EP3009992B1 - Method and device for managing access rights - Google Patents

Method and device for managing access rights Download PDF

Info

Publication number
EP3009992B1
EP3009992B1 EP15450030.0A EP15450030A EP3009992B1 EP 3009992 B1 EP3009992 B1 EP 3009992B1 EP 15450030 A EP15450030 A EP 15450030A EP 3009992 B1 EP3009992 B1 EP 3009992B1
Authority
EP
European Patent Office
Prior art keywords
access control
control device
control devices
version number
status data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP15450030.0A
Other languages
German (de)
French (fr)
Other versions
EP3009992A1 (en
Inventor
Christoph Karl
Michael Kaplan
Peter FRIEDSCHALL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EVVA Sicherheitstechnologie GmbH
Original Assignee
EVVA Sicherheitstechnologie GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by EVVA Sicherheitstechnologie GmbH filed Critical EVVA Sicherheitstechnologie GmbH
Publication of EP3009992A1 publication Critical patent/EP3009992A1/en
Application granted granted Critical
Publication of EP3009992B1 publication Critical patent/EP3009992B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • G07C2009/00841Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed by a portable device
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/00865Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/60Indexing scheme relating to groups G07C9/00174 - G07C9/00944
    • G07C2209/62Comprising means for indicating the status of the lock

Definitions

  • the U.S. 2005/0168320 A1 shows and describes a method for managing access authorizations in a plurality of access control devices with reference to the subject matter of the present application.
  • Locking systems are mostly used in larger buildings in which access to a large number of rooms or building sections is to be controlled individually.
  • the authorization information is stored on electronic identification media, which can be programmed with suitable read/write devices without great effort.
  • the authorization information is in the form of an electronic code that can be electronically read by the reading units of the access control devices and evaluated with regard to access authorization.
  • the authorization information often includes encrypted information about the access control devices for which authorization was granted.
  • the authorization information can also include time or date information for which there is an access authorization.
  • access control devices or locking units are to be understood as meaning electrical, electronic or mechatronic locking units, in particular locks.
  • Locking units can include various components, such as reading devices for identification media, in particular Electronic keys, locking electronics and the like.
  • Access control devices or locking units are used in particular to block or release access to rooms depending on the access authorization and are accordingly intended for installation in doors, windows and the like.
  • Mechanical locking units are to be understood as meaning, for example, cylinder locks.
  • Mechatronic locking units are, for example, locking devices driven by electric motors, in particular electric cylinders.
  • Electric locking units are, for example, electric door openers.
  • Identification media are electronic identification media that have stored an electronic code or authorization information, e.g. in the form of cards, key fobs and combinations of mechanical and electronic keys.
  • the authorization information can be read either by contact or wirelessly.
  • Authorization information means, for example, identification or access codes and/or access conditions such as authorized access time, authorized access day, authorized access date of a user and the like.
  • the authorization information is formed by a secret access control device-specific key, i.e. an identifier identifying the access control device, and optionally a temporal authorization restriction.
  • the access control center can be implemented as a software application on a conventional computer or designed as a dedicated hardware unit. Locking authorizations can be assigned to the individual identification media in the access control center, with the corresponding authorization information then being written to an identification medium using a connected (e.g. via a network connection) or integrated writing unit.
  • the black list can also be managed in the access control center. In order to program the access control devices with the current black list, it is necessary to transfer the relevant data. This represents a great deal of effort, particularly in the case of locking systems in which the access control devices are not connected to the access control center via a communications network or the like worn ID media as a transmission medium for transferring the black list to the access control devices.
  • a disadvantage of the prior art described, however, is the fact that the access control center does not have an overview of the current status of the black list stored in the individual access control devices, i.e. no statement can be made as to whether the black list is already in all access control devices updated in the manner described above. Furthermore, other status information about the access control device is not available in the access control center, e.g. information about the remaining capacity of the batteries. In order to obtain reliable information about such status information, it is therefore necessary for an employee to visit all access control devices individually and obtain the desired information.
  • the procedure can be such that the status data is transmitted to the identification medium together with a unique identifier of the access control device and then written to the database, with the database being based on the identifier the status data is assigned to the relevant access control device.
  • the procedure can preferably be such that the status data includes information about the version number of the black list stored in the access control device.
  • the version numbers of the black list contained in the status data are preferably evaluated in the access control center, the evaluation preferably comprising a comparison of the version numbers contained in the status data with the version number of the most recent black list, with a note on a graphical user interface of the access control center is displayed on an access control device considered to be insecure if the version number contained in the status data of this access control device does not correspond to the most recent version number and, preferably, an identification medium exists that is contained in the most recent black list and has authorization for this access control device.
  • This corresponds to a global evaluation of the topicality of the black list of all access control devices involved and allows a general overview of which access devices have not yet been updated.
  • the user interface of the access control center can be designed in such a way that an indication of whether the individual doors are considered “secure” or “not secure” is displayed in a representation of the access control devices, in particular the doors.
  • the notice is not specific to the identification medium, ie a door is considered unsafe if a single blocked identification medium has access because the blacklist has not yet been updated.
  • the procedure is preferably such that the evaluation with regard to an access control device considered to be insecure also includes: determining whether the status data of this access control device includes an access event whose time is after the withdrawal of an authorization for this access control device.
  • An access event is any attempted or performed access, ie any activation of the access control device.
  • the status information is assigned a time stamp in each case.
  • the status information in the central database can be classified according to time.
  • the status information can also be assigned unique identification numbers that clearly define the chronological sequence of the status information.
  • the procedure can be such that the programming of the access control devices with the most recent black list includes the formation of difference data representing the update, to which the version number corresponding to the update is assigned, and that the access control devices only with the difference data and be programmed according to the assigned version number.
  • the difference data is processed accordingly in the access control devices and added to the existing data and/or replaces it, so that a current version of the black list is available after the difference data has been imported.
  • a preferred embodiment of the invention therefore provides that the remaining capacity of the energy store is monitored in the access control device and that the status data are supplemented or updated accordingly when the remaining capacity falls below a predetermined limit value.
  • the information about the remaining capacity thus becomes part of the status data and, as described above, is transmitted to the central database together with the other status data with the aid of the identification media.
  • a permanently open state is a state in which the access control device allows access permanently, so that it is not necessary to query an identification medium.
  • a preferred procedure provides that a permanently open state of the access control device is ended and/or prevented when the remaining capacity falls below a predetermined limit value. This forces the use of identification media again and the data transmission of status data to the access control center can take place.
  • the embodiment described also forms a separate, independent aspect of the present invention. In particular, the embodiment described can also be implemented without implementing a black list.
  • the embodiment described is independent of the type of data transmission of the status data from the respective access control device to the central database.
  • the transmission can take place either via a direct communication connection - wired or wireless - or through the mediation of the identification media.
  • a further preferred development of the invention provides that in the database Furthermore, operating states of the access control devices are managed and stored, with the access control devices being programmed with actuating signals for operating states to be updated, with the programming of the access control devices comprising the transmission of the actuating signals from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device . In this way, certain settings in the access control devices can be controlled from the access control center. For example, certain premium services in the access control devices can be activated or blocked again as required.
  • an access control center is denoted by 1 .
  • the functions of the access control center are implemented, for example, in a software application on a standard computer.
  • the access control center includes a central database that stores data on all access control devices in the locking system and all identification media intended for the locking system.
  • authorization information is stored in the database, ie information about which identification medium is authorized for blocking which access control device with which time authorization restriction.
  • at least one black list is stored in the database, which contains those identification media from which authorizations have been revoked.
  • the withdrawal of authorization can represent a withdrawal of authorization for all access control devices, for selected access control devices or only with regard to the temporal authorization restriction.
  • the access control center 1 is equipped with a graphical user interface 7 that can be operated by an administrator 8 .
  • the access control center 1 is connected to an update device 2, which has a read/write unit for writing data to identification media and for reading data from identification media.
  • the updating device can be arranged locally separately from the access control center and via a conventional wired or wireless computer network connection, via a serial interface or be connected to the access control center via another conventional data connection.
  • the locking system also includes a plurality of access control devices. Access control devices that do not have a direct communication link with the access control center 1 are denoted by 3 and 4 . Access control devices that have a communication link with the access control center 1 are denoted by 5 . Identification media in circulation are denoted by 6. Furthermore, a portable programming device 9 is provided, which can be recorded from the access control center 1 with data to be transmitted and with which access control devices of types 3 and 4 can be programmed on site.
  • the identification media 6 communicate with the update device 2, ie are connected to the read/write unit of the update device 2 by contact or wirelessly, an identification code of the respective identification medium 6 is read out, with which the identification medium can be uniquely identified.
  • the identification code is compared with a corresponding entry in the database of the access control center 1 and the authorization information assigned to this identification medium is retrieved from the database and written to the electronic memory of the identification medium 6 .
  • the global black list is retrieved from the database and written to the electronic memory of the identification medium 6. If the identification medium has already saved a previous version of the black list, this will be overwritten by the current version of the black list or only the difference data corresponding to the update will be overwritten.
  • the authorization information allows the identification medium 6 to block an access control device 3,4,5 for which there is locking authorization.
  • status data of the access control device are written together with an identification of the access control device in a mutually associated manner in the memory of the identification medium 6.
  • the status data include information about the remaining capacity of the energy store of the access control device (either the actual remaining capacity or just information that the remaining capacity has reached or fallen below a lower limit value), information about access events and, if necessary, information about the version number of the black data stored in the access control device List. If necessary, the black list is updated in the course of data communication.
  • Status data of the directly connected access control devices 5 are transmitted to the database by means of a direct data connection.
  • the database now allows a number of different evaluations that can be carried out via the user interface 7 . 1 shows an evaluation in which the status data stored in relation to all access control devices is checked to determine whether the black list corresponds to the current black list. This is done, for example, by checking whether the black list version number contained in the status data corresponds to the current black list version number.
  • Those access control devices for which the above check shows that they do not yet have the current black list are displayed on the user interface 7, ie on the screen assigned to the access control center 1, with a corresponding note, in particular a call sign, and their identifier, such as indicated with 10. These access control devices are therefore considered unsafe and the administrator can now use the programming device 9 to update the black list on site if necessary.
  • In 2 is an evaluation as in 1 shown, in which the evaluation is carried out individually for identification media.
  • An identification medium 6' is selected on the user interface and a query is started as to whether this identification medium is one or more access control devices 3.4 are unsafe. It is first checked whether and, if so, for which access control devices 3,4 for which the identification medium 6' was authorized, the access authorization was revoked and with which update of the black list this was done. Then, based on the status data stored in the database, it is checked whether these access control devices 3.4 already have the corresponding version of the black list.
  • In 3 proceeds from an evaluation 2 and adds another evaluation step.
  • the status data is used to check whether the identification medium 6' or 6" in question has carried out an access process after it has been added to the black list .
  • the locking events of the affected access control devices contained in the status data are checked and the doors 10 where unauthorized access has taken place are displayed on the user interface 7 .

