EP3489914A1 - Procédé de contrôle d'entrée et système de contrôle d'entrée - Google Patents

Procédé de contrôle d'entrée et système de contrôle d'entrée Download PDF

Info

Publication number
EP3489914A1
EP3489914A1 EP17203908.3A EP17203908A EP3489914A1 EP 3489914 A1 EP3489914 A1 EP 3489914A1 EP 17203908 A EP17203908 A EP 17203908A EP 3489914 A1 EP3489914 A1 EP 3489914A1
Authority
EP
European Patent Office
Prior art keywords
access control
rule
access
mobile device
control device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP17203908.3A
Other languages
German (de)
English (en)
Inventor
Martin Wolf
Alexander FANARJI
Andreas Schmidt
Adriano RAIANO
Tom MEIER
Phillip Bormuth
Fabien GRAF
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dormakaba Schweiz AG
Dormakaba EAD GmbH
Original Assignee
Dormakaba Schweiz AG
Dormakaba EAD GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dormakaba Schweiz AG, Dormakaba EAD GmbH filed Critical Dormakaba Schweiz AG
Priority to EP17203908.3A priority Critical patent/EP3489914A1/fr
Publication of EP3489914A1 publication Critical patent/EP3489914A1/fr
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00904Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for hotels, motels, office buildings or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • G07C2009/00825Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed remotely by lines or wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/08With time considerations, e.g. temporary activation, valid time window or time limitations
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit

Definitions

  • the invention relates to a method, in particular access control method, for granting access to a physical area according to claim 1.
  • the invention also relates to an access control system according to independent claim 14. Also, a computer program product for a mobile device of the access control system according to the invention is protected.
  • Access control methods for granting access to a physical area are, for example, the WO2006 / 098690 A1 known.
  • an access control device is transmitted an access code.
  • the access control device has a tabular database to perform an access check. If the result of the access check is positive, the access control device grants access. Is z. For example, if access is permitted for the corresponding access code in the tabular database within a certain time range, then the access control device grants access to the physical area.
  • the method serves to grant access to a physical area.
  • the method according to the invention is carried out at least by an access control device that can be assigned to the physical area and by a mobile device.
  • the mobile device includes at least a first rule for granting access.
  • the method includes the step of checking the first rule in the mobile device.
  • the access check is partly independent of information present in the access control device, in particular of data stored in the access control device.
  • the access check is possible to reduce the amount of data in the access control device.
  • the method is in particular an access control procedure.
  • the access control process takes place to give a user access to the physical area.
  • the physical area is locked at the beginning of the access control process.
  • Access to the physical area is denied at the beginning of the access control process.
  • Checking whether access may be granted is an essential part of the access control procedure. For this purpose, at least the first rule is checked.
  • the access control process is performed at least by means of the access control device and the mobile device, in particular when the mobile device is in the vicinity of the access control device.
  • the access control procedure may in particular end with the granting of access or the termination of the granting of access.
  • the access control procedure may end with the granting of access or the termination of the grant of access if the entry requirements are met. If an entry requirement is not fulfilled, the access control procedure may end earlier, but access is denied.
  • the access control method preferably includes at least one step to be performed by the user.
  • the user must make an entry on the mobile device. It may be that the input is formed as the first step or part of the first step of the access control process.
  • the transmission and / or the execution of instructions on how to grant access should be part of the access control procedure.
  • a rule is used to give access to the physical area.
  • a rule is used to control access.
  • a rule can define an access requirement.
  • an admission profile may include at least one rule.
  • a "check on a rule” means that it is checked whether or not the access requirement defined in the rule is fulfilled.
  • the physical area is preferably blocked by a barrier.
  • the barrier can be designed as a door, in particular as a building door, as a lid, as a flap, as a turnstile or as a barrier.
  • the door can z. B. be designed as a revolving door, a sliding door or as a revolving door.
  • the physical area is fixed.
  • the physical area can be designed as a room or as a box.
  • the physical area may be a space locked by a door.
  • the physical area may be defined as an obstructed box, in particular a postbox, a locker, an outdoor area or a restricted area by a barrier, e.g. B. parking area, be formed.
  • the mobile device is intended to be carried by a user who wishes to have access to the physical area.
  • the mobile device comprises a processor with which the mobile device can check the first rule.
  • the mobile device in particular comprises a memory.
  • the mobile device comprises a connection to a mobile communication network.
  • the mobile communication network can be designed as a telecommunications network.
  • the mobile device is particularly preferred as a mobile phone educated.
  • the mobile phone is designed as a smartphone.
  • the mobile device may in particular comprise a display. Particularly preferably, the user can enter arrangements via the display.
  • the mobile device and the access control device can communicate with each other wirelessly.
  • a short-range communication such as Bluetooth, in particular Bluetooth Low Energy (BLE), RFID or NFC is used.
  • the mobile device comprises a first transmitting and receiving device for the telecommunications network.
  • the mobile device comprises a second transceiver for short-range communication.
  • the access control device comprises a transmitting and receiving unit for short-range communication.
  • the access control device is associated with the physical area.
  • a user will associate the access control device with the physical area.
  • the access control device serves as a particular permanently installed guard to the physical area.
  • the access control device is preferably provided for placement near the physical area.
  • the access control device may comprise an electromechanical device, e.g. Example, an electric motor or a solenoid, or an electromagnetic device, by means of which the user can gain access to the physical area.
