EP2500872A1 - Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy - Google Patents

Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy Download PDF

Info

Publication number
EP2500872A1
EP2500872A1 EP11157388A EP11157388A EP2500872A1 EP 2500872 A1 EP2500872 A1 EP 2500872A1 EP 11157388 A EP11157388 A EP 11157388A EP 11157388 A EP11157388 A EP 11157388A EP 2500872 A1 EP2500872 A1 EP 2500872A1
Authority
EP
European Patent Office
Prior art keywords
message
interface
data field
lock
marker
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP11157388A
Other languages
English (en)
French (fr)
Inventor
Pascal Metivier
Aitor Agueda
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Openways Sas
Original Assignee
Openways Sas
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Openways Sas filed Critical Openways Sas
Priority to EP11157388A priority Critical patent/EP2500872A1/de
Priority to US13/412,643 priority patent/US8793784B2/en
Publication of EP2500872A1 publication Critical patent/EP2500872A1/de
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00904Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for hotels, motels, office buildings or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • G07C2009/0023Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks with encription of the transmittted data signal
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/06Involving synchronization or resynchronization between transmitter and receiver; reordering of codes

Definitions

  • the invention relates to lock devices electrically controlled by means of a dematerialized and encrypted key, this key can be conveyed by a portable object held by the user such as a mobile phone, a badge or a contactless card, etc. .
  • lock device is meant not only a lock stricto sensu, that is to say a mechanism placed for example on a door to condemn the opening, but also any device to achieve a comparable result, for example a lock gun considered in isolation, or a more specific locking device comprising various members not grouped in the same lock box, the ultimate goal being to obtain the conviction by mechanical means of physical access to a place or given space, and access to this place or space by unlocking the lock device, on the order of a user, after verification that this user has access rights (i) that are specific to him and (ii) who are specific to the lock device.
  • the lock device may also include, or be associated with, an alarm system that is to disable to allow access to a given space, or conversely activate to protect this space before or after the to have left.
  • an alarm system that is to disable to allow access to a given space, or conversely activate to protect this space before or after the to have left.
  • the portable object when approaching the lock, plays the role of a key to control the opening.
  • Numerous systems are known for coupling the portable object to the lock by galvanic means (smart card contacts) or non-galvanic (portable object inductive coupling or RFID type card).
  • This coupling ensures between lock and badge communication allowing in particular the lock to read in the memory of the badge accreditation data to control the opening if this data is recognized as compliant.
  • a mobile phone equipped with a Near Field Communication ( NFC) chip and an NFC antenna can also be used, the UICC (Universal Integrated Circuit Card) corresponding to the "SIM card" for the GSM telephony functions) of the telephone that can be used as a security element.
  • NFC Near Field Communication
  • UICC Universal Integrated Circuit Card
  • the WO 2011/010052 proposes a technique that can be used with any conventional mobile phone, not necessarily equipped with NFC circuits, and without the need for a dedicated additional portable object such as a badge or card.
  • This technique relies on the use of Crypto Acoustic Credential ( CAC) encrypted acoustic accreditations in the form of single-use audio signals, for example consisting of a succession of dual DTMF tones.
  • CAC Crypto Acoustic Credential
  • These acoustic accreditations can be generated by a secure remote site and transmitted over the telephone by usual telephone transmission channels (voice or data), via the Mobile Network Operator ( MNO ) and a TSM trusted service provider ( Trusted Service Manager).
  • MNO Mobile Network Operator
  • TSM trusted service provider Trusted Service Manager
  • the user approaches his phone lock and triggers the transmission by the speaker of his phone in the series of tones corresponding to encrypted acoustic accreditation, so that these tones can be captured by a microphone incorporated or coupled to the lock.
  • the latter decodes the accreditation, verifies it and, in case of conformity, unlocks the mechanical parts.
  • the acoustic accreditation generated in this way is transmitted to the mobile phone to be reproduced by the latter in front of the lock.
  • the acoustic signal picked up by the lock is the object of an inverse conversion, making it possible to restore the accreditation in original DDC digital data from the CAC acoustic accreditation detected and analyzed.
  • the acoustic module of the lock "opens the envelope" (the acoustic accreditation CAC) to extract intact DDC digital information that had previously been placed in this envelope by the cryptographic engine of the remote site , all without intervention on the contents of this digital accreditation DDC.