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Lock And Its Accessories (AREA)

Description

Die Erfindung wird in den beigefügten Ansprüchen definiert.The invention is defined in the appended claims.

Die US 2005/0168320 A1 zeigt und beschreibt ein Verfahren zum Verwalten von Zutrittsberechtigungen in einer Mehrzahl von Zutrittskontrollvorrichtungen mit Bezug zum Gegenstand der vorliegenden Anmeldung.the U.S. 2005/0168320 A1 shows and describes a method for managing access authorizations in a plurality of access control devices with reference to the subject matter of the present application.

An moderne Schließanlagen werden vielfältige Anforderungen gestellt. Schließanlagen kommen meist in größeren Gebäuden zum Einsatz, in denen der Zutritt zu einer Vielzahl von Räumen oder Gebäudeabschnitten individuell kontrolliert werden soll. Um dem Bedürfnis nach häufig wechselnden Berechtigungen Rechnung zu tragen, werden Schließanlagen häufig mit Zutrittskontrollvorrichtungen ausgestattet, die elektronische Berechtigungsabfragemittel aufweisen. Die Berechtigungsinformationen sind auf elektronischen Identmedien gespeichert, die mit geeigneten Schreib-/Lesevorrichtungen ohne großen Aufwand programmiert werden können. Die Berechtigungsinformationen liegen hierbei als elektronischer Code vor, der von den Leseeinheiten der Zutrittskontrollvorrichtungen elektronisch ausgelesen und hinsichtlich der Zutrittsberechtigung ausgewertet werden kann. Häufig umfassen die Berechtigungsinformationen verschlüsselte Angaben über die Zutrittskontrollvorrichtungen, für welche eine Berechtigung vergeben wurde. Weiters können die Berechtigungsinformationen auch Zeit- oder Datumsangaben umfassen, hinsichtlich derer eine Zutrittsberechtigung vorliegt.A wide range of requirements are placed on modern locking systems. Locking systems are mostly used in larger buildings in which access to a large number of rooms or building sections is to be controlled individually. To dem To take into account the need for frequently changing authorizations, locking systems are often equipped with access control devices that have electronic authorization query means. The authorization information is stored on electronic identification media, which can be programmed with suitable read/write devices without great effort. The authorization information is in the form of an electronic code that can be electronically read by the reading units of the access control devices and evaluated with regard to access authorization. The authorization information often includes encrypted information about the access control devices for which authorization was granted. Furthermore, the authorization information can also include time or date information for which there is an access authorization.

Wenn im Rahmen der vorliegenden Erfindung vom Übertragen von Berechtigungsinformationen von einem Identmedium zu einer Zutrittskontrollvorrichtung oder vom Auslesen von Berechtigungsinformationen aus einem Identmedium gesprochen wird, bedeutet dies nicht notwendigerweise, dass der elektronische Code tatsächlich übertragen wird. Vielmehr sind davon auch kryptographische Verfahren umfasst, bei denen es durch geeignete Algorithmen gelingt ohne Übertragung der sensiblen Codes festzustellen, ob das Identmedium und die Zutrittskontrollvorrichtung über dasselbe Geheimnis verfügen, welches einer Zutrittsberechtigung entspricht.If within the scope of the present invention the transmission of authorization information from an identification medium to an access control device or the reading of authorization information from an identification medium is discussed, this does not necessarily mean that the electronic code is actually transmitted. Rather, it also includes cryptographic methods in which suitable algorithms can be used to determine whether the identification medium and the access control device have the same secret, which corresponds to an access authorization, without transmitting the sensitive code.

Unter Zutrittskontrollvorrichtungen oder Schließeinheiten sind im Rahmen der Erfindung elektrische, elektronische oder mechatronische Schließeinheiten, insbesondere Schlösser, zu verstehen. Schließeinheiten können hierbei verschiedene Komponenten umfassen, wie z.B. Leseeinrichtungen für Identmedien, insbesondere elektronische Schlüssel, eine Schließelektronik und dgl. Zutrittskontrollvorrichtungen bzw. Schließeinheiten dienen dabei insbesondere dazu, den Zutritt zu Räumen in Abhängigkeit von der Zutrittsberechtigung zu versperren oder freizugeben und sind dementsprechend zum Einbau in Türen, Fenstern und dgl. vorgesehen. Unter mechanischen Schließeinheiten sind z.B. Zylinderschlösser zu verstehen. Mechatronische Schließeinheiten sind z.B. elektromotorisch angetriebene Sperreinrichtungen, insbesondere E-Zylinder. Elektrische Schließeinheiten sind z.B. elektrische Türöffner.Within the scope of the invention, access control devices or locking units are to be understood as meaning electrical, electronic or mechatronic locking units, in particular locks. Locking units can include various components, such as reading devices for identification media, in particular Electronic keys, locking electronics and the like. Access control devices or locking units are used in particular to block or release access to rooms depending on the access authorization and are accordingly intended for installation in doors, windows and the like. Mechanical locking units are to be understood as meaning, for example, cylinder locks. Mechatronic locking units are, for example, locking devices driven by electric motors, in particular electric cylinders. Electric locking units are, for example, electric door openers.

Unter Identmedien werden elektronische Identifikationsmedien verstanden, die einen elektronischen Code bzw. Berechtigungsinformationen gespeichert haben, z.B. in der Form von Karten, Schlüsselanhängern und Kombinationen aus mechanischen und elektronischen Schlüsseln. Dabei können die Berechtigungsinformationen entweder kontaktbehaftet oder drahtlos ausgelesen werden.Identification media are electronic identification media that have stored an electronic code or authorization information, e.g. in the form of cards, key fobs and combinations of mechanical and electronic keys. The authorization information can be read either by contact or wirelessly.

Unter Berechtigungsinformationen sind z.B. Identifikations- bzw. Zugangscodes und/oder Zutrittsbedingungen wie z.B. berechtigte Zutrittszeit, berechtigter Zutrittstag, berechtigtes Zutrittsdatum eines Benutzers und dgl. zu verstehen. Insbesondere werden die Berechtigungsinformationen von einem geheimen zutrittskontrollvorrichtungsindividuellen Schlüssel, d.h. einer die Zutrittskontrollvorrichtung identifizierenden Kennung, und optional einer zeitlichen Berechtigungseinschränkung gebildet.Authorization information means, for example, identification or access codes and/or access conditions such as authorized access time, authorized access day, authorized access date of a user and the like. In particular, the authorization information is formed by a secret access control device-specific key, i.e. an identifier identifying the access control device, and optionally a temporal authorization restriction.

Um die Sicherheit von Schließanlagen zu vergrößern, ist es bekannt, die Zutrittsberechtigung in den Zutrittskontrollvorrichtungen nicht nur anhand der vom Identmedium erhaltenen Berechtigungsinformation zu überprüfen, sondern zusätzlich schwarze Listen von Identmedien heranzuziehen, denen eine Berechtigung entzogen wurde. Die schwarze Liste muss hierbei in jeder Zutrittskontrollvorrichtung der Schließanlage gespeichert werden, um sicherzustellen, dass ein Identmedium, das nicht mehr zutrittsberechtigt ist, jedoch noch immer im Umlauf ist, keinen Zutritt erhält.In order to increase the security of locking systems, it is known not only to check the access authorization in the access control devices using the authorization information obtained from the identification medium, but also to use black lists of identification media to which authorization is granted was withdrawn. The black list must be saved in every access control device of the locking system to ensure that an identification medium that is no longer authorized but is still in circulation is not granted access.