  • the access control device may comprise a handle which is operatively connectable by means of the electromechanical device with a lock.
  • the access control device by means of the electromechanical device, a locking element, in particular a latch and / or a trap operated.
  • the access control device by means of the electromechanical or electromagnetic device, an opening of the barrier, in particular the door, the turnstile or the barrier, allow.
  • the access control device may in particular be designed as an electromechanical fitting, as an electromechanical lock cylinder, as an electromechanical door opener or as a motor lock.
  • the access control device may comprise an electric motor for moving the barrier, in particular the door, the turnstile or the barrier.
  • the access control device can be designed in several parts.
  • the access control device may comprise a reader. The reader can preferably communicate with the electromechanical or electromagnetic device, in particular with the electromechanical fitting, the electromechanical lock cylinder, the electromechanical door opener, the electric motor, the electromagnet or the motor lock, wireless or wired.
  • the access control device comprises in particular a processor for carrying out the method according to the invention.
  • the access control device comprises in particular a memory.
  • the mobile device comprises access information for the access control device.
  • the access information is preferably specific to the access control device. Ie. In particular, the access information contains only information intended to grant access to the physical area guarded by the specific access control device.
  • the access information may be associated with the access control device. If the user may be granted access to a plurality of physical areas guarded by different access control devices through the mobile device, the mobile device preferably includes a plurality of access information. In particular, access information can be provided and stored in the mobile device for each of the access control devices.
  • the method is terminated if the mobile device does not transmit the access information at least partially to the access control device during the procedure.
  • a transmission of at least part of the access information from the mobile device to the access control device may be a prerequisite for granting the access.
  • the access information may include an encrypted portion that is undecipherable by the mobile device.
  • the access information may include a readable portion that is unencrypted or decryptable by the mobile device.
  • the encrypted portion may be intended to be communicated to the access control device during the procedure, particularly during the access control procedure.
  • the transmission of the encrypted portion from the mobile device to the access control device may be a prerequisite for granting the access.
  • the readable portion may include the first rule or data for the first rule.
  • the first rule may have been transmitted to the mobile device in a different way.
  • the first rule can be transmitted from the access management device to the mobile device.
  • the readable portion may include information that may be displayed to the user on the mobile device.
  • the access information is preferably provided to the mobile device by an access management device.
  • the access management device may deposit the access information in a cloud, for example.
  • the mobile Device can receive the access information wirelessly, in particular via the mobile communication network.
  • the mobile device may e.g. B. access the access information wirelessly, in particular via the mobile communication network, from the cloud.
  • the access information loses its validity after a predetermined time. If the access information has lost its validity, the mobile device must retrieve the access information again in order to grant access.
  • the access information may include an access authorization code, in particular access control device identifier, and / or at least one access attribute.
  • the access attribute may correspond to a rule, data for a rule, an instruction and / or data for an instruction.
  • the displayable information can be displayed in particular on a display of the mobile device.
  • the displayable information can be z. B. be information about the physical area and / or the barrier.
  • the information about the physical area and / or about the barrier may e.g. For example, include the name of the physical area, an image of the physical area, and / or an image of the barrier, a state of the physical area, and / or the barrier.
  • the displayable information may additionally or alternatively comprise an indication of the state of the method and / or an indication of the checking rule.
  • the encrypted portion is transmitted to the access control device, in particular during the current access control procedure.
  • the encrypted portion is always transmitted to the access control device during the current access control procedure.
  • the mobile device can select the corresponding access information based on the access control device identifier. If several access control devices are in question, the access control devices or references to the access control devices in question may be able to be displayed on the mobile device so that a user can select the corresponding access control device and / or the corresponding access information.
  • the access control device has knowledge of a second rule or of data for a second rule or during the execution of the method obtained.
  • the method in particular the access control method, may comprise the step of checking the second rule in the access control device.
  • the second rule is to give access to the physical area.
  • the second rule defines an admission requirement.
  • a review of the second rule states that it is checked whether or not the access requirement defined in the rule is fulfilled.
  • the checking of the rule (s) to be checked in the mobile device can take place before or after checking the rule (s) to be checked in the access control device.
  • the rule (s) to be checked in the access control device are / is first checked before the rule (s) to be checked in the mobile device are checked.
  • the access control device sends a message to the mobile device after checking at least one second rule, whereupon the mobile device checks the first rule.
  • the mobile device comprises the second rule or data for checking the second rule and the mobile device of the access control device transmits the second rule or the data for checking the second rule during the method.
  • the data for checking the second rule will be referred to as data for the second rule in the following.
  • the data for a rule may, in particular, be provided instead of the complete rule. If data is transmitted for the second rule, then the second rule can be stored in the access control device. In this case, the second rule can be completed by means of the data transmitted by the mobile device.
  • the access control device can use the data for the rule to check the associated rule.
  • the rule may state that access is granted only in a certain period of time.
  • the access information can z.
  • the access information can z.
  • An algorithm stored in the access control device can complete the rule by means of the time domain and check the rule.
  • the rule may state that access is granted only when comparing a comparison value with positive check value.
  • the access information may include the comparison value as data for the rule.
  • An algorithm stored in the access control device can use the comparison value to check the rule by the access control device comparing the comparison value with the verification value.