  • acoustic accreditation requires an interfacing of the third-party source (which owns and delivers the DDC digital accreditation) with the remote site's cryptographic engine (which generates the acoustic accreditations CAC). This interfacing is always rather difficult to implement, and specific to each third source, hence the additional costs of setting up the system.
  • DDC Digital Accreditation is a relatively large message because it has to carry a lot of information, especially when it is to be used with standalone locks.
  • the DDC accreditation message must indeed be able to manage various functions such as the revocation of old authorizations, the updating of the list of authorized users stored in the lock, etc.
  • DDC digital accreditation may also include specific data, for example necessary to verify correct reading of a dedicated card or badge, but which will be of no use if the accreditation is issued via a mobile phone through a CAC Acoustic Accreditation.
  • the transmission of accreditation from the phone to the lock device can take a relatively long time compared to reading a simple dedicated badge, and this in a useless way.
  • Another object of the invention is, in the case of autonomous locks, to resynchronize the internal clock of this lock.
  • Another object of the invention is to allow the use of unsecured coupling technologies - thus easy to implement - between the telephone and the lock, and to overcome the complexity of secure coupling systems generally used. in access control applications.
  • a typical example of unsecured coupling is the "peer to peer" mode in NFC which, unlike the "card emulation” mode, does not use not the security elements of the phone (SIM card or other security element) and is therefore not dependent on the mobile network operator MNO who issued the security element and is likely to control its use.
  • the invention does not seek to prevent the interception or duplication of signals exchanged between the lock and the telephone (or the badge, card, ...), but only to render inoperative a accreditation that has been duplicated or reconstituted (for example by reverse engineering) and fraudulently applied to the lock.
  • the basic idea of the invention is to ensure that the digital accreditation of the third source, which makes it possible to unlock the lock, is no longer located in the "envelope", but in an interface module. reading coupled to the lock, for example in the firmware (firmware) of this module.
  • the size of the information to be transmitted can be reduced in significant proportions.
  • the size of the envelope can be adapted to convey specific information (authorized hours, expiry date, etc.) but in any case the size can be reduced and optimized according to the real needs of system complexity, so as to reduce the transmission to the single envelope, without DDC content.
  • the reading interface module will only check the validity of the envelope and transmit to the lock the accreditation stored in memory (in the module) for controlling the unlocking of the lock.
  • the conformity check of the invention is based on a timestamp or equivalent technique (sequential counter), implemented from data contained in a field of the envelope, the value of which will be compared with a horizontal internal clock of the horizontal type. real-time clock ( RTC ), or an internal counter of the interface module.
  • RTC real-time clock
  • 1 "" opening “of the envelope by the interfacing module may advantageously control the resetting of the internal clock of the module, so as to avoid excessive drift of this internal clock.
  • the opening of the envelope may also control the revocation of any previous authorization of opening given to a user.
  • the opening of the door by a new customer holding a portable object will automatically revoke any authorization given to a previous customer, even if this authorization does not apply. is not expired, and this without having to reprogram the lock.
  • the message generated in step a) further comprises a field containing an encryption method identifier, and the data field is encrypted by said encryption method, and step d) further comprises a reading of the encryption method identifier in the unencrypted field, and the decryption of the data field is performed by applying the encryption method read.
  • the field containing the encryption method identifier is preferably an unencrypted field, or encrypted according to a predetermined encryption.
  • the application software selects the encryption method identified in the message from among a plurality of possible encryption methods, said selection being operated in a pseudo-random manner according to a predetermined secret algorithm; and in step d), after reading the encryption method identifier in the unencrypted field, the read interface selects, by implementing a predetermined secret matching algorithm, the method to be used for the decrypting the data field among a plurality of methods stored in memory.
  • DKE Digital Key Envelope
  • SWA SoftWare Application
  • the DKE messages are transmitted, by various modes that will be explained below, to communication devices CD (Communication Device) referenced 16, which can be constituted by a mobile phone, a dedicated remote control, a computer system, etc.
  • CD Communication Device
