards, identification codes, biometric features such as irises and the like, characterized in that the system (1) is further provided with: a central operating system (4); and at least one first communicative connection (6) between the at least one access control system (2) and the operating system (4) for exchanging information between the operating system (4) and the at least one access control system (2); wherein the operating system (4) is provided with a communication server, such as an FTP-, TCP/IP- or Internet-type server, and the at least one access control system (2) is provided with a communication client, such as an FTP-, TCP/IP- or Internet-type client, for the purpose of the at least one access control system (2) sending information such as a log file to the operating system (4) and for the purpose of the at least one access control system (2) fetching information, such as new information regarding access rights of existing or new cards, identification codes, biometric features, software updates, system settings and the like, from the operating system (4).
2. A system according to claim 1, characterized in that the at least one access control system (2) is provided with a microcontroller (8) on which embedded client software runs.
3. A system according to claim 1 or 2, characterized in that the microcontroller (8) does not form part of a PC.
4. A system according to any one of the preceding claims, characterized in that the at least one access control system (2) does not comprise a PC.
5. A system according to any one of the preceding claims, characterized in that the operating system (4) is preferably further provided with a Web server, while the system (1) is further provided with at least one computer (23.1; 23.2), preferably provided with a Web client, for an administrator of the at least one access control system (2), and at least one second communicative connection (10) between the operating system (4) and the at least one computer (23.1; 23.2), wherein the system (1) is so arranged that the administrator can send information, such as new information regarding existing or new cards, identification codes, biometric features, software updates, system settings and the like, with the at least one computer (23.1; 23.2) via the second communicative connection to the operating system (4), which information, after being optionally processed by the operating system (4), is placed in readiness in the operating system (4), so that the at least one access control system (2) can fetch this information via the at least one first communicative connection (6) through the communication protocol, such as the FTP-, TCP/IP- or Internet-type protocol, for further processing by the at least one access control system (2) and/or wherein the system is so arranged that an administrator can fetch information from the operating system that has been sent previously by the at least one access control system to the operating system.
6. A system according to claim 5, characterized in that the system (1) is so arranged that an administrator can send and/or fetch said information to and from the operating system with the at least one computer (23.1; 23.2) only with correct access rights.
7. A system according to any one of the preceding claims, characterized in that the at least one access control system (2) is arranged to work autonomously, independently of the operating system (4).
8. A system according to any one of the preceding claims, characterized in that the at least one access control system (2) is programmed at predetermined times to enter into a communicative connection, via the at least one first communicative connection (6), with the operating system (4), for fetching said information from the operating system (4).
9. A system according to any one of the preceding claims, characterized in that the at least one access control system (2) is programmed at predetermined times to enter into a communicative connection, via the at least one first communicative connection (6), with the operating system (4), for sending said information to the operating system (4).
10. A system according to claim 8 or 9, characterized in that the system (1) is so arranged that, in use, the predetermined times can be fetched by the at least one access control system (2) via the at least one first communicative connection (6) from the operating system (4) by the at least one access control system.
11. A system according to any one of the preceding claims, characterized in that the at least one first communicative connection (6) comprises the Internet, UMTS, WAN, LAN and/or GPRS and/or like connections.
12. A system according to claim 5 or 6, characterized in that the at least one second communicative connection (10) comprises the Internet, UMTS, WAN, LAN and/or GPRS and/or like connections.
13. A system according to any one of the preceding claims, characterized in that the system (1) is arranged for encrypting the information that is sent via the at least one first communicative connection (6).
14. A system according to any one of the preceding claims 5, 6 or 12, characterized in that the system (1) is arranged for encrypting the information that is sent via the at least one second communicative connection (10).
15. A system according to any one of the preceding claims, characterized in that the at least one access control system (2) comprises at least one port which is coupled with the at least one first communicative connection (6) and which is not permanently open.
16. A system according to claim 15, characterized in that the at least one port of the at least one access control system (2) opens only under control of the at least one access control system (2) for the purpose of sending the information to the operating system (4) or for fetching information from the operating system (4).
17. A system according to any one of the preceding claims, characterized in that the system (1) is provided with a plurality of local access control systems (2) which are each connected via at least one of the at least one first communicative connection (6) with the operating system (4), wherein the access control systems (2) are each arranged for detecting, reading and/or recognizing, for instance, access control cards, identification codes, biometric features such as irises and the like, wherein each access control system is provided with a communication client, such as an FTP-, TCP/IP- or Internet-type client, for the purpose of the access control systems (2) sending information such as log files to the operating system (4) and for the purpose of the access control systems (2) fetching information, such as new information regarding existing or new cards, identification codes, biometric features, software updates, system settings and the like, from the operating system (4).
18. A system according to claim 17, characterized in that the access control systems (2) are identifiable within the system.
19. A system according to claims 5 and 18, characterized in that the system for access control (1) is so arranged that an administrator can select at least one of the access control systems (2) in order to send via the at least one second communicative connection (10) between the operating system (4) and the at least one computer (23.1; 23.2) information for the selected access control system (2), such as new information regarding existing or new cards, identification codes, biometric features, system settings and the like for the selected access control system (2) with the at least one microcontroller (8) to the operating system (4), which information, in use, after being optionally processed by the operating system (4) is placed in readiness in the operating system so that the selected access control system (2) can fetch this information via the first communicative connection (6) through the communication protocol, such as the FTP-, TCP/IP- or Internet-type protocol, for further processing by the selected access control system (2).
20. A system according to claim 19, characterized in that the system (1) is so arranged that a plurality of different access control systems (2) are respectively managed by different administrators, wherein each administrator with a computer (8) can select at least one of the access control systems (2) managed by him in order to send information for the purpose of the selected access control system, such as new information regarding existing or new cards, identification codes, biometric features, system settings and the like for the selected access control system (2) with the respective microcontroller (8) to the operating system (4), which information after being optionally processed by the operating system (4) is placed in readiness in the operating system so that the selected access control system (2) can fetch this information via the first communicative connection (6) through the communication protocol FTP-, TCP/IP- or Internet-type protocol for further processing by the selected access control system (2).
21. A system according to claim 20, characterized in that the system (1) is provided with a plurality of computers (23.1; 23.2), which are preferably each provided with a Web client, for administrators of the access control systems (2).
22. A system according to any one of the preceding claims, characterized in that the communication protocol-type server and the communication protocol-type client are respectively a communication protocol server and a communication protocol client or a secure communication protocol server and a secure communication protocol client.
23. A system according to any one of the preceding claims, characterized in that the at least one local access control system is provided with at least one access control unit such as a card reader, an input unit for identification codes or iris scanner and the like.
PCT/NL2007/050446 2006-09-11 2007-09-11 Acces control system WO2008051075A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07808577A EP2070054A2 (en) 2006-09-11 2007-09-11 System for access control