  • the second rule or the data for the second rule are transmitted in particular encrypted to the access control device. This allows the second rule to be checked by the access control device in an updated form.
  • the access information, in particular the encrypted portion, the second rule or the data for the second rule include.
  • the access control device uses the second rule transmitted by the mobile device or the data for the second rule only during the current access control process for obtaining an access authorization to a physical area.
  • the access control device uses the second rule transmitted by the mobile device or the data for the second rule only during the current access control process for obtaining an access authorization to a physical area.
  • the second rule or the data for the second rule transmitted by the mobile device are preferably always used for the current access control method.
  • the access control device preferably performs the comparison of the comparison value with the check value.
  • the positive result of the comparison of the comparison value with the verification value may be a prerequisite for granting access.
  • the comparison of the comparison value with the check value thus corresponds to a second rule, which is checked in the access control device.
  • the comparison serves to identify the mobile device as being in principle authorized for the access control device.
  • the comparison value and / or the check value can be embodied as a code, in particular as a hash value or as an electronic signature. The comparison value and / or the check value can thus correspond to data for the second rule.
  • At least the verification value is transmitted from the mobile device to the access control device during the procedure, in particular during the access control procedure.
  • the mobile device contains the verification value.
  • the check value is particularly provided to the mobile device by the access management device.
  • the check value can be z. B. in the be readable share.
  • the check value z. B. be provided by the access management device of the mobile device in addition to the access information.
  • the verification value can be encrypted.
  • the check value is preferably always transmitted from the mobile device to the access control device.
  • the mobile device particularly preferably transmits the comparison value to the access control device during the method, in particular during the access control procedure.
  • the comparison value can be encrypted.
  • the comparison value can be encrypted in such a way that the comparison value can not be decrypted by the mobile device.
  • the encrypted portion may include the comparison value.
  • the comparison value is always transmitted during the method before a comparison of the comparison value with the check value takes place, so that the access control device always uses the transmitted comparison value only in the current access control method.
  • the use of a current comparison value is always ensured, in particular without having to carry out extensive updates in quick succession to the access control device.
  • a positive result of the comparison of the comparison value with the verification value may be a prerequisite for checking the first rule in the mobile device.
  • the comparison value is preferably compared with the verification value, and only if the result is positive is the first rule subsequently checked.
  • the first and / or second rule may conform to the following rule or include the following rule: Access is granted only after a positive result of the comparison of the comparison value with the verification value (rule a.). Preferably, rule a. always checked as a second rule in the access control device. By rule a. the mobile device is identified as authorized in principle.
  • the first and / or the second rule may conform to the following rule or include the following rule: Access is granted only in a specific time period (rule b.).
  • the time range may include times, days of the week, days off and working days, months and / or years.
  • the time domain may be transmitted in encrypted form from the mobile device to the access control device during the access control process.
  • the encrypted portion may include the time range. Will always be the Time range in the current access control method transmitted, so eliminates the need to save the time range in the access control device.
  • the first and / or the second rule may conform to the following rule or include the following rule: Access is granted only if there is a positive result of further authentication, in particular by means of a code or biometric recognition (rule c.).
  • the access control device preferably performs the further authentication.
  • a control value is compared with a code or a biometric identifier.
  • the code and / or the biometric recognition may be input to the mobile device and transmitted to the access control device.
  • the comparison of the code and / or the biometric recognition with the control value preferably takes place in the access control device. In a positive comparison, the further authentication is available.
  • the authentication control value may be received in encrypted form by the access control device during the access control process from the mobile device.
  • the control value may include a control code and / or a control biometrics detection.
  • the encrypted portion may include the control value. This eliminates the need to store the control value in the access control device.
  • the first and / or the second rule may conform to the following rule or include the following rule: Access is granted only if a label that identifies the user as a watcher is designed negatively (rule d.). It may be desirable for a guard to identify himself on a tour of the access control device to detect the proper departure of the tour. It may be desirable for the guard not to be granted access. In the case of a positive identification as a guard, access is thus denied.
  • the positive or negative tag as a guard may be transmitted encrypted from the mobile device to the access control device during the access control process.
  • the encrypted portion may include the positive or negative identifier as a guardian. If the positive or negative identification is always transmitted as a guard in the current access control procedure, there is no need to store the identification.
  • at least one more rule is checked.
  • This can be at least one of the rules b., C. or d. his.
  • At least two of the rules are preferred, that is to say b. and c., c. and d. or b. and d., checked.
  • Particularly preferred are the rules b., C. and d. checked.
  • the verification can take place in particular in the access control device. As a result, the security can be increased.
  • the time range, the control value and / or the identifier as a guard thus corresponds to a second rule or data for a second rule, which are preferably transmitted from the mobile device to the access control device.
  • the transmission preferably always takes place in the current access control process.
  • At least one rule is checked in the mobile device, which is not verifiable in the access control device, since the access control device, the necessary data can not be provided.
  • the first rule corresponds to the following rule:
  • the access is granted only if the mobile device performs a further authentication, in particular by means of the input of a code or a biometric recognition, with a positive result (rule e.).
  • Rule e. Restrictive to rule b. the mobile device performs the further authentication.
  • the further authentication takes place in particular during the access control process.
  • the further authentication is provided in particular in addition to unlocking the mobile device.
  • the access is granted only if a residence history of the mobile device coincides with a specification of the residence history (rule f.).
  • the default of the residence history may be stored in the mobile device.