  • the application software SWA can be integrated in the communication device CD 16, or in another computing device, since it makes it possible to implement the temporal reference constituted by the clock 12 and / or the sequence counter 14 to securely identify the communication device 16 receiving and using the DKE message.
  • the message DKE consists of a data flow intended to allow the opening of the lock device 18. This message is transmitted by the communication device CD 16 to an interfacing module 20, called ERED (Envelope Reading Electronic Device) , forming part of the lock device 18.
  • ERED envelope Reading Electronic Device
  • the coupling between the communication device 16 and the lock device 20 can be operated by various well-known techniques such as acoustic transmission, inductive coupling of the NFC type (in particular in peer-to-peer mode ), Bluetooth coupling , other coupling. radio frequency, infrared coupling, light coupling, vibration coupling, etc., this coupling having no need to be secured, as mentioned above.
  • the DKE message does not carry DDC type digital accreditation issued by a third party source (lock manufacturer), and it is the DKE message that itself becomes an accreditation, even in the absence of digital accreditation conveyed by the message.
  • the interface 20 checks the integrity and the validity of the DKE message it receives and sends a CMD command to the lock, including an unlock command (OPEN), but also a revocation command of a given authorization to a user previous (CANCEL), or any other command useful to the management of the lock device.
  • a CMD command including an unlock command (OPEN), but also a revocation command of a given authorization to a user previous (CANCEL), or any other command useful to the management of the lock device.
  • the interface 20 is software that is implemented by a microcontroller 22 and a receiving circuit 24 adapted to receive the DKE message that is transmitted to it by one of the coupling modes mentioned above.
  • the microcontroller 22 is also connected to an internal RTC real time clock 26 (independent or included in the microcontroller 22), specific to the interface 20 and / or to a sequence counter 28, so as to have a time reference which will be compared with the time reference of the SWA application software 10 (clock 12 and / or sequence counter 14), after the latter has been transmitted via the DKE message and received by the microcontroller 22.
  • the interface 20 also comprises a memory 30 enabling in particular to manage the various decryption operations of the received DKE message.
  • the lock device 20 may also be designed to be used in combination with dedicated keys or badges acting as physical accreditation, that is to say that the detection of such a badge will be considered as an authorization given to the wearer. of this badge.
  • the transmission of the DKE message from the application software 10 to the communication device CD 16 can be carried out in different ways.
  • a first mode of transmission is a real-time mode "online”, with immediate and direct transmission at the time of use, that is to say when the opening of the lock is requested.
  • the transmission can also be performed by a method of "call back" type where the user makes telephone contact with a remote site, which does not respond immediately but after hang up rings the mobile phone for the user establish contact with the site again, and that is when the DKE message is delivered.
  • This "online" mode is particularly simple to implement, since it suffices to use, for example, an existing mobile telephone network infrastructure (voice or data), without prior adaptation of the telephone and without any prior intervention on the telephone. -this.
  • Another advantage lies in the ability to check in real time that the phone belongs to an authorized user, with the possibility of immediately taking into account a "blacklist" of users.
  • Another feature available with the online mode is the ability to program or reprogram the lock.
  • the communication device CD 16 is coupled to the remote server via the interfacing module ERED 20, the system reads the identifier UID (Unique IDentifier) stored in the lock (identifier which is uniquely assigned and allows uniquely identify the lock) and transmit it to the server, possibly after it has been added an explicit abbreviated name ("cave”, "garage”, service door ", etc.) given by the user by means of the communication device
  • the server will send back, in the data field of the DKE message, the (re) programming data of the lock.
  • the reading and sending to the server of the unique identifier UID of the lock can also be used for a simplified implementation of the opening command. Indeed, since the server has a lock identifier, that it can check and compare the corresponding information it holds in its database, it is possible for this server to locate in real time the user when he requests the opening of the lock by sending a request to the server. Once the usual checks have been made, the server will be able to send back a DKE message authorizing the opening of this particular lock, but containing only the information strictly necessary for this opening. The size of the message, and the time necessary for its transmission, can be reduced in this way in significant proportions.
  • the online mode thus offers a significant number of potentialities, thanks to the possibility of establishing a direct bidirectional link between the lock and the server.