In großen Schließanlagen ist es üblich, die Schließberechtigungen in einer Zutrittskontrollzentrale zu verwalten. Die Zutrittskontrollzentrale kann als Softwareanwendung auf einem herkömmlichen Computer implementiert oder als dezidierte Hardware-Einheit ausgebildet sein. In der Zutrittskontrollzentrale können den einzelnen Identmedien Schließberechtigungen zugewiesen werden, wobei die entsprechenden Berechtigungsinformationen in der Folge mit Hilfe einer angeschlossenen (zB über eine Netzwerkverbindung) oder integrierten Schreibeinheit auf ein Identmedium geschrieben werden. Weiters kann in der Zutrittskontrollzentrale auch die schwarze Liste verwaltet werden. Um die Zutrittskontrollvorrichtungen mit der jeweils aktuellen schwarzen Liste zu programmieren, ist es erforderlich die entsprechenden Daten zu übertragen. Dies stellt insbesondere bei Schließanlagen, bei denen die Zutrittskontrollvorrichtungen nicht mit der Zutrittskontrollzentrale über ein Kommunikationsnetzwerk oder dgl. verbunden sind, einen hohen Aufwand dar. Um den Aufwand zu minimieren, ist bereits vorgeschlagen worden, die mit den Berechtigungsinformationen programmierten und von den Benutzern mit sich getragenen Identmedien als Übertragungsmedium zur Übertragung der schwarzen Liste auf die Zutrittskontrollvorrichtungen zu nutzen. Die schwarze Liste wird hierbei anlässlich der Programmierung oder der Aktualisierung der Identmedien mit Berechtigungsinformationen auf die Identmedien geschrieben. Bei einem Zutrittswunsch, bei dem eine Datenkommunikation zwischen einem Identmedium und einer Zutrittskontrollvorrichtung aufgebaut wird, um die Zutrittsberechtigung zu überprüfen, wird gleichzeitig die schwarze Liste auf die betreffende Zutrittskontrollvorrichtung übertragen. Dies ermöglicht es, die schwarze Liste oder eine Aktualisierung derselben rasch an eine großen Anzahl an Zutrittskontrollvorrichtungen zu verteilen. Einem gesperrten Identmedium, das sich noch im Umlauf befindet und dessen Berechtigungsinformationen im Speicher des Identmediums noch nicht geändert oder gelöscht werden konnten, wird der Zutritt auf Grund der über andere beteiligte Identmedien übertragenen schwarzen Liste daher verwehrt.In large locking systems, it is common to manage locking authorizations in an access control center. The access control center can be implemented as a software application on a conventional computer or designed as a dedicated hardware unit. Locking authorizations can be assigned to the individual identification media in the access control center, with the corresponding authorization information then being written to an identification medium using a connected (e.g. via a network connection) or integrated writing unit. The black list can also be managed in the access control center. In order to program the access control devices with the current black list, it is necessary to transfer the relevant data. This represents a great deal of effort, particularly in the case of locking systems in which the access control devices are not connected to the access control center via a communications network or the like worn ID media as a transmission medium for transferring the black list to the access control devices. The black list is written to the identification media when programming or updating the identification media with authorization information. In the event of an access request in which data communication is established between an identification medium and an access control device in order to grant access authorization check, the black list is simultaneously transferred to the relevant access control device. This makes it possible to quickly distribute the black list or an update thereof to a large number of access control devices. A blocked identification medium that is still in circulation and whose authorization information in the memory of the identification medium has not yet been changed or deleted is therefore denied access due to the black list transmitted via other identification media involved.

Nachteilig bei dem beschriebenen Stand der Technik ist jedoch der Umstand, dass in der Zutrittskontrollzentrale kein Überblick über den aktuellen Stand der in den einzelnen Zutrittskontrollvorrichtungen gespeicherten schwarzen Liste vorhanden ist, d.h. es kann keine Aussage darüber getroffen werden, ob die schwarze Liste bereits in allen Zutrittskontrollvorrichtungen auf die oben beschriebene Art aktualisiert wurde. Weiters sind in der Zutrittskontrollzentrale auch andere Zustandsinformationen über die Zutrittskontrollvorrichtung nicht verfügbar, z.B. solche über die Restkapazität der Batterien. Um zuverlässige Auskunft über solche Zustandsinformationen zu erhalten, ist es daher notwendig, dass ein Mitarbeiter alle Zutrittskontrollvorrichtungen einzeln aufsucht und die gewünschten Informationen einholt.A disadvantage of the prior art described, however, is the fact that the access control center does not have an overview of the current status of the black list stored in the individual access control devices, i.e. no statement can be made as to whether the black list is already in all access control devices updated in the manner described above. Furthermore, other status information about the access control device is not available in the access control center, e.g. information about the remaining capacity of the batteries. In order to obtain reliable information about such status information, it is therefore necessary for an employee to visit all access control devices individually and obtain the desired information.

Die vorliegende Erfindung zielt daher darauf ab, die oben genannten Nachteile zu überwinden und ein Verfahren und eine Schließanlage der eingangs genannten Art dahingehend zu verbessern, dass Sicherheitsprobleme oder Funktionseinschränkungen in der Zutrittskontrollzentrale zuverlässig anzeigt werden.The present invention therefore aims to overcome the disadvantages mentioned above and to improve a method and a locking system of the type mentioned at the outset such that security problems or functional restrictions in the access control center are reliably displayed.

Zur Lösung dieser Aufgabe sieht die Erfindung bei einem Verfahren der eingangs genannten Art vor, dass in der zentralen Datenbank weiters Zustandsdaten der Zutrittskontrollvorrichtungen gespeichert werden, wobei die Zustandsdaten Informationen über die Restkapazität eines Energiespeichers der Zutrittskontrollvorrichtung, Informationen über die gespeicherte schwarze Liste und/oder Zutrittsereignisse umfassen, wobei die Zustandsdaten, ggf. im Zuge einer Abfrage der Zutrittsberechtigung, von der Zutrittskontrollvorrichtung auf das Identmedium oder auf ein gesondertes Programmiergerät übertragen und in der Folge durch Auslesen des Identmediums bzw. des Programmiergeräts in die zentrale Datenbank geschrieben werden.To solve this problem, the invention provides in a method of the type mentioned that in the central database Furthermore, status data of the access control devices are stored, the status data including information about the remaining capacity of an energy store of the access control device, information about the stored black list and/or access events, the status data being transferred from the access control device to the ID medium, possibly in the course of an access authorization query or transferred to a separate programming device and subsequently written to the central database by reading the ID medium or the programming device.

Dadurch, dass nun nicht nur die Identmedien und die Berechtigungsinformationen in der zentralen Datenbank verwaltet werden, sondern auch die Zustandsinformationen der Zutrittskontrollvorrichtungen, kann eine sicherheitsbeauftragte Person des entsprechenden Gebäudes sich sofort einen Überblick verschaffen, bei welchen Bereichen oder Räumen die Sicherheit ggf. kompromittiert ist. Sollte die Person dabei feststellen, dass die Sicherheitsbeeinträchtigung in einem sicherheitskritischen Bereich vorliegt, kann sie die betroffene(n) Zutrittskontrollvorrichtung(en) aufsuchen und die erforderlichen Maßnahmen setzen, wie z.B. die schwarze Liste aktualisieren oder andere Fehlfunktionen beheben.Because not only the identification media and the authorization information are now managed in the central database, but also the status information of the access control devices, a person responsible for security in the relevant building can immediately get an overview of which areas or rooms the security of which may have been compromised. If the person discovers that the security impairment is in a security-critical area, they can visit the affected access control device(s) and take the necessary measures, such as updating the black list or rectifying other malfunctions.

Die Übertragung der Zustandsdaten von den Zutrittskontrollvorrichtungen erfolgt hierbei in einfacher und vorteilhafter Weise unter Zuhilfenahme der Identmedien. Jedes Mal, wenn ein Identmedium im Rahmen eines Zutrittsversuchs in Datenkommunikation mit einer Zutrittskontrollvorrichtung tritt, erhält es die Zustandsdaten der Zutrittskontrollvorrichtung überspielt. Sobald das Identmedium zu einer mit der Zutrittskontrollzentrale in Verbindung stehenden Schreib-/Leseeinheit gelangt, z.B. wenn die Berechtigungsinformationen auf dem Identmedium aktualisiert werden, werden die Zustandsdaten an die zentrale Datenbank übertragen und können dort der jeweils gewünschten Verarbeitung zugeführt werden. Bei einer ausreichenden Anzahl an Identmedien, die regelmäßig zum Betreten von Gebäudeabschnitten oder Räumen verwendet werden, kann auf diese Art und Weise eine überaus rasche und effiziente Übertragung von Zustandsdaten an die zentrale Datenbank erfolgen. Durch geeignete Maßnahmen können die Benutzer von Identmedien gezwungen werden, ihr Identmedium regelmäßig an einer mit der Zutrittskontrollzentrale verbundenen Schreib-/Leseeinheit zu aktualisieren, um die Frequenz von Aktualisierungen der Zustandsdaten in der zentrale Datenbank zu erhöhen. Beispielsweise kann vorgesehen sein, dass Berechtigungen nur für eine begrenzte Zeitdauer gültig sind, insbesondere dadurch, dass die Berechtigungsinformationen Datums- und Zeitangaben über ihren Gültigkeitszeitraum umfassen. Die Berechtigungen müssen dann regelmäßig erneuert werden.The status data from the access control devices is transmitted in a simple and advantageous manner with the aid of the identification media. Every time an identification medium enters into data communication with an access control device as part of an access attempt, it receives the status data of the access control device. As soon as the ID medium reaches a read/write unit connected to the access control center, e.g. when the authorization information on the ID medium is updated status data is transferred to the central database and can be processed there as required. If there is a sufficient number of identification media that are regularly used to enter building sections or rooms, status data can be transmitted to the central database extremely quickly and efficiently in this way. Appropriate measures can be taken to force the users of identification media to update their identification medium regularly on a read/write unit connected to the access control center in order to increase the frequency of updates to the status data in the central database. For example, it can be provided that authorizations are only valid for a limited period of time, in particular because the authorization information includes date and time information about its validity period. The authorizations must then be renewed regularly.