  • the residence history may include granting access granted to at least one predetermined physical area.
  • the at least one physical area of the residence history may be different from the physical area to which access is sought by means of the access control process.
  • the resident history may include an order of granting access to predetermined physical areas.
  • the residence history may include a predetermined time range for granting access to the predetermined area (s). For example, a user seeks access to an office area.
  • the granting of access to the office area for example, depends on access being granted first to a main entrance area and then to a changing area within the last half hour.
  • the first rule conform to the following rule: Access is granted only if payment has been made previously (Rule g.). In particular, access can only be granted if confirmation of a successful payment is available. The mobile device may capture or include the confirmation of the payment made. It is preferable that the first rule conforms to the following rule: Access is granted only if a physical order of use has been accepted (rule h.). The user order can z. B. Conditions for using the physical area, such as: For example "smoking prohibited".
  • the first rule conforms to the following rule: Access is granted only if a training, in particular a safety instruction, has been successfully completed (Rule i).
  • the instruction, in particular the safety instruction can be completed positively by the confirmation of an acknowledgment.
  • the instruction, especially the safety instruction can be completed positively by passing a test.
  • the test can be performed and / or evaluated on the mobile device. Alternatively, the result of the test of the mobile device may be transmitted.
  • At least one of the rules e., F., G., H. or i., z.
  • a rule checked in the mobile device.
  • the first and / or the second rule applies only in a given time window.
  • the first and / or second rule, which only applies in a given time window, may in particular involve at least one of the rules c. to i. act.
  • the time window may include times, days of the week, working and non-working days, months and / or years.
  • the rule includes the time window. Several rules can only apply in a given time window. The time windows of different rules may differ. If the time window is mentioned below, several time windows can also be meant.
  • rule g. be met only on a working day to grant access. On weekends, access is free. Rule g. would then be that the access is granted only if it is a weekday and before a payment has been made.
  • rule f. only be fulfilled on Mondays. On the remaining days of the week, it is not necessary to have at least access to at least one other physical area prior to granting access to the physical area.
  • rule c. or e. only be fulfilled on a weekend. No additional authentication is required on a working day.
  • the time window can be encrypted to be handed over to the access control device, in particular if the access control device checks the corresponding rule that applies in the time window.
  • the encrypted portion may include the time window.
  • a rule in particular at least one of the rules c. to i., be defined a special deviation from a general validity of the corresponding rule.
  • the access information may contain a special rule about a general rule.
  • the additional information may also contain the general rule.
  • the special rule defines a deviation from the general rule.
  • the special rule and the general rule belong to the same rule type, in particular to one of the rules c. to i. So z. B. the general rule rule that an additional PIN entry in accordance with rule c. must be done every Monday.
  • the special rule can state that an additional PIN entry according to rule c. in the month of august is omitted.
  • the special rule can override the general rule. So it may be that in the result of the example on the Mondays in August no PIN input is necessary.
  • the encrypted portion may include the general and / or special rule.
  • the mobile device comprises a time recording means and the first rule contains a time-dependent condition for granting an access.
  • the first rule is checked by means of the time that the mobile device has by means of the time detection means.
  • the check of a time-dependent rule is particularly useful if the access control device is free from a knowledge of a time. Especially in this case, it makes sense to use rule b. in the mobile device. Also this can be for rule c. or d. apply if rule c. or d. includes a time window. Thus, it may be that the at least one of the rules b. to d. checked in the mobile device.
  • the time-dependent condition, which is checked in the mobile device can in particular rule b. correspond.
  • the time dependent condition that is checked in the mobile device may be one of the rules c. to i., which apply only in a given time window, correspond.
  • the time detection means may correspond to a receiving device of the communication network over which the time is received and / or an internal timer.
  • the mobile device may use the common time of the corresponding time zone transmitted to or set by the mobile device. It may also be that the mobile device is allowed to use the timekeeping only the time that has been provided to the mobile device by the access management device, or at least provided in a predetermined period previously.
  • the first rule contains an additional condition in addition to the second rule and / or contains a restriction of the second rule.
  • first rule In order to grant access, preference must be given to a positive result of the first rule and the second rule. In particular, it is not permissible for the first rule to be less restrictive than the second rule. In particular, it is not permissible for a positive result of the first rule to be sufficient to grant access. As a result, the tamper resistance of the method is increased.
  • the mobile device transmits the result of checking the first rule to the access control device and the access control device decides whether to obtain the access authorization. As a result, the manipulation security of the method can be increased. Thus, the mobile device will report the result of the review to the access control device. If the result of the check is not reported, access is denied. For the message, a predetermined time frame may be granted by the access control device. If the mobile device does not transmit the result within the specified time frame, access is denied.
  • the access control device may have been previously transmitted that at least a first rule is checked as an additional condition for granting access.
  • the fact that at least one first rule is checked as an additional condition for granting access is transmitted to the access control device, in particular in encrypted form.
  • the encrypted portion comprises the fact that at least a first rule is checked as an additional condition for granting access.
  • the access information, in particular the encrypted portion comprises a characteristic value which includes the need to take into account the result of checking the rule in the mobile device when granting the access. If the characteristic value is positive, the access control device expects the positive result of the rule to be checked in the mobile device within a time frame.
  • the mobile device may send an open command to the access control device.
  • the access control device may include a programming interface.