  • this mode implies having access to the mobile network, which is not always possible (underground car parks, uncovered areas, etc.).
  • offline Another mode of transmission, "offline" is used especially if access to the network is not assured at the time of use.
  • the communication device CD connects in advance to the remote site and receives from it a predetermined number of DKE messages generated by the SWA application software at the remote site. These DKE messages are stored securely in the phone.
  • the user launches a built-in application on his phone that searches for the first DKE message among those that have been stored, and forwards it to the lock interface, then deletes it from memory, and so continued for the following messages.
  • each of the generated and stored DKE messages is uniquely individualized by a time stamp in the form of a different sequence number, in order to render inoperative a DKE that would have been duplicated or reconstructed (this aspect will be developed below in detail).
  • the DKE message also comprises an auxiliary sequence number which is the same for all the DKEs sent to the same communication device CD during the same download and storage session of DKE. If the lock detects an incrementation of this auxiliary number, it will interpret this modification as a change of user, and may then order the revocation of any authorization given to a previous user and stored in the memory of the read interface 20 (purge previous authorizations).
  • the application allowing this implementation is a midlet stored in the phone, previously sent to it by the mobile network operator, or downloaded or received via an Internet connection.
  • this message pool will be reloaded for future use.
  • the Figure 2 illustrates the basic structure of a DKE message.
  • It comprises two zones, an unencrypted zone I, or encrypted with a method known in advance, and an encrypted zone II containing DATA data and a time marker such as a TS timestamp or a sequence number SEQ. .
  • Zone I contains an encryption method flag CM, which refers to a method chosen from among several different possible methods, zone II having been encrypted by the SWA application software 10 by means of the selected method indicated in the CM field of the method. zone I.
  • CM encryption method flag
  • the encryption method used to encrypt the zone II is modified with each generation of a new DKE message by the SWA application software 10, and the selection of the CM encryption method is performed by a pseudo-random generation algorithm, so as to make unpredictable the determination of the encryption method that will be chosen.
  • Encryption methods can be as well known methods as AES, 3DES, etc., as "proprietary" encryption methods specific to the system designer.
  • the interface 20 When it receives the DKE message, the interface 20 reads in the field I the CM indicator of encryption method used, selects from among several algorithms that corresponding to the CM method read in the DKE message, and decrypts the zone II by this method, in order to deliver in clear the data fields DATA and time marker TS / SEQ.
  • the length of the DKE message can be a fixed length (static message) or variable (dynamic message).
  • the validity of the DKE message is controlled by comparing the information contained in the TS / SEQ field of the received message (information that reflects the state of the reference clock 12 and / or the counter 14 associated with the application software 10 that has generated the message) with the value of the real-time clock 26 and / or the sequence counter 28 of the interface 20.
  • a comparison between the clocks 12 and 26 is conceivable only in the case of a direct online transmission of the DKE message from the SWA application software 10 to the interface 20.
  • the consistency between the values of the two clocks is appreciated to a near uncertainty, necessary because of the possible drift of the real-time clock 26 of the interface 20 which belongs to an autonomous device, this tolerance being able to be predetermined, or specified in a field of the DKE message.
  • the clock 26 is reset to the reference clock 12, that is to say, the timestamp data TS contained in the DKE message.
  • the consistency check between the sequence counters 14 and 28 is however applicable in all cases, and in particular when the DKE message is not transmitted in real time.
  • the sequencing follows a predetermined algorithm (linear or not), known only SWA application software 10 and interface 20.
  • the counter 28 is updated, giving it the value of counter 14 read in the DKE message.
  • the interface 20 issues a digital CMD accreditation to the lock itself 18 to open it ( OPEN command ).
  • OPEN command the valid opening command is followed by an invalidation command (CANCEL) of any authorization previously given to a different user, which would still be present in the lock device.
  • CANCEL invalidation command
EP11157388A 2011-03-08 2011-03-08 Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy Ceased EP2500872A1 (de)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP11157388A EP2500872A1 (de) 2011-03-08 2011-03-08 Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy
US13/412,643 US8793784B2 (en) 2011-03-08 2012-03-06 Secure method for controlling the opening of lock devices by means of a communicating object such as a mobile phone