Um eine Zuordnung der übertragenen Zustandsdaten in der zentralen Datenbank zu erleichtern, kann so vorgegangen werden, dass die Zustandsdaten gemeinsam mit einer eindeutigen Kennung der Zutrittskontrollvorrichtung auf das Identmedium übertragen und in der Folge in die Datenbank geschrieben werden, wobei in der Datenbank auf Grund der Kennung eine Zuordnung der Zustandsdaten zu der betreffenden Zutrittskontrollvorrichtung vorgenommen wird.In order to facilitate assignment of the transmitted status data in the central database, the procedure can be such that the status data is transmitted to the identification medium together with a unique identifier of the access control device and then written to the database, with the database being based on the identifier the status data is assigned to the relevant access control device.

Eine bevorzugte Verfahrensweise sieht vor, dass der in der zentralen Datenbank gespeicherten schwarzen Liste eine eindeutige Versionsnummer zugeordnet ist, wobei der schwarzen Liste bei deren Aktualisierung eine neue Versionsnummer zugeordnet wird, und dass die Zutrittskontrollvorrichtungen mit der aktuellsten schwarzen Liste samt zugeordneter Versionsnummer programmiert werden. Das Zuordnen von Versionsnummern zu verschiedenen Versionen der schwarzen Liste erleichtert die Auswertung des Aktualisierungsstatus der Zutrittskontrollvorrichtungen insbesondere dann, wenn die schwarze Liste in kurzen Zeitabständen aktualisiert wird.A preferred procedure provides that the black list stored in the central database is assigned a unique version number, with the black list being assigned a new version number when it is updated, and that the access control devices are programmed with the most recent black list together with the assigned version number. Assigning version numbers to different Versions of the black list makes it easier to evaluate the update status of the access control devices, especially when the black list is updated at short intervals.

In diesem Zusammenhang kann bevorzugt so vorgegangen werden, dass die Zustandsdaten Informationen über die Versionsnummer der in der Zutrittskontrollvorrichtung gespeicherten schwarzen Liste umfassen.In this context, the procedure can preferably be such that the status data includes information about the version number of the black list stored in the access control device.

In bevorzugter Weise wird in der Zutrittskontrollzentrale eine Auswertung der in den Zustandsdaten enthaltenen Versionsnummern der schwarzen Liste vorgenommen, wobei die Auswertung vorzugsweise einen Vergleich der in den Zustandsdaten enthaltenen Versionsnummern mit der Versionsnummer der aktuellsten schwarzen Liste umfasst, wobei auf einer graphischen Benutzeroberfläche der Zutrittskontrollzentrale ein Hinweis auf eine als unsicher betrachtete Zutrittskontrollvorrichtung angezeigt wird, wenn die in den Zustandsdaten dieser Zutrittskontrollvorrichtung enthaltene Versionsnummer nicht der aktuellsten Versionsnummer entspricht und, bevorzugt, ein Identmedium existiert, das in der aktuellsten schwarzen Liste enthalten ist und eine Berechtigung für diese Zutrittskontrollvorrichtung aufweist. Dies entspricht einer globalen Auswertung der Aktualität der schwarzen Liste aller beteiligten Zutrittskontrollvorrichtungen und erlaubt einen generellen Überblick, welche Zutrittsvorrichtungen noch nicht aktualisiert wurden. Die Benutzeroberfläche der Zutrittskontrollzentrale kann in diesem Zusammenhang so gestaltet sein, dass in eine Darstellung der Zutrittskontrollvorrichtungen, insbesondere der Türen, ein Hinweis eingeblendet wird, ob die einzelnen Türen als "sicher" oder "nicht sicher" gelten. Der Hinweis ist dabei nicht Identmedium-spezifisch, d.h. eine Tür gilt dann als unsicher, wenn ein einziges gesperrtes Identmedium Zutritt hat, weil die schwarze Liste noch nicht aktualisiert wurde.The version numbers of the black list contained in the status data are preferably evaluated in the access control center, the evaluation preferably comprising a comparison of the version numbers contained in the status data with the version number of the most recent black list, with a note on a graphical user interface of the access control center is displayed on an access control device considered to be insecure if the version number contained in the status data of this access control device does not correspond to the most recent version number and, preferably, an identification medium exists that is contained in the most recent black list and has authorization for this access control device. This corresponds to a global evaluation of the topicality of the black list of all access control devices involved and allows a general overview of which access devices have not yet been updated. In this context, the user interface of the access control center can be designed in such a way that an indication of whether the individual doors are considered "secure" or "not secure" is displayed in a representation of the access control devices, in particular the doors. The notice is not specific to the identification medium, ie a door is considered unsafe if a single blocked identification medium has access because the blacklist has not yet been updated.

Eine für ein bestimmtes Identmedium spezifische Auswertung der Zustandsdaten (schwarze Liste) umfasst vorzugsweise:

  • das Selektieren eines Identmediums, das in der aktuellsten schwarzen Liste enthalten ist,
  • das Auswerten der Berechtigungsinformationen, um zu ermitteln, für welche Zutrittskontrollvorrichtungen die Berechtigung entzogen wurde,
  • das Vergleichen der in den Zustandsdaten der ermittelten Zutrittskontrollvorrichtungen enthaltenen Versionsnummern mit der Versionsnummer der aktuellsten schwarzen Liste, wobei auf einer graphischen Benutzeroberfläche der Zutrittskontrollzentrale ein Hinweis auf eine als unsicher betrachtete Zutrittskontrollvorrichtung angezeigt wird, wenn die in den Zustandsdaten dieser Zutrittskontrollvorrichtung enthaltene Versionsnummer nicht der aktuellsten Versionsnummer entspricht.
An evaluation of the status data (black list) specific to a specific identification medium preferably includes:
  • selecting an identification medium that is included in the most recent black list,
  • evaluating the authorization information to determine which access control devices have had their authorization revoked,
  • comparing the version numbers contained in the status data of the identified access control devices with the version number of the most recent black list, with a reference to an access control device considered unsafe being displayed on a graphical user interface of the access control center if the version number contained in the status data of this access control device is not the most recent version number is equivalent to.

Wenn eine Zutrittskontrollvorrichtung als unsicher erkannt wurde, ist es vorteilhaft, wenn festgestellt werden kann, ob sich ein gesperrtes Identmedium tatsächlich bereits unberechtigt Zutritt verschafft hat. In diesem Zusammenhang wird bevorzugt so vorgegangen, dass die Auswertung in Bezug auf eine als unsicher betrachtete Zutrittskontrollvorrichtung weiters umfasst: Ermitteln, ob die Zustandsdaten dieser Zutrittskontrollvorrichtung ein Zutrittsereignis umfassen, dessen Zeitpunkt nach dem Entzug einer Berechtigung für diese Zutrittskontrollvorrichtung liegt. Unter einem Zutrittsereignis ist hierbei jeder versuchte oder durchgeführte Zutritt, d.h. jede Aktivierung der Zutrittskontrollvorrichtung zu verstehen.If an access control device has been identified as insecure, it is advantageous if it can be determined whether a blocked identification medium has actually already gained unauthorized access. In this context, the procedure is preferably such that the evaluation with regard to an access control device considered to be insecure also includes: determining whether the status data of this access control device includes an access event whose time is after the withdrawal of an authorization for this access control device. An access event is any attempted or performed access, ie any activation of the access control device.

Auf Grund des Umstandes, dass zwischen der Übertragung von Zustandsdaten auf ein Identmedium und der weiteren Übertragung an die zentrale Datenbank eine Zeitspanne unbekannter Dauer liegt, ist es vorteilhaft, wenn den Zustandsinformationen jeweils ein Zeitstempel zugeordnet wird. Dadurch können die Zustandsinformationen in der zentralen Datenbank entsprechend zeitlich eingeordnet werden. Zusätzlich zum Zeitstempel können den Zustandsinformationen auch eindeutige Identifikationsnummern zugeordnet werden, welche die zeitliche Reihenfolge der Zustandsinformationen eindeutig festlegen.Due to the fact that there is an unknown length of time between the transmission of status data to an identification medium and the further transmission to the central database, it is advantageous if the status information is assigned a time stamp in each case. As a result, the status information in the central database can be classified according to time. In addition to the time stamp, the status information can also be assigned unique identification numbers that clearly define the chronological sequence of the status information.

Um die zu übertragende Datengröße zu minimieren, kann so vorgegangen werden, dass die Programmierung der Zutrittskontrollvorrichtungen mit der aktuellsten schwarzen Liste das Bilden von die Aktualisierung repräsentierenden Differenzdaten umfasst, denen die der Aktualisierung entsprechende Versionsnummer zugeordnet ist, und dass die Zutrittskontrollvorrichtungen lediglich mit den Differenzdaten und der zugeordneten Versionsnummer programmiert werden. Die Differenzdaten werden in den Zutrittskontrollvorrichtungen entsprechend verarbeitet und zu den bestehenden Daten hinzugefügt und/oder ersetzen diese, sodass nach dem Einspielen der Differenzdaten eine aktuelle Version der schwarzen Liste vorhanden ist.In order to minimize the data size to be transmitted, the procedure can be such that the programming of the access control devices with the most recent black list includes the formation of difference data representing the update, to which the version number corresponding to the update is assigned, and that the access control devices only with the difference data and be programmed according to the assigned version number. The difference data is processed accordingly in the access control devices and added to the existing data and/or replaces it, so that a current version of the black list is available after the difference data has been imported.