  • the access control device and the mobile device may communicate with each other through the programming interface during the process, particularly during the access control process.
  • the programming interface may correspond to an API.
  • the access control device opens the programming interface during the process.
  • the method may correspond in particular to the access control method.
  • the access control device may open the programming interface as a result of a positive result of a rule check.
  • a rule that is checked to grant access to the physical area may also allow the programming interface to be opened.
  • the check may be a condition to open the programming interface. It is conceivable that even more conditions must be met in order to open the programming interface.
  • the mobile device contains a command or data for a command with which the programming interface can be opened.
  • the command or data for the command may be transmitted in encrypted form from the mobile device to the access control device.
  • the check of the rule which corresponds to a condition for opening the programming interface, preferably takes place in the access control device.
  • the rule that corresponds to a condition for opening the programming interface may particularly preferably correspond to the comparison of the comparison value with the check value (rule a.).
  • the access control device at least partially opens the programming interface before the access control device has granted access to the physical area. This makes it possible that the programming interface is available to receive data for the current access control process.
  • the programming interface can be opened to obtain data for checking a rule, in particular another rule.
  • a positive result of the review of the further rule can thereby precondition for the granting of access his.
  • biometric data of a user can be transmitted via the programming interface to the access control device.
  • the biometric data may be captured by the mobile device.
  • the programming interface may be opened to obtain results of a check of a rule being checked in the mobile device.
  • the programming interface may be opened to receive an instruction or a control command regarding the way in which access is granted.
  • the programming interface may be opened to receive an opening command from the mobile device.
  • the access control device drives the electromechanical device to provide access.
  • the object of the invention is also achieved by an access control system.
  • the access control system can be designed in particular for carrying out a method according to the invention, in particular a method according to one of claims 1 to 13.
  • the access control system comprises an access control device assignable to a physical area and a mobile device.
  • the mobile device includes at least a first rule for granting access to the physical area.
  • the mobile device checks the first rule for granting access to the physical area.
  • this part of the access check takes place in the mobile device.
  • this part of the access check is independent of data stored in the access control device.
  • a computer program product for a mobile device of an access control system according to the invention in particular an access control system according to claim 14, and / or for carrying out a method according to the invention, in particular a method according to one of claims 1 to 13, is also protected.
  • the installation of the computer program product allows the mobile device to function as part of the access control system.
  • the computer program product may comprise procedural instructions by means of which the mobile device can carry out the method according to the invention and / or act as part of the access control system according to the invention.
  • FIG. 1 an access control system 1 according to the invention is shown.
  • the access control system 1 comprises a mobile device 2 and an access control device 3.
  • the mobile device 2 is shown schematically.
  • the mobile device 2 is designed as a smartphone.
  • the mobile device 2 comprises a display 18.
  • the access control system 1 according to the invention can carry out a method 100, 100a, 200, 300 according to the invention.
  • the mobile device 2 has access to a cloud 5 via a telecommunications network 4.
  • the mobile device 2 comprises a first transmitting and receiving device.
  • the telecommunications network 4 is shown schematically as a double arrow.
  • the cloud 5 there are access information 10.
  • the access information 10 comprises an encrypted portion 11 and a readable portion 12. If the access information 10 is intended for the mobile device 2, the mobile device 2 can retrieve the access information 10 from the cloud 5. The retrieval option for the mobile device 2 is restricted here to the access information 10 provided for the mobile device 2.
  • the access information 10 is also specific to the access control device 3. D. h. the access information 10 contains information intended to grant access to the physical area guarded by the specific access control device 3. If the user can be granted access to several physical areas guarded by different access control devices 3 by means of the mobile device 2, then the mobile device 2 contains a plurality of access information 10. In particular, access information 10 in the mobile device can be provided for each of the access control devices 3 2 provided and deposited. The access information 10 may be as a file be educated. In FIG. 2 is purely schematically an access information 10 for the illustrated access control device 3 in the mobile device 2 deposited.
  • the access information 10 is made available to the cloud 5 by a purely schematically illustrated access management device 9.
  • the access management device 9 may be part of the access control system 1 according to the invention.
  • the access management device 9 or the cloud 5 encrypts the encrypted portion 11 of the access information 10 such that the mobile device 2 is unable to decrypt the encrypted portion 11.
  • the encrypted portion 11 is intended to be at least partially transmitted from the mobile device 2 to the access control device 3.
  • the access control device 3 can decrypt the encrypted portion 11.
  • the access management device 9 can communicate with the cloud 5 via a communication link 19.
  • the cloud 5 may be part of the access control system 1.
  • the cloud 5 is not part of the access control system 1 according to the invention.
  • the mobile device 2 may be designed such that the access control information 10 can be retrieved from the mobile device 2 from the cloud 5.
  • the access management device 9 can be configured such that the access information 10 can be stored by the access management device 9 in the cloud 5.
  • the access management device 9 can send the access information to the mobile device 2 via the telecommunication network 4 without being deposited in the cloud 5.
  • the access control device 3 serves as a permanently installed guard of a barrier-locked physical area, not shown.
  • the access control device 3 is exemplified as electromechanical fitting 3.
  • the access control device 3 z. B. be designed as an electromechanical lock cylinder, as a door opener or as a motor lock.
  • the access control device 3 can also be designed in several parts (not shown).
  • the access control device 3 can, for. A reader and an electromechanical or magnetic device, e.g. As a motor lock, include (not shown).