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL1032473 2006-09-11
NL1032473A NL1032473C2 (en) 2006-09-11 2006-09-11 Access control system.

Publications (3)

Publication Number Publication Date
WO2008051075A2 true WO2008051075A2 (en) 2008-05-02
WO2008051075A3 WO2008051075A3 (en) 2008-06-26
WO2008051075A9 WO2008051075A9 (en) 2008-08-21

Family

ID=37909552

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NL2007/050446 WO2008051075A2 (en) 2006-09-11 2007-09-11 Acces control system

Country Status (3)

Country Link
EP (1) EP2070054A2 (en)
NL (1) NL1032473C2 (en)
WO (1) WO2008051075A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8538126B2 (en) 2007-08-22 2013-09-17 Icerobotics, Ltd. Method and apparatus for the automatic grading of condition of livestock
WO2013155237A1 (en) * 2012-04-11 2013-10-17 Utc Fire & Security Corporation Authentication mode reporting
GB2538963A (en) * 2015-06-01 2016-12-07 Idcontrol Oy Access control controller, related system, method and computer program

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL2004825C2 (en) 2010-06-04 2011-12-06 Ubiqu B V A method of authorizing a person, an authorizing architecture and a computer program product.
CN108335386A (en) * 2018-01-19 2018-07-27 深圳森阳环保材料科技有限公司 A kind of access control system based on biological characteristic

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2367973A (en) * 2000-10-07 2002-04-17 Complementary Tech Ltd Communications with remote embedded applications
WO2003069566A2 (en) * 2002-02-14 2003-08-21 Penco Products, Inc. Electronically-controlled locker system
US20040083128A1 (en) * 2002-01-24 2004-04-29 Buckingham Duane W. Smart router for a guest room service and control system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2367973A (en) * 2000-10-07 2002-04-17 Complementary Tech Ltd Communications with remote embedded applications
US20040083128A1 (en) * 2002-01-24 2004-04-29 Buckingham Duane W. Smart router for a guest room service and control system
WO2003069566A2 (en) * 2002-02-14 2003-08-21 Penco Products, Inc. Electronically-controlled locker system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8538126B2 (en) 2007-08-22 2013-09-17 Icerobotics, Ltd. Method and apparatus for the automatic grading of condition of livestock
WO2013155237A1 (en) * 2012-04-11 2013-10-17 Utc Fire & Security Corporation Authentication mode reporting
CN104380351A (en) * 2012-04-11 2015-02-25 Utc消防及保安公司 Authentication mode reporting
GB2538963A (en) * 2015-06-01 2016-12-07 Idcontrol Oy Access control controller, related system, method and computer program

Also Published As

Publication number Publication date
NL1032473C2 (en) 2008-03-12
WO2008051075A9 (en) 2008-08-21
WO2008051075A3 (en) 2008-06-26
EP2070054A2 (en) 2009-06-17

Similar Documents

Publication Publication Date Title
AU2002257249B2 (en) Smart card access control system
US7475812B1 (en) Security system for access control using smart cards
EP2849061B1 (en) Distribution of user credentials
EP2087690B1 (en) Secure access to a protected network resource within a restricted area
EP2877983B1 (en) Access control of an in-room safe
US20110291798A1 (en) Wireless Encrypted Control of Physical Access Systems
US20090050697A1 (en) Apparatus for distributed data storage of security identification and security access system and method of use thereof
AU2002257249A1 (en) Smart card access control system
EP2494440A2 (en) Universal validation module for access control systems
WO2008051075A2 (en) Acces control system
JP4651016B2 (en) Security system
KR20170031058A (en) Device security management apparatus, financial processing system, device security management method, and program
US9865109B2 (en) Systems and methods for controlling an electronic lock for a remote device
US9769164B2 (en) Universal validation module for access control systems
JP2010515137A (en) Authentication system
KR101757345B1 (en) Device and method for joining a distributed database
KR100643670B1 (en) Security door control system and method through time-limited pass authentication and user identification using sever/client connected internet
KR20190076763A (en) A remote iot locking device
KR20080094228A (en) System and method for controlling coming and going using smart card
KR100476179B1 (en) Access control system using finger-print identification
JP2005232754A (en) Security management system
EP4362386A1 (en) System and method for provisioning a physical security token
JP4563007B2 (en) Multifunctional scanner system using a combination of portable terminals
KR20210016987A (en) Controlling method and apparatus of rental based safe keeping system
JP2007141267A (en) Computer security system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07808577

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2007808577

Country of ref document: EP