Ein weiteres Problem bei Schließanlagen, deren Zutrittskontrollvorrichtungen nicht mit der Zutrittskontrollzentrale vernetzt sind, liegt darin, dass in der Zentrale kein Überblick über die Restkapazität der Energiespeicher der einzelnen Zutrittskontrollvorrichtungen vorhanden ist. Eine diesbezügliche Information ist aber kritisch, um rechtzeitig einen Batterietausch vornehmen zu können. Eine bevorzugte Ausbildung der Erfindung sieht daher vor, dass die Restkapazität des Energiespeichers in der Zutrittskontrollvorrichtung überwacht wird und dass die Zustandsdaten bei Unterschreiten eines vorgegebenen Grenzwerts der Restkapazität entsprechend ergänzt oder aktualisiert werden. Die Information über die Restkapazität wird somit zu einem Bestandteil der Zustandsdaten und wird wie oben beschreiben gemeinsam mit den anderen Zustandsdaten unter Zuhilfenahme der Identmedien an die zentrale Datenbank übermittelt.Another problem with locking systems whose access control devices are not networked with the access control center is that the control center does not have an overview of the remaining capacity of the energy stores of the individual access control devices. However, information on this is critical in order to be able to replace the battery in good time. A preferred embodiment of the invention therefore provides that the remaining capacity of the energy store is monitored in the access control device and that the status data are supplemented or updated accordingly when the remaining capacity falls below a predetermined limit value. The information about the remaining capacity thus becomes part of the status data and, as described above, is transmitted to the central database together with the other status data with the aid of the identification media.

Allerdings gewährleistet diese Vorgehensweise keine zuverlässige Zustandsdatenübermittlung bei Türen, die sich in einem Daueröffnungszustand befinden. Bei solchen Türen ist die Benutzung von Identmedien nicht erforderlich, sodass die Zustandsdaten nicht übermittelt werden. Unter einem Daueröffnungszustand wird hierbei ein Zustand bezeichnet, in dem die Zutrittskontrollvorrichtung den Zutritt dauerhaft freigibt, sodass die Abfrage eines Identmediums nicht erforderlich ist. Um auch bei solchen Fällen sicherzustellen, dass das Unterschreiten der Restkapazität des Energiespeichers rechtzeitig erkannt wird, sieht eine bevorzugte Vorgehensweise vor, dass bei Unterschreiten eines vorgegebenen Grenzwerts der Restkapazität ein Daueröffnungszustand der Zutrittskontrollvorrichtung beendet und/oder unterbunden wird. Dadurch wird die Verwendung von Identmedien wieder erzwungen und die Datenübermittlung von Zustandsdaten an die Zutrittskontrollzentrale kann vonstattengehen. Die beschriebene Ausführung bildet auch einen eigenen, unabhängigen Aspekt der vorliegenden Erfindung. Insbesondere ist die beschriebene Ausführung auch ohne die Implementierung einer schwarzen Liste realisierbar. Weiters ist die beschriebene Ausführung unabhängig von der Art der Datenübermittlung der Zustandsdaten von der jeweiligen Zutrittskontrollvorrichtung an die zentrale Datenbank. Die Übermittlung kann entweder über eine direkte Kommunikationsverbindung - kabelgebunden oder drahtlos - oder unter Vermittlung der Identmedien erfolgen. Eine weitere bevorzugte Weiterbildung der Erfindung sieht vor, dass in der Datenbank weiters Betriebszustände der Zutrittskontrollvorrichtungen verwaltet und gespeichert werden, wobei die Zutrittskontrollvorrichtungen mit Stellsignalen für zu aktualisierende Betriebszustände programmiert werden, wobei die Programmierung der Zutrittskontrollvorrichtungen das Übertragen der Stellsignale von der Zutrittskontrollzentrale auf wenigstens ein Identmedium und, im Zuge eines Zutrittswunsches, vom Identmedium auf die Zutrittskontrollvorrichtung umfasst. Auf diese Weise können bestimmte Einstellungen in den Zutrittskontrollvorrichtungen von der Zutrittskontrollzentrale aus gesteuert werden. So können dadurch z.B. bestimmte Premium-Dienste in den Zutrittskontrollvorrichtungen bei Bedarf freigeschalten oder wieder gesperrt werden.However, this procedure does not ensure reliable status data transmission for doors that are in a permanently open status. With such doors, the use of identification media is not necessary, so that the status data is not transmitted. A permanently open state is a state in which the access control device allows access permanently, so that it is not necessary to query an identification medium. In order to ensure that falling below the remaining capacity of the energy store is recognized in good time in such cases, a preferred procedure provides that a permanently open state of the access control device is ended and/or prevented when the remaining capacity falls below a predetermined limit value. This forces the use of identification media again and the data transmission of status data to the access control center can take place. The embodiment described also forms a separate, independent aspect of the present invention. In particular, the embodiment described can also be implemented without implementing a black list. Furthermore, the embodiment described is independent of the type of data transmission of the status data from the respective access control device to the central database. The transmission can take place either via a direct communication connection - wired or wireless - or through the mediation of the identification media. A further preferred development of the invention provides that in the database Furthermore, operating states of the access control devices are managed and stored, with the access control devices being programmed with actuating signals for operating states to be updated, with the programming of the access control devices comprising the transmission of the actuating signals from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device . In this way, certain settings in the access control devices can be controlled from the access control center. For example, certain premium services in the access control devices can be activated or blocked again as required.

Zur Durchführung des erfindungsgemäßen Verfahrens sieht die Erfindung eine Schließanlage vor, umfassend eine Mehrzahl von Zutrittskontrollvorrichtungen, eine als elektronische Recheneinheit ausgebildete Zutrittskontrollzentrale und eine Mehrzahl von elektronischen Identmedien,

  • wobei die Zutrittskontrollzentrale einen als zentrale Datenbank strukturierten elektronischen Speicher umfasst, in dem Angaben über die Identmedien und diesen zugeordnete Berechtigungsinformationen gespeichert sind,
  • wobei in der Datenbank weiters eine schwarze Liste umfassend Identmedien gespeichert ist, denen Berechtigungen entzogen wurden,
  • wobei die Zutrittskontrollzentrale mit wenigstens einer Schreib-/Leseeinheit zusammenwirkt, um Identmedien mit den jeweils zugeordneten Berechtigungsinformationen zu programmieren,
  • wobei die Zutrittskontrollvorrichtungen Schreib-/Leseeinheiten aufweisen, um Berechtigungsinformationen mittels elektronischer Datenkommunikation zwischen der Zutrittskontrollvorrichtung und dem Identmedium abzufragen,
  • wobei die Zutrittskontrollzentrale ausgebildet und eingerichtet ist, um die Zutrittskontrollvorrichtungen mit der schwarzen Liste zu programmieren, in dem die schwarze Liste von der Zutrittskontrollzentrale auf wenigstens ein Identmedium und, im Zuge eines Zutrittswunsches, vom Identmedium auf die Zutrittskontrollvorrichtung übertragen wird, dadurch gekennzeichnet,
  • dass in der zentralen Datenbank weiters Zustandsdaten der Zutrittskontrollvorrichtungen gespeichert sind, wobei die Zustandsdaten Informationen über die Restkapazität eines Energiespeichers der Zutrittskontrollvorrichtung, Informationen über die gespeicherte schwarze Liste und/oder Zutrittsereignisse umfassen,
  • wobei die Zutrittskontrollvorrichtungen ausgebildet und eingerichtet sind, um die Zustandsdaten, ggf. im Zuge einer Abfrage der Zutrittsberechtigung, von der Zutrittskontrollvorrichtung auf das Identmedium oder auf ein gesondertes Programmiergerät zu übertragen und die Zutrittskontrollzentrale mit der Schreib-/Leseeinheit zusammenwirkt, um die Zustandsdaten aus dem Identmedium bzw. aus dem Programmiergerät auszulesen und in die zentrale Datenbank zu schreiben.
To carry out the method according to the invention, the invention provides a locking system, comprising a plurality of access control devices, an access control center designed as an electronic processing unit and a plurality of electronic identification media,
  • wherein the access control center comprises an electronic memory structured as a central database, in which information about the identification media and authorization information assigned to them is stored,
  • a black list comprising identification media from which authorizations have been revoked is also stored in the database,
  • wherein the access control center interacts with at least one read/write unit in order to program identification media with the respectively assigned authorization information,
  • wherein the access control devices have write / read units to authorization information by means query electronic data communication between the access control device and the identification medium,
  • wherein the access control center is designed and set up to program the access control devices with the black list, in which the black list is transmitted from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device, characterized in that
  • that status data of the access control devices are also stored in the central database, the status data including information about the remaining capacity of an energy store of the access control device, information about the stored black list and/or access events,
  • wherein the access control devices are designed and set up to transfer the status data, possibly in the course of an access authorization query, from the access control device to the identification medium or to a separate programming device and the access control center interacts with the read/write unit to transfer the status data from the Read identification medium or from the programming device and write to the central database.

Bevorzugte Weiterbildungen der Schließanlage sind in den Ansprüchen 15 bis 25 beschrieben.Preferred developments of the locking system are described in claims 15 to 25.

Die Erfindung wird nachfolgend anhand von in der Zeichnung dargestellten Ausführungsbeispielen näher erläutert. In dieser zeigen Fig. 1 eine Schließanlage mit einer Zutrittskontrollzentrale und einer ersten Ausbildung einer Auswertung des Sicherheitsstatus der Anlage, Fig. 2 eine Anlage gemäß Fig. 1 einer zweiten Ausbildung einer Auswertung des Sicherheitsstatus der Anlage und Fig. 3 eine Anlage gemäß Fig. 1 einer dritten Ausbildung einer Auswertung des Sicherheitsstatus der Anlage.The invention is explained in more detail below with reference to exemplary embodiments illustrated in the drawing. in this show 1 a locking system with an access control center and an initial training of an evaluation of the security status of the system, 2 an attachment according to 1 a second formation of an evaluation of the security status of the installation and 3 an attachment according to 1 a third formation of an evaluation of the safety status of the installation.