  • the access control device 3 and the mobile device 2 communicate with each other via a short-range communication link 6 such as Bluetooth, BLE, RFID or NFC.
  • a short-range communication link 6 such as Bluetooth, BLE, RFID or NFC.
  • BLE is used.
  • the short-range communication connection 6 is shown purely schematically as a double arrow.
  • the mobile device 2 has a second transmitting and receiving device.
  • the access control device 3 has a transmitting and receiving unit for short-range communication 6.
  • the mobile device 2 and the access control device 3 each comprise at least one processor, not shown, for carrying out the method 100, 100a, 200, 300 according to the invention.
  • the mobile device 2 and the access control device 3 each comprise at least one memory (not shown) for carrying out the method 100 according to the invention, 100a, 200, 300.
  • the mobile device 2 can use a processor and / or memory, with which other functions of the mobile device 2 are also exercised.
  • the mobile device 2 comprises a computer program product according to the invention, e.g. As an app, by means of which the mobile device 2, the inventive method 100, 100a, 200, 300 can perform.
  • the access control system 1 can dispense in particular with a connection of the access control device 3 to the telecommunications network 4 and / or with a wired connection to the access management device 9.
  • the access control device 3 may be configured as a stand-alone / offline device.
  • the access control device 3 comprises an in FIG. 1 purely schematically illustrated electromechanical device 7.
  • the electromechanical device 7 is located inside the access control device 3 and is therefore in FIG. 1 indicated only by dashed lines.
  • the electromechanical device 7 may couple a handle 17 of the access control device 3 with a lock to provide access to the physical area. In the coupled state, a user can transfer the lock into an unlocked state by the actuation of the handle 17. If access is again denied, the handle 17 is decoupled from the lock by the electromechanical device 7. This is z. B. in the in EP2998484 A1 described.
  • the electromechanical device 7 can automatically transfer the lock to an unlocked state, in which the electromechanical device 7 retracts a latch and / or a latch. In a further alternative, the electromechanical device 7 can release a case of a door opener.
  • 100a is an access control method 100, 100a.
  • the access control device 3 denies access to the physical area.
  • the access control method 100, 100a is used to check whether the user of the mobile device 2 can be granted access.
  • the access control method 100, 100a may include a first communication of the mobile device 2 and the access control device 3 for the purpose of granting access to the physical Begin area.
  • the access control procedure 100, 100a may include the granting of the access if the result of the review is positive. If the result of the review is positive, the access control procedure may end with the granting of access or the end of the granting of access.
  • the way in which the access is granted is part of the access control procedure 100, 100a.
  • an access control device identifier is sent from the access control device 3 to the mobile device 2.
  • the mobile device 2 then verifies in a second method step 102 of the method 100, 100a whether access information 10 identifiable by the access control device identifier as belonging to the access control device 3 is stored in the mobile device 2. If such access information 10 is stored, then the mobile device 2 transmits the encrypted portion 11 of the access information 10 that has been identified as belonging to the access control device 3 to the access control device 3. This is particularly in FIG. 2 shown.
  • the access information is received by means of the transmitting and receiving unit of the access control device 2. If a corresponding access information 10 for the access control device 3 is not stored in the mobile device 2, then the method 100 ends. This is indicated by an arrow at the second method step 102 in FIG FIG. 3 clarified.
  • the user on the mobile device 2 receives an input, e.g. For example, pressing a button or launching an app must prompt the user for access. If the input is missing, the method 100 can be ended. This is indicated by an arrow at the first method step 101 in FIG FIG. 3 clarified.
  • Part of the first method step 101 may additionally or alternatively be that the mobile device 2 the user all access control devices 3, with which the mobile device 2 can communicate, in particular their access control device identifier has received the mobile device 2 and to which access information 10 in the mobile device 2 is deposited, 18 displays on the display.
  • the display of the access control devices 3 is supported by the information contained in the respective readable portion 12 of the access information 10 to the corresponding access control devices 3.
  • the readable portion 12 may include a picture or description of the possible access control devices 3, the possible physical spaces and / or the barriers guarded by the possible access control devices 3.
  • the corresponding pictures and / or descriptions may be displayed on the display 18 the mobile device 2 are displayed.
  • the user can select one of the displayed access control devices 3.
  • the mobile device 2 then sends in the method step 102 only to the selected access control device 3 the encrypted portion 11 of the associated access information 10th
  • the encrypted portion 11 received in the method step 102 is decrypted by the access control device 3 in a third method step 103 of the method 100, 100a.
  • the encrypted portion 11 contains a comparison value.
  • the mobile device 2 has received a check value from the access management device 9, for example via the cloud 5.
  • the check value may be included in the readable portion 12. It is also conceivable that the mobile device 2 receives the check value separately from the access information 10 from the access management device 9.
  • the check value can be z. B. downloaded via the cloud 5 of the mobile device 2.
  • the comparison value and the check value have a code-like character and can, for. B. be designed as a hash value or as an electronic signature.
  • a fourth method step 104 of the method 100, 100 a the mobile device 2 transmits the check value to the access control device 3.
  • the check value is received by means of the transmitting and receiving unit of the access control device 3.
  • a fifth method step 105 of the method 100, 100 a the access control device 3 compares the comparison value with the check value. As a result, the access control device 3 checks a rule. In the case of a positive comparison, the access control device 3 recognizes the mobile device 2 as authorized in principle and the access control method 100, 100a is continued.