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP11157388A EP2500872A1 (de) 2011-03-08 2011-03-08 Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy

Publications (1)

Publication Number Publication Date
EP2500872A1 true EP2500872A1 (de) 2012-09-19

Family

ID=44312342

Family Applications (1)

Application Number Title Priority Date Filing Date
EP11157388A Ceased EP2500872A1 (de) 2011-03-08 2011-03-08 Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy

Country Status (2)

Country Link
US (1) US8793784B2 (de)
EP (1) EP2500872A1 (de)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2720199A1 (de) 2012-10-11 2014-04-16 Openways Sas Gesichertes Steuerungsverfahren zum Öffnen von Verschlussvorrichtungen mit Hilfe von Meldungen, die eine symmetrische Verschlüsselung auslösen
US20150213658A1 (en) * 2011-03-17 2015-07-30 Unikey Technologies, Inc. Wireless access control system and related methods
CN105894622A (zh) * 2015-12-14 2016-08-24 乐视移动智能信息技术(北京)有限公司 门禁识别方法、装置、系统及终端
CN110462691A (zh) * 2017-01-21 2019-11-15 云丁网络技术(北京)有限公司 智能门锁的开锁方法、移动终端、智能门锁及云服务器

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9135352B2 (en) 2010-06-03 2015-09-15 Cisco Technology, Inc. System and method for providing targeted advertising through traffic analysis in a network environment
US8588809B2 (en) * 2011-06-21 2013-11-19 Cisco Technology, Inc. Managing public resources
US20130335193A1 (en) * 2011-11-29 2013-12-19 1556053 Alberta Ltd. Electronic wireless lock
US8792912B2 (en) 2011-12-22 2014-07-29 Cisco Technology, Inc. System and method for providing proximity-based dynamic content in a network environment
CA2864535C (en) * 2012-02-13 2019-08-27 Xceedid Corporation Credential management system
US9312926B2 (en) 2013-02-07 2016-04-12 Schlage Lock Company Llc System and method for NFC peer-to-peer authentication and secure data transfer
US9307403B2 (en) 2013-02-07 2016-04-05 Schlage Lock Company Llc System and method for NFC peer-to-peer authentication and secure data transfer
US9363261B2 (en) * 2013-05-02 2016-06-07 Sync-N-Scale, Llc Synchronous timestamp computer authentication system and method
MX361983B (es) * 2014-06-02 2018-12-19 Schlage Lock Co Llc Sistema de gestión de credenciales electrónicas.
US9526010B2 (en) 2015-05-14 2016-12-20 Yuan-Chou Chung System for controlling key access using an internet-connected key box device
US10554725B2 (en) 2015-07-01 2020-02-04 Samsung Electronics Co., Ltd. System, method and apparatus for providing access to services
US9847020B2 (en) * 2015-10-10 2017-12-19 Videx, Inc. Visible light communication of an access credential in an access control system
EP3384471B1 (de) * 2015-12-03 2022-04-13 Nokia Technologies Oy Zugangsverwaltung
US11257315B2 (en) 2016-02-04 2022-02-22 Carrier Corporation Encoder multiplexer for digital key integration
WO2017175020A1 (en) 2016-04-06 2017-10-12 Otis Elevator Company Mobile visitor management
US9947160B2 (en) * 2016-06-07 2018-04-17 Mastercard International Incorporated Systems and methods for wirelessly transmitting token data to a key card reading device
US10477398B2 (en) 2016-09-16 2019-11-12 Samsung Electronics Co., Ltd. Method of providing secure access to hotel IoT services through mobile devices
WO2018075605A1 (en) 2016-10-19 2018-04-26 Best Access Solutions, Inc. Electro-mechanical lock core
CA3075189C (en) 2017-09-08 2023-03-21 Dormakaba Usa Inc. Electro-mechanical lock core
CN107564159A (zh) * 2017-09-11 2018-01-09 安徽天俣科技有限公司 一种智能蓝牙锁群管理控制系统
AU2019252796B2 (en) 2018-04-13 2022-04-28 Dormakaba Usa Inc. Electro-mechanical lock core
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
WO2021023164A1 (zh) 2019-08-02 2021-02-11 云丁网络技术(北京)有限公司 一种智能锁具控制方法和系统
US20220051502A1 (en) * 2020-08-14 2022-02-17 Big Belly Solar Llc System and method of providing a wireless unlocking system for a group of battery-powered storage devices