In Fig. 1 ist eine Zutrittskontrollzentrale mit 1 bezeichnet. Die Funktionen der Zutrittskontrollzentrale sind beispielsweise in einer Softwareanwendung auf einem handelsüblichen Computer realisiert. Die Zutrittskontrollzentrale umfasst eine zentrale Datenbank, die Daten über alle in der Schließanlage vorhandenen Zutrittskontrollvorrichtungen und alle für die Schließanlage vorgesehenen Identmedien gespeichert hat. Weiters sind in der Datenbank Berechtigungsinformationen gespeichert, d.h. Informationen darüber, welches Identmedium für das Sperren welcher Zutrittskontrollvorrichtung mit welcher zeitlichen Berechtigungseinschränkung berechtigt ist. Weiters ist in der Datenbank wenigstens eine schwarze Liste gespeichert, welche diejenigen Identmedien enthält, welchen Berechtigungen entzogen wurden. Der Berechtigungsentzug kann hierbei einen Entzug der Berechtigung für alle Zutrittskontrollvorrichtungen, für ausgewählte Zutrittskontrollvorrichtungen oder lediglich hinsichtlich der zeitlichen Berechtigungseinschränkung darstellen.In 1 an access control center is denoted by 1 . The functions of the access control center are implemented, for example, in a software application on a standard computer. The access control center includes a central database that stores data on all access control devices in the locking system and all identification media intended for the locking system. Furthermore, authorization information is stored in the database, ie information about which identification medium is authorized for blocking which access control device with which time authorization restriction. Furthermore, at least one black list is stored in the database, which contains those identification media from which authorizations have been revoked. The withdrawal of authorization can represent a withdrawal of authorization for all access control devices, for selected access control devices or only with regard to the temporal authorization restriction.

Die Zutrittskontrollzentrale 1 ist mit einer graphischen Benutzeroberfläche 7 ausgestattet, die von einem Administrator 8 bedient werden kann.The access control center 1 is equipped with a graphical user interface 7 that can be operated by an administrator 8 .

Die Zutrittskontrollzentrale 1 ist mit einer Aktualisierungseinrichtung 2 verbunden, welche eine Schreib-/Leseeinheit zum Schreiben von Daten auf Identmedien und zum Lesen von Daten von Identmedien aufweist. Die Aktualisierungseinrichtung kann hierbei örtlich getrennt von der Zutrittskontrollzentrale angeordnet sein und über eine herkömmliche kabelgebundene oder drahtlose Computernetzwerkverbindung, über eine serielle Schnittstelle oder über eine andere herkömmliche Datenverbindung mit der Zutrittskontrollzentrale verbunden sein.The access control center 1 is connected to an update device 2, which has a read/write unit for writing data to identification media and for reading data from identification media. In this case, the updating device can be arranged locally separately from the access control center and via a conventional wired or wireless computer network connection, via a serial interface or be connected to the access control center via another conventional data connection.

Die Schließanlage umfasst weiters eine Mehrzahl von Zutrittskontrollvorrichtungen. Zutrittskontrollvorrichtungen, die über keine direkte Kommunikationsverbindung mit der Zutrittskontrollzentrale 1 verfügen, sind mit 3 und 4 bezeichnet. Zutrittskontrollvorrichtungen, die über eine Kommunikationsverbindung mit der Zutrittskontrollzentrale 1 verfügen, sind mit 5 bezeichnet. Im Umlauf befindliche Identmedien sind mit 6 bezeichnet. Weiters ist eine tragbare Programmiervorrichtung 9 vorgesehen, die von der Zutrittskontrollzentrale 1 mit zu übertragenden Daten bespielt werden kann und mit welcher Zutrittskontrollvorrichtungen des Typs 3 und 4 vor Ort programmiert werden können.The locking system also includes a plurality of access control devices. Access control devices that do not have a direct communication link with the access control center 1 are denoted by 3 and 4 . Access control devices that have a communication link with the access control center 1 are denoted by 5 . Identification media in circulation are denoted by 6. Furthermore, a portable programming device 9 is provided, which can be recorded from the access control center 1 with data to be transmitted and with which access control devices of types 3 and 4 can be programmed on site.

Wenn die Identmedien 6 in Kommunikationsverbindung mit der Aktualisierungseinrichtung 2 treten, d.h. kontaktbehaftet oder drahtlos mit der Schreib-/Leseeinheit der Aktualisierungseinrichtung 2 verbunden werden, wird ein Identifikationscode des jeweiligen Identmediums 6 ausgelesen, mit dem das Identmedium eindeutig identifiziert werden kann. Der Identifikationscode wird mit einem entsprechenden Eintrag in der Datenbank der Zutrittskontrollzentrale 1 abgeglichen und es werden die diesem Identmedium zugewiesenen Berechtigungsinformationen aus der Datenbank abgerufen und in den elektronischen Speicher des Identmediums 6 geschrieben. Weiters wird die globale schwarze Liste von der Datenbank abgerufen und in den elektronischen Speicher des Identmediums 6 geschrieben. Sollte das Identmedium bereits eine Vorversion der schwarzen Liste gespeichert haben, wird diese durch die aktuelle Version der schwarzen Liste überschrieben oder es werden lediglich die der Aktualisierung entsprechenden Differenzdaten überspielt.When the identification media 6 communicate with the update device 2, ie are connected to the read/write unit of the update device 2 by contact or wirelessly, an identification code of the respective identification medium 6 is read out, with which the identification medium can be uniquely identified. The identification code is compared with a corresponding entry in the database of the access control center 1 and the authorization information assigned to this identification medium is retrieved from the database and written to the electronic memory of the identification medium 6 . Furthermore, the global black list is retrieved from the database and written to the electronic memory of the identification medium 6. If the identification medium has already saved a previous version of the black list, this will be overwritten by the current version of the black list or only the difference data corresponding to the update will be overwritten.

Die Berechtigungsinformationen erlauben es dem Identmedium 6 eine Zutrittskontrollvorrichtung 3,4,5, für welche eine Schließberechtigung vorhanden ist, zu sperren. Im Zuge der bei der Überprüfung der Berechtigung zwischen dem Identmedium 6 und der Zutrittskontrollvorrichtung 3,4,5 stattfindenden Datenkommunikation werden Zustandsdaten der Zutrittskontrollvorrichtung gemeinsam mit einer Identifikation der Zutrittskontrollvorrichtung in einer einander zugeordneten Weise in den Speicher des Identmediums 6 geschrieben. Die Zustandsdaten umfassen hierbei Informationen über die Restkapazität des Energiespeichers der Zutrittskontrollvorrichtung (entweder die tatsächliche Restkapazität oder lediglich eine Information, dass ein unterer Grenzwert der Restkapazität erreicht oder unterschritten ist), Informationen über Zutrittsereignisse und ggf. Informationen über die Versionsnummer der in der Zutrittskontrollvorrichtung gespeicherten schwarzen Liste. Gegebenenfalls erfolgt im Zuge der Datenkommunikation eine Aktualisierung der schwarzen Liste.The authorization information allows the identification medium 6 to block an access control device 3,4,5 for which there is locking authorization. In the course of the data communication taking place when checking the authorization between the identification medium 6 and the access control device 3,4,5, status data of the access control device are written together with an identification of the access control device in a mutually associated manner in the memory of the identification medium 6. The status data include information about the remaining capacity of the energy store of the access control device (either the actual remaining capacity or just information that the remaining capacity has reached or fallen below a lower limit value), information about access events and, if necessary, information about the version number of the black data stored in the access control device List. If necessary, the black list is updated in the course of data communication.

Sobald das betreffende Identmedium 6 wieder in Datenkommunikation mit der Aktualisierungseinrichtung 2 tritt, werden alle zwischenzeitlich auf dem Identmedium gespeicherten Zustandsdaten gemeinsam mit der jeweils zugeordneten Identifikationsnummer der Zutrittskontrollvorrichtungen ausgelesen und in der Folge in die Datenbank überspielt. Dort findet anhand der Identifikationsnummern der Zutrittskontrollvorrichtungen ein Abgleich mit den in der Datenbank angelegten Zutrittskontrollvorrichtungen statt und die jeweiligen Zustandsdaten werden den in der Datenbank angelegten Zutrittskontrollvorrichtungen zugewiesen. Auf diese Weise erhält die Datenbank laufend Zustandsdaten jener Zutrittskontrollvorrichtungen, die im betreffenden Zeitraum verwendet wurden.As soon as the identification medium 6 in question resumes data communication with the updating device 2, all status data stored in the meantime on the identification medium are read out together with the respectively assigned identification number of the access control devices and subsequently transferred to the database. There, based on the identification numbers of the access control devices, a comparison is made with the access control devices stored in the database and the respective status data are assigned to the access control devices stored in the database. In this way, the database continuously receives status data for those access control devices that were used in the relevant period.

Zustandsdaten der direkt verbundenen Zutrittskontrollvorrichtungen 5 werden mittels direkter Datenverbindung an die Datenbank übermittelt.Status data of the directly connected access control devices 5 are transmitted to the database by means of a direct data connection.