  • the mobile device 2 checks as a first rule whether the user is allowed access at the current time. Ie. the mobile device 2 checks whether the current time is within a predetermined time range. Thus, the mobile device checks the rule b. For this purpose, the mobile device 2 receives a given by the access management device 9 current time, in particular via the cloud. 5
  • the mobile device 2 can check whether further authentication is necessary at the current time. Thus, the mobile device 2 checks whether the current time is in a time window in which further authentication is necessary. If this is the case, the mobile device 2 requests the user to enter a PIN code, a password or a biometric recognition. The input takes place on the mobile device 2 and is compared in the mobile device 2 with a control value (rule e.). Preferably, the control value and / or the current time is provided by the access management device 9 of the mobile device 2.
  • the mobile device 2 may additionally or alternatively check other rules.
  • the mobile device 2 may prompt the user to accept a user order such as "this is a non-smoking room” by input to the mobile device 2 (rule i.).
  • a seventh method step 107 the mobile device 2 issues an opening command to the access control device 3. Then, the controller of the access control device 3 controls the electromechanical device 7 to grant access. Alternatively, the electromechanical device 7 is directly driven by the opening command to grant access. If at least one of the rules to be checked in the mobile device 2 could not be checked with a positive result, the access is denied and the access control method 100 ends. This is in FIG. 3 represented by an arrow at the method step 106.
  • Access to the physical area is granted in an eighth method step 108 by means of the electromechanical device 7.
  • FIG. 3 illustrated method is particularly suitable for access control devices 3, which are free from a knowledge of the time.
  • the way of access is determined by at least one instruction.
  • the instruction may include how the grant of access is displayed visually and / or acoustically in the access control device 3. Alternatively or additionally, the instruction may include how to terminate the grant of access, e.g. After a predetermined period of time after the start of the grant, at a predetermined time regardless of the start of the grant or after a number of grants made.
  • the instruction may also include whether information about the method is being sent to the mobile device 2.
  • the at least one instruction may be included in the encrypted portion 11. The instruction is transmitted to the access control device 3 in step 102.
  • the access control method 100 comprises a further step, in which the granting of access according to the instruction is terminated again.
  • the further step follows the step 108.
  • the left-hand illustrated method 100 can also be an inventive in FIG. 3 right illustrated method 100a are performed.
  • the method steps 101, 102, 103, 104, 105, 106 and 108 remain the same as in the method 100.
  • the mobile device 2 can check the above-mentioned rules to be checked in the mobile device 2 in the step 106 However, the mobile device 2 does not send out the opening command according to step 107. Ie. Step 107 is omitted. If all the rules to be checked in the mobile device 2 have been checked with a positive result in step 106, the mobile device 2 instead transmits the positive result to the access control device 3 in an alternative seventh step 107a. This alternative is in FIG.
  • the access control device 3 awaits the positive result within a predetermined time frame. The time frame begins with the transmission of the message in step 106. If the positive result reaches the access control device 3 within the time frame, the access control device 3, in particular the access control device controller, controls the electromechanical device 7 to grant access. If no positive result reaches access control device 3 within the time frame, access is denied and the access control procedure ends. This is shown by an arrow at step 107a.
  • FIG. 4 another method 200 according to the invention is shown.
  • the method 200 may be designed in particular as an access control method 200.
  • the method 200 can be realized by means of the access control system 1 according to the invention FIGS. 1 and 2 be performed.
  • the first, second, third, fourth and fifth method steps 101, 102, 103, 104, 105 of the method 100, 100a FIG. 3 corresponds to the first, second, third, fourth and fifth method steps 201, 202, 203, 204, 205 of the method 200 FIG. 4 , Notwithstanding the method 100, 100a FIG. 3
  • a sixth method step 206 of the method 200 in the access control device 3 at least one further rule is initially checked.
  • the access control device 3 checks whether the user may be granted access at the current time. Ie. the access control device 3 checks whether the current time is within a predetermined time range. Thus, the access control device 3 checks the rule b. The time range for checking the rule b. is included in the encrypted portion 11.
  • the access control device 3 can check whether further authentication is necessary at the current time. Thus, the access control device 3 checks whether the current time is in a time window in which further authentication is necessary. If this is the case, the mobile device 2 requests the user to enter a PIN code, a password or a biometric recognition. The entry is made on the mobile device 2. The entered PIN code, the entered password or an entered biometric recognition is transmitted to the access control device 3. The access control device 3 compares the transmitted PIN code, the transmitted password or the transmitted biometric recognition with a control value (rule c.). The control value and the time window are included in the encrypted portion 11.
  • the access control device 3 can check whether a label that makes the user recognizable as a guard is formed negative. If the designation is negative, the rule is d. been checked with a positive result. The tag that identifies the user as a watcher is included in the encrypted portion 11.
  • those rules encrypted in the encrypted portion 11 by the access management device 9 are assigned to the Access control device 3 can be transmitted, checked in the access control device 3.
  • at least a first rule which depends on data that is not readily transferable to the access control device 3, is checked in the mobile device 2.
  • the checking of the at least one first rule takes place in a method step 207.
  • the access control device 3 sends the mobile device 2 a message. This is followed by the mobile device 2 starting to check the at least one rule. At the same time begins to measure the time for the time frame in the access control device 3.