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996037065A1 (en) * 1995-05-18 1996-11-21 Defa A/S Secure one-way communication system
US5612683A (en) * 1994-08-26 1997-03-18 Trempala; Dohn J. Security key holder
EP0917047A2 (de) 1997-11-04 1999-05-19 Nippon Telegraph and Telephone Corporation Verfahren und Gerät für die modulare Inversion zur Sicherung von Information und Speichermedium mit einem Programm zur Durchführung des Verfahrens
US20020110242A1 (en) * 2000-12-19 2002-08-15 Bruwer Frederick Johannes Method of and apparatus for transferring data
US20100141381A1 (en) * 2006-12-20 2010-06-10 Olle Bliding Access control system, lock device, administration device, and associated methods and computer program products
WO2011010052A1 (fr) 2009-07-21 2011-01-27 Openways Sas Systeme securise de commande d'ouverture de dispositifs de serrure par accreditations acoustiques chiffrees

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IT1249903B (it) * 1991-06-07 1995-03-30 Trw Sipea Spa Telecomando a sicurezza ottimizzata
US5351293A (en) * 1993-02-01 1994-09-27 Wave Systems Corp. System method and apparatus for authenticating an encrypted signal
US5363448A (en) * 1993-06-30 1994-11-08 United Technologies Automotive, Inc. Pseudorandom number generation and cryptographic authentication
US6088450A (en) * 1996-04-17 2000-07-11 Intel Corporation Authentication system based on periodic challenge/response protocol
US5878330A (en) * 1996-05-20 1999-03-02 Worldcomm Systems, Inc. Satellite communications system including automatic frequency control
SE516589C2 (sv) * 1998-11-26 2002-01-29 Phone Comm Ab M Sätt och anordning vid behörighetskontroll
WO2001041075A1 (en) * 1999-11-30 2001-06-07 Bording Data A/S An access control system
NO314530B1 (no) * 2000-02-25 2003-03-31 Ericsson Telefon Ab L M Trådlös reservering, innsjekking, tilgangskontroll, utsjekking og betaling
GB2364202A (en) * 2000-06-27 2002-01-16 Nokia Mobile Phones Ltd Mobile phone for opening locks
DE10031981A1 (de) * 2000-06-30 2002-01-10 Bosch Gmbh Robert Verfahren zur Übertragung von Informationen durch einen Rundfunksender, Verfahren zum Empfang von durch einen Rundfunksender ausgestrahlten Informationen, Verfahren zur Steuerung eines Rundfunkempfängers und Rundfunkempfänger
FI20002255A (fi) * 2000-10-13 2002-04-14 Nokia Corp Menetelmä lukkojen hallintaan ja kontrollointiin
US20020070879A1 (en) * 2000-12-12 2002-06-13 Gazit Hanoch Amatzia "On-board" vehicle safety system
US7114178B2 (en) * 2001-05-22 2006-09-26 Ericsson Inc. Security system
DE10126440A1 (de) * 2001-05-31 2002-03-28 Ulrich Link Einrichtung zum Entriegeln einer Tür mittels drahtloser Fernbedienung
US6882268B2 (en) * 2001-07-05 2005-04-19 Em Microelectronic-Marin Sa Method for keyless unlocking of an access door to a closed space
US6885281B2 (en) * 2001-10-18 2005-04-26 Corporate Safe Specialists, Inc. Method and apparatus for controlling a safe having an electronic lock
DE60229348D1 (de) * 2001-12-28 2008-11-27 Matsushita Electric Works Ltd Verwendung eines elektronischen Schlüssels und elektronisches Sicherheitssystem