Sollten Zustandsdaten bestimmter Zutrittskontrollvorrichtungen des Typs 3 oder 4 bei Bedarf nicht vorhanden sein, muss der Administrator 1 die Zustandsdaten mittels der tragbaren Programmiereinrichtung 9 vor Ort aus diesen Zutrittskontrollvorrichtungen 3,4 auslesen.If status data of certain access control devices of type 3 or 4 are not available when required, the administrator 1 must read out the status data from these access control devices 3, 4 using the portable programming device 9 on site.

Die Datenbank erlaubt nun eine Reihe verschiedener Auswertungen, die über die Benutzeroberfläche 7 vorgenommen werden können. Fig. 1 zeigt eine Auswertung, bei der die in Bezug auf alle Zutrittskontrollvorrichtungen gespeicherten Zustandsdaten dahingehend überprüft werden, ob die schwarze Liste der aktuellen schwarzen Liste entspricht. Dies wird beispielsweise so durchgeführt, dass überprüft wird, ob die in den Zustandsdaten enthaltene Versionsnummer der schwarzen Liste der Versionsnummer der aktuellen schwarzen Liste entspricht. Diejenigen Zutrittskontrollvorrichtungen, bei denen die genannte Überprüfung ergibt, dass sie noch nicht über die aktuelle schwarze Liste verfügen, werden auf der Benutzeroberfläche 7, d.h. auf dem der Zutrittskontrollzentrale 1 zugeordneten Bildschirm mit einem entsprechenden Hinweis, insbesondere einem Rufzeichen, und ihrer Kennung angezeigt, wie mit 10 angedeutet. Diese Zutrittskontrollvorrichtungen gelten somit als unsicher und der Administrator kann nun im Bedarfsfall mit Hilfe des Programmiergeräts 9 die schwarze Liste vor Ort aktualisieren.The database now allows a number of different evaluations that can be carried out via the user interface 7 . 1 shows an evaluation in which the status data stored in relation to all access control devices is checked to determine whether the black list corresponds to the current black list. This is done, for example, by checking whether the black list version number contained in the status data corresponds to the current black list version number. Those access control devices for which the above check shows that they do not yet have the current black list are displayed on the user interface 7, ie on the screen assigned to the access control center 1, with a corresponding note, in particular a call sign, and their identifier, such as indicated with 10. These access control devices are therefore considered unsafe and the administrator can now use the programming device 9 to update the black list on site if necessary.

In Fig. 2 ist eine Auswertung wie in Fig. 1 dargestellt, bei der die Auswertung jedoch Identmedien-individuell vorgenommen wird. Auf der Benutzeroberfläche wird ein Identmedium 6' ausgewählt und eine Abfrage gestartet, ob hinsichtlich dieses Identmediums eine oder mehrere Zutrittskontrollvorrichtungen 3,4, unsicher sind. Es wird zunächst geprüft, ob und ggf. für welche Zutrittskontrollvorrichtungen 3,4, für welche das Identmedium 6' berechtigt war, die Zutrittsberechtigung entzogen wurde und mit welcher Aktualisierung der schwarzen Liste dies erfolgt ist. Danach wird anhand der in der Datenbank gespeicherten Zustandsdaten geprüft, ob diese Zutrittskontrollvorrichtungen 3,4, bereits über die entsprechende Version der schwarzen Liste verfügen. Diejenigen Zutrittskontrollvorrichtungen 3,4, bei welchen dies nicht der Fall ist, gelten als unsicher und es wird dies auf der Benutzeroberfläche 7, d.h. auf dem der Zutrittskontrollzentrale 1 zugeordneten Bildschirm mit einem entsprechenden Hinweis, insbesondere einem Rufzeichen, angezeigt, wie mit 10 angedeutet. Der Administrator kann wiederum im Bedarfsfall mit Hilfe des Programmiergeräts 9 die schwarze Liste dieser Zutrittskontrollvorrichtungen 3,4 vor Ort aktualisieren.In 2 is an evaluation as in 1 shown, in which the evaluation is carried out individually for identification media. An identification medium 6' is selected on the user interface and a query is started as to whether this identification medium is one or more access control devices 3.4 are unsafe. It is first checked whether and, if so, for which access control devices 3,4 for which the identification medium 6' was authorized, the access authorization was revoked and with which update of the black list this was done. Then, based on the status data stored in the database, it is checked whether these access control devices 3.4 already have the corresponding version of the black list. Those access control devices 3, 4 for which this is not the case are considered insecure and this is indicated on the user interface 7, ie on the screen assigned to the access control center 1, with a corresponding note, in particular a call sign, as indicated by 10. If necessary, the administrator can in turn update the black list of these access control devices 3.4 on site using the programming device 9 .

In Fig. 3 geht von einer Auswertung gemäß Fig. 2 aus und fügt einen weiteren Auswertungsschritt hinzu. Sobald festgestellt wurde, welche Zutrittskontrollvorrichtungen 3,4 hinsichtlich eines Identmediums 6' bzw. 6" als unsicher gelten, wird anhand der Zustandsdaten überprüft, ob das betreffende Identmedium 6' bzw. 6" einen Zutrittsvorgang durchgeführt hat, nachdem es zur schwarzen Liste hinzugefügt wurde. Zu diesem Zweck werden die in den Zustandsdaten enthaltenen Schließereignisse der betroffenen Zutrittskontrollvorrichtungen überprüft und es werden auf der Benutzeroberfläche 7 diejenigen Türen 10 angezeigt, bei denen ein unberechtigter Zutritt erfolgt ist.In 3 proceeds from an evaluation 2 and adds another evaluation step. As soon as it has been determined which access control devices 3,4 are considered unsafe with regard to an identification medium 6' or 6", the status data is used to check whether the identification medium 6' or 6" in question has carried out an access process after it has been added to the black list . For this purpose, the locking events of the affected access control devices contained in the status data are checked and the doors 10 where unauthorized access has taken place are displayed on the user interface 7 .

Claims (16)

  1. Method for managing access authorizations in a locking system comprising a plurality of access control devices, an access control center designed as an electronic computing unit, and a plurality of electronic identification media,
    - wherein a central database is maintained in the access control center in which details of the identification media and authorization information assigned thereto are stored,
    - wherein the database also contains a blacklist of identification media that have had authorizations revoked,
    - wherein identification media are programmed with the respective assigned authorization information and the authorization information is queried in the course of an access request by means of electronic data communication between the access control device and the identification medium,
    - wherein the access control devices are programmed with the black list,
    - wherein the programming of the access control devices comprises the transfer of the black list from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device,
    - wherein the central database further stores status data of the access control devices, the status data including information about the remaining capacity of an energy storage of the access control device, information about the stored blacklist and/or access events,
    - wherein the status data is transferred from the access control device to the identification medium or to a separate programming device, if necessary in the course of an access authorization query, and is subsequently written to the central database by reading out the identification medium or the programming device, respectively,
    - wherein a unique version number is assigned to the blacklist stored in the central database, wherein a new version number is assigned to the blacklist when it is updated, and that the access control devices are programmed with the most current blacklist together with the assigned version number, characterized in that
    - the status data comprises information about the version number of the black list stored in the access control device and an evaluation of the version numbers of the black list contained in the status data is performed in the access control center,
    - wherein programming the access control devices with the most current black list comprises forming difference data representing the update, to which the version number corresponding to the update is assigned, and in that the access control devices are programmed only with the difference data and the assigned version number.
  2. Method according to claim 1, characterized in that the evaluation comprises a comparison of the version numbers contained in the status data with the version number of the most current black list, wherein on a graphical user interface of the access control center an indication of an access control device considered to be insecure is displayed if the version number contained in the status data of this access control device does not correspond to the most current version number and, preferably, an identification medium exists which is contained in the most current black list and has an authorization for this access control device.
  3. Method according to claim 1 or 2, characterized in that the evaluation comprises:
    - selecting an identification medium that is included in the most recent black list,
    - evaluating the authorization information to determine for which access control devices the authorization has been revoked,
    - comparing the version numbers contained in the state data of the access control devices detected with the version number of the most recent black list, whereby an indication of an access control device considered insecure is displayed on a graphical user interface of the access control center if the version number contained in the status data of this access control device does not correspond to the most recent version number.
  4. A method according to claim 2 or 3, characterized in that the evaluation further comprises with respect to an access control device considered insecure: determining whether the status data of this access control device includes an access event whose time is after the withdrawal of an authorization for this access control device.
  5. Method according to any one of claims 1 to 4, characterized in that the remaining capacity of the energy storage in the access control device is monitored and in that the status data is supplemented or updated accordingly when the remaining capacity falls below a predetermined limit value.
  6. Method according to claim 5, characterized in that when the remaining capacity falls below a predetermined limit value, a permanent opening state of the access control device is terminated and/or prevented.
  7. Method according to any one of claims 1 to 6, characterized in that a time stamp is assigned to each of the status information.
  8. Method according to any one of the claims 1 to 7, characterized in that operating states of the access control devices are further managed and stored in the database, wherein the access control devices are programmed with control signals for operating states to be updated, wherein the programming of the access control devices comprises the transmission of the control signals from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device.
  9. A locking system, in particular for carrying out the method according to any one of claims 1 to 8, comprising a plurality of access control devices, an access control center designed as an electronic computing unit, and a plurality of electronic identification media,
    - wherein the access control center comprises an electronic memory structured as a central database in which information about the identification media and authorization information assigned thereto is stored,
    - the database also contains a blacklist of identification media that have had authorizations revoked,
    - wherein the access control center cooperates with at least one read/write unit to program identification media with the respective assigned authorization information,
    - wherein the access control devices have read/write units to retrieve authorization information by means of electronic data communication between the access control device and the identification medium,
    - wherein the access control center is designed and configured to program the access control devices with the black list by transferring the blacklist from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device,
    - wherein the central database further stores status data of the access control devices, the status data including information about the remaining capacity of an energy storage of the access control device, information about the stored blacklist and/or access events,
    - wherein the access control devices are designed and configured to transfer the status data, if necessary in the course of a query of the access authorization, from the access control device to the identification medium or to a separate programming device, and the access control center cooperates with the read/write unit to read the status data from the identification medium or from the programming device, respectively, and to write it to the central database,
    - wherein a unique version number is assigned to the blacklist stored in the central database, wherein a new version number is assigned to the blacklist when it is updated, and in that the access control center is configured to program the access control devices with the most current blacklist together with the assigned version number, characterized in that
    - the status data comprises information on the version number of the black list stored in the access control device, and the access control center comprises an evaluation circuit for evaluating the version numbers of the black list contained in the status data,
    - wherein programming the access control devices with the most current black list comprises forming difference data representing the update, to which the version number corresponding to the update is assigned, and in that the access control devices are programmed only with the difference data and the assigned version number.
  10. Locking system according to claim 9, characterized in that the evaluation comprises a comparison of the version numbers contained in the status data with the version number of the most current black list, wherein on a graphical user interface of the access control center an indication of an access control device considered to be insecure is displayed if the version number contained in the status data of this access control device does not correspond to the most current version number and, preferably, an identification medium exists which is contained in the most current black list and has an authorization for this access control device.
  11. Locking system according to claim 9 or 10, characterized in that the evaluation comprises:
    - selecting an identification medium that is included in the most recent black list,
    - evaluating the authorization information to determine for which access control devices the authorization has been revoked,
    - comparing the version numbers contained in the state data of the access control devices detected with the version number of the most recent black list, whereby an indication of an access control device considered insecure is displayed on a graphical user interface of the access control center if the version number contained in the status data of this access control device does not correspond to the most recent version number.
  12. Locking system according to claim 10 or 11, characterized in that the evaluation further comprises with respect to an access control device considered insecure: determining whether the status data of this access control device includes an access event whose time is after the withdrawal of an authorization for this access control device.
  13. Locking system according to any one of claims 9 to 12, characterized in that the access control devices comprise means for monitoring the remaining capacity of the energy storage devices and for updating or supplementing the status data when the remaining capacity falls below a predetermined limit value.
  14. Locking system according to claim 13, characterized in that the access control devices comprise a control circuit for terminating and/or preventing a permanent opening state of the access control device when the remaining capacity falls below a predetermined limit value.
  15. Locking system according to any one of claims 9 to 14, characterized in that the access control devices are configured to assign a time stamp in each case to the status information.
  16. Locking system according to any one of the claims 9 to 15, characterized in that operating states of the access control devices are further managed and stored in the database, the access control center being configured to program the access control devices with control signals for operating states to be updated, the programming of the access control devices comprising the transmission of the control signals from the access control center to at least one identification medium and, in the course of an access request, from the identification medium to the access control device.
EP15450030.0A 2014-09-19 2015-08-20 Method and device for managing access rights Active EP3009992B1 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
ATA712/2014A AT516288B1 (en) 2014-09-19 2014-09-19 Method and device for managing access authorizations

Publications (2)

Publication Number Publication Date
EP3009992A1 EP3009992A1 (en) 2016-04-20
EP3009992B1 true EP3009992B1 (en) 2022-06-01

Family

ID=54035184

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15450030.0A Active EP3009992B1 (en) 2014-09-19 2015-08-20 Method and device for managing access rights

Country Status (3)

Country Link
EP (1) EP3009992B1 (en)
AT (1) AT516288B1 (en)
ES (1) ES2922950T3 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA3040171A1 (en) 2016-10-19 2018-04-26 Dormakaba Usa Inc. Electro-mechanical lock core
ES2927419T3 (en) 2017-09-08 2022-11-07 Dormakaba Usa Inc Electromechanical lock cylinder
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
CN112752891B (en) 2018-04-13 2022-08-05 多玛卡巴美国公司 Electromechanical lock core

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140051407A1 (en) * 2012-08-16 2014-02-20 Schlage Lock Company Llc Cloud and smartphone communication system and method

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6822553B1 (en) * 1985-10-16 2004-11-23 Ge Interlogix, Inc. Secure entry system with radio reprogramming
US7346331B2 (en) * 2001-09-30 2008-03-18 Harrow Products, Llc Power management for locking system
US20040160305A1 (en) * 2003-02-18 2004-08-19 Michael Remenih Electronic access control system
ES2253971B1 (en) * 2004-02-05 2007-07-16 Salto Systems, S.L. ACCESS CONTROL SYSTEM.
WO2007033388A2 (en) * 2005-09-16 2007-03-22 Integra-Set (Pty) Ltd System and method for utility access control
AT506344B1 (en) * 2008-01-30 2015-06-15 Evva Sicherheitstechnologie METHOD AND DEVICE FOR CONTROLLING THE ACCESS CONTROL
SE534135C2 (en) * 2009-09-17 2011-05-10 Phoniro Ab Distribution of lock access data for electromechanical locks in an access control system
AT512075A1 (en) * 2011-10-18 2013-05-15 Evva Sicherheitstechnologie METHOD OF ACCESS CONTROL
AT512419A1 (en) * 2012-01-31 2013-08-15 Evva Sicherheitstechnologie METHOD AND APPARATUS FOR ACCESS CONTROL

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140051407A1 (en) * 2012-08-16 2014-02-20 Schlage Lock Company Llc Cloud and smartphone communication system and method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "Data differencing - Wikipedia", 4 November 2013 (2013-11-04), pages 1 - 3, XP055419821, Retrieved from the Internet <URL:https://en.wikipedia.org/w/index.php?title=Data_differencing&oldid=580092643> [retrieved on 20171027] *
ANONYMOUS: "Delta update - Wikipedia", 3 October 2013 (2013-10-03), XP055688701, Retrieved from the Internet <URL:https://en.wikipedia.org/w/index.php?title=Delta_update&oldid=575598681> [retrieved on 20200423] *
ANONYMOUS: "diff - Wikipedia", 26 August 2014 (2014-08-26), XP055688698, Retrieved from the Internet <URL:https://en.wikipedia.org/w/index.php?title=Diff&oldid=622929855> [retrieved on 20200423] *

Also Published As

Publication number Publication date
AT516288A1 (en) 2016-04-15
AT516288B1 (en) 2024-09-15
EP3009992A1 (en) 2016-04-20
ES2922950T3 (en) 2022-09-21

Similar Documents

Publication Publication Date Title
EP2898483B1 (en) Method and system for the configuration of small locking systems
EP3103057B1 (en) Method for accessing a physically secured rack and computer network infrastructure
EP2595341B1 (en) User rights management and access control system with time limitation
EP3009992B1 (en) Method and device for managing access rights
WO2009094683A1 (en) Method and device for regulating access control
EP3649625B1 (en) Method for delegating access rights
WO2008095866A2 (en) Method for authorizing the access to at least one automation component of a technical system
DE102014219502A1 (en) System and method for limited access to a vehicle
EP1321901B1 (en) Method for controlling access rights to an object
EP2584539B1 (en) Method for configuring an electromechanical lock
DE102015118627A1 (en) code lock
WO2016041843A1 (en) Method and arrangement for authorising an action on a self-service system
EP3254432B1 (en) Method for authorization management in an arrangement having multiple computer systems
DE102016210139A1 (en) Method for setting an identification feature, vehicle, operating method for a safety system and safety system
EP1828993A1 (en) Access control system with a number of closing devices
EP1821262A2 (en) System for checking the authorisation of persons to carry out activities requiring authorisation
DE102016117981B4 (en) Device and method for evaluating access information
DE102015109789A1 (en) Access control system for access control to an area and method for putting into operation an access control system for access control to an area
DE102011004849A1 (en) System for granting and/or withdrawing access rights for user to closing system i.e. passage, of commercial building, has central unit transmitting access rights for closing system to control unit over wireless connection using instructions
EP3489914A1 (en) Access control method and access control system
WO2017089052A1 (en) Protection apparatus, safety system and protection method
EP1529257A2 (en) Accepting a set of data in a computer unit
EP4050545A1 (en) Method for the installation of multiple door components
WO2022180088A1 (en) Method for installing a plurality of door components
DE102013003060B4 (en) Method and device for managing locking authorizations for electronic locking units in buildings

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

17P Request for examination filed

Effective date: 20161019

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180406

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20220222

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 1495920

Country of ref document: AT

Kind code of ref document: T

Effective date: 20220615

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: LANGUAGE OF EP DOCUMENT: GERMAN

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 502015015873

Country of ref document: DE

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 8

REG Reference to a national code

Ref country code: SE

Ref legal event code: TRGR

REG Reference to a national code

Ref country code: NL

Ref legal event code: FP

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2922950

Country of ref document: ES

Kind code of ref document: T3

Effective date: 20220921

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG9D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220901

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220902

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220901

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20221003

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20221001

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 502015015873

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20220820

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20220831

26N No opposition filed

Effective date: 20230302

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230510

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20220820

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20220831

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20230826

Year of fee payment: 9

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20230828

Year of fee payment: 9

Ref country code: ES

Payment date: 20230901

Year of fee payment: 9

Ref country code: CH

Payment date: 20230903

Year of fee payment: 9

Ref country code: AT

Payment date: 20230629

Year of fee payment: 9

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: SE

Payment date: 20230827

Year of fee payment: 9

Ref country code: FR

Payment date: 20230825

Year of fee payment: 9

Ref country code: DE

Payment date: 20230829

Year of fee payment: 9

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20150820

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20220601