WO2004077848A2 (en) * 2003-02-21 2004-09-10 Ge Interlogix, Inc. Key control with real time communications to remote locations
US6885738B2 (en) * 2003-02-25 2005-04-26 Bellsouth Intellectual Property Corporation Activation of electronic lock using telecommunications network
GB2402840A (en) * 2003-06-10 2004-12-15 Guy Frank Howard Walker Mobile with wireless key entry system
AU2003270226A1 (en) * 2003-09-19 2005-04-11 Telefonaktiebolaget Lm Ericsson (Publ) Method and device for delivery or obtaining of a good
SE0400425L (sv) * 2004-02-24 2004-11-30 Tagmaster Ab Förfarande för behörighetsgivande
EP1703479A1 (de) * 2005-03-18 2006-09-20 Hewlett-Packard Development Company, L.P. Computersystem und Benutzervorrichtung
FI20055344A0 (fi) * 2005-06-23 2005-06-23 Jouni Koljonen Kulunvalvontajärjestelmän tiedonsiirtomenetelmä
US20070176739A1 (en) * 2006-01-19 2007-08-02 Fonekey, Inc. Multifunction keyless and cardless method and system of securely operating and managing housing facilities with electronic door locks
EP1985047A2 (de) * 2006-02-01 2008-10-29 Coco Communications Corp. Protokollverbindungsschicht
US20070271596A1 (en) * 2006-03-03 2007-11-22 David Boubion Security, storage and communication system
SE529849C2 (sv) * 2006-04-28 2007-12-11 Sics Swedish Inst Of Comp Scie Accesstyrsystem och förfarande för att driva systemet
US8005468B2 (en) * 2006-06-29 2011-08-23 Hewlett-Packard Development Company, L.P. Personalization, diagnostics and terminal management for mobile devices in a network
US20100313024A1 (en) * 2007-05-16 2010-12-09 Panasonic Corporation Methods in Mixed Network and Host-Based Mobility Management
US20090282461A1 (en) * 2008-05-07 2009-11-12 Nils Haustein Method of and system for controlling access to an automated media library
US8543091B2 (en) * 2008-06-06 2013-09-24 Ebay Inc. Secure short message service (SMS) communications
US8797138B2 (en) * 2009-01-13 2014-08-05 Utc Fire & Security Americas Corporation, Inc. One-time access for electronic locking devices
UY32806A (es) * 2009-08-04 2010-09-30 Telefonica Sa Sistema y procedimiento para control de acceso a contenidos
EP2306407B1 (de) * 2009-09-16 2013-06-19 Openways Sas Gesichertes System zum Programmieren von Schließvorrichtungen über elektronische Steuerung durch chiffrierte akustische Akkreditierungen

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5612683A (en) * 1994-08-26 1997-03-18 Trempala; Dohn J. Security key holder
WO1996037065A1 (en) * 1995-05-18 1996-11-21 Defa A/S Secure one-way communication system
EP0917047A2 (de) 1997-11-04 1999-05-19 Nippon Telegraph and Telephone Corporation Verfahren und Gerät für die modulare Inversion zur Sicherung von Information und Speichermedium mit einem Programm zur Durchführung des Verfahrens
US20020110242A1 (en) * 2000-12-19 2002-08-15 Bruwer Frederick Johannes Method of and apparatus for transferring data
US20100141381A1 (en) * 2006-12-20 2010-06-10 Olle Bliding Access control system, lock device, administration device, and associated methods and computer program products
WO2011010052A1 (fr) 2009-07-21 2011-01-27 Openways Sas Systeme securise de commande d'ouverture de dispositifs de serrure par accreditations acoustiques chiffrees

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150213658A1 (en) * 2011-03-17 2015-07-30 Unikey Technologies, Inc. Wireless access control system and related methods
EP2720199A1 (de) 2012-10-11 2014-04-16 Openways Sas Gesichertes Steuerungsverfahren zum Öffnen von Verschlussvorrichtungen mit Hilfe von Meldungen, die eine symmetrische Verschlüsselung auslösen
FR2996947A1 (fr) * 2012-10-11 2014-04-18 Openways Sas Procede securise de commande d'ouverture de dispositifs de serrure a partir de messages mettant en oeuvre un cryptage symetrique
US9258281B2 (en) 2012-10-11 2016-02-09 Openways Sas Secured method for controlling the opening of lock devices from messages implementing a symmetrical encryption
CN105894622A (zh) * 2015-12-14 2016-08-24 乐视移动智能信息技术(北京)有限公司 门禁识别方法、装置、系统及终端
CN110462691A (zh) * 2017-01-21 2019-11-15 云丁网络技术(北京)有限公司 智能门锁的开锁方法、移动终端、智能门锁及云服务器
US11335144B2 (en) 2017-01-21 2022-05-17 Yunding Network Technology (Beijing) Co., Ltd. Method for unlocking intelligent lock, mobile terminal, intelligent lock and server

Also Published As

Publication number Publication date
US8793784B2 (en) 2014-07-29
US20120233687A1 (en) 2012-09-13

Similar Documents

Publication Publication Date Title
EP2500872A1 (de) Gesichertes Steuerungsverfahren zur Öffnung von Schließvorrichtungen mit Hilfe eines kommunizierenden Objekts vom Typ Handy
EP2720199B1 (de) Gesichertes Steuerungsverfahren zum Öffnen von Verschlussvorrichtungen mit Hilfe von Meldungen, die eine symmetrische Verschlüsselung auslösen
EP2306407B1 (de) Gesichertes System zum Programmieren von Schließvorrichtungen über elektronische Steuerung durch chiffrierte akustische Akkreditierungen
EP3568794B1 (de) Verfahren und systeme zur durchführung von programmen in sicheren umgebungen
CN109272606B (zh) 一种基于区块链的智能锁监管设备、方法及存储介质
CN111478917B (zh) 一种为访问控制装置和用户终端提供网络服务的后台系统
TWI448922B (zh) 用於提供對一設施之存取的方法及在生物測定密鑰與伺服器之間的通信方法
WO2007119032A1 (fr) Procede de securisation de l'acces a un module de communication de proximite dans un terminal mobile
FR2989799A1 (fr) Procede de transfert d'un dispositif a un autre de droits d'acces a un service
EP3238200A1 (de) Sichere elektronische entität, elektronische vorrichtung und verfahren zur verifizierung der integrität von gespeicherten daten in einer derartigen sicheren elektronischen entität
EP3308564A1 (de) Verfahren zum laden einer virtuellen schlüssels und zugehöriges benutzerendgerät
WO2016087754A1 (fr) Procede mis en œuvre dans un document d'identite et document d'identite associe
EP1393272B1 (de) Verfahren und vorrichtung zum beglaubigen einer transaktion
US20130117815A1 (en) Method of Authorizing a Person, an Authorizing Architecture and a Computer Program Product
EP1653415A1 (de) Verfahren und Ausrüstung zur Verwaltung von Zugangskontrollkarten
FR3086414A1 (fr) Procede de traitement d'une transaction, dispositif, systeme et programme correspondant
CN110113153B (zh) 一种nfc密钥更新方法、终端及系统
FR3030817A1 (fr) Procede d'authentification d'un utilisateur, module securise, appareil electronique et systeme associes
EP3095223A1 (de) Verfahren zur übertragung von verschlüsselten daten, empfangsverfahren, vorrichtungen und computerprogramme im zusammenhang damit
EP4224442B1 (de) Verfahren zur steuerung des zugangs zu gebäuden
WO2017005644A1 (fr) Procédé et système de contrôle d'accès à un service via un média mobile sans intermediaire de confiance
EP4224441A1 (de) Verfahren zur steuerung des zugangs zu gebäuden
EP4224443A1 (de) Verfahren zur steuerung des zugangs zu gebäuden
KR100857081B1 (ko) 클라이언트 인증 중계 시스템

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

17P Request for examination filed

Effective date: 20130314

17Q First examination report despatched

Effective date: 20180328

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20200712