  • the mobile device 2 may prompt the user to accept an order of use such as "this is a non-smoking room” by input to the mobile device 2 (rule h.).
  • the mobile device 2 can check the successful completion of a security briefing (rule i.). For this purpose, the mobile device 2 perform a test and evaluate.
  • the mobile device 2 may grant access only if another access has previously been granted. In this case, it may be that the user first another physical area, for. As a lock or a clean room, must pass through before the user the currently desired access is granted. The mobile device 2 thus checks a residence history of the mobile device 2 (rule f.).
  • the mobile device 2 can also check whether a payment for the use of the physical area has been made previously (rule g.).
  • the rules that are checked in the mobile device 2 can only supplement the rules that are checked in the access control device 3. It is not permissible to grant access if only one rule to be checked has a negative result. If a rule of the same rule type, e.g. "In the access control device 3 as well as in the step 207 in the mobile device 2 is checked, wherein in step 206, a different time range than in the step 207 given access is granted only if there is a positive result for both time periods.
  • a method step 208 the mobile device 2 transmits the positive result to the access control device 3.
  • the access control device 3 expects the positive result within a given timeframe. If the positive result reaches the access control device 3 within the time frame, the access control device 3, in particular the controller of the access control device 3, controls the electromechanical device 7 in a method step 209. If no positive result reaches access control device 3 within the time frame, access is denied and the access control procedure ends. This is in FIG. 4 indicated by an arrow at the method step 208.
  • a method step 210 the controller of the access control device 3 terminates granting access after a predetermined period of time.
  • the controller controls the electromechanical device 7, whereby the access control device 3 is transferred to a decoupled state.
  • this is a handle 17 (s. Fig. 1 ) Disconnected from a lock, so that a torque from the handle 17 is no longer transferable to the castle.
  • the predetermined period of time has been transmitted in the encrypted portion 11.
  • the mobile device 2 can directly control the controller of the access control device 3 or the electro-mechanical device 7 with an opening command, when all rules to be checked in the mobile device 2 have been checked with a positive result.
  • FIG. 5 another method 300 according to the invention is illustrated.
  • the method steps 301, 302, 303, 304, 305, 306 and 307 correspond to the method steps 201, 202, 203, 204, 205, 206, 207, which are described in FIG FIG. 4 are shown.
  • the access control device 3 in the method 300 opens a programming interface (API) 8 of the access control device 3 during the time frame.
  • the programming interface 8 is in FIG. 1 shown purely schematically.
  • the programming interface 8 contains data from the transmitting and receiving unit of the access control device 3. The opening of the programming interface 8 takes place only if, in step 306, the rules to be checked in the access control device 3 were checked with a positive result.
  • step 308 the mobile device 2 transmits the positive result to the programming interface 8 of the access control device 3.
  • the access control device 3 decides in a method step 309 in that the access is granted and controls the electromechanical device 7 with an opening command in method step 309.
  • an opening command may be sent from the mobile device 2 to the programming interface 8 of the access control device 3.
  • the result of the rules to be checked in the mobile device 2 rules are transmitted to the access control device 3.
  • the access control device 3 can only then open the programming interface 8.
  • the programming interface 8 is for receiving after step 308 the instruction (s) or data for an instruction for the way of granting the access.
  • the instruction received via the programming interface 8 or the data for an instruction received via the programming interface 8 can relate to an instruction as to when the grant of the access is to be ended.
  • the instruction received via the programming interface 8 or the data for an instruction received via the programming interface 8 may also include the manner of visual and / or audible indication of granting the access.
  • the programming interface 8 already opens as a result of the positive result of the comparison of the comparison value with the check value. Ie. the programming interface 8 already opens after step 305.
  • the programming interface 8 opens in particular before step 306.
  • data, rules or commands for the step 306 can be transmitted via the programming interface 8 to the controller of the access control device 3.
  • a control value which is required for a check of a further authentication in the access control device 3, can be transmitted via the programming interface 8.
  • the programming interface may alternatively or additionally be used to receive an updated version of firmware and / or additional firmware, an updated version of an access control device identifier, and / or an updated version of data to perform decryption.
  • the programming interface 8 can only be partially opened. Thus, the programming interface 8 can only be opened for receiving certain data, while other data that can in principle also be received by the programming interface 8 can not be received if this is not permitted by the at least one command.
  • the mobile device 2 may include at least one command when and / or what to open the programming interface 8 for. Ie. that, alternatively to the previously described, the programming interface 8 does not open immediately as a result of a positive conclusion of step 305 or 306, but only if the mobile device 2 commands to at least partially open the programming interface 8 to the access control device 3, in particular to the conventional interface , sent.
  • the programming interface 8 and the conventional interface receive the data and / or commands by the receiving unit of the access control device 3.
  • the encrypted portion 11 is used only in the current access control method 100, 100a, 200, 300.
  • the encrypted portion 11 is not stored in the access control device 3 after completing the access control process 100, 100a, 200, 300. Rather, in each access control method 100, 100a, 200, 300, the data transmitted from the encrypted portion 11 in the current access control method 100, 100a, 200, 300 to the access control device 3 is used. Thus, up-to-date data is always used. If the transmission of the encrypted portion 11 from the mobile device 2 to the access control device 3 is omitted, the access is denied and the access control method 100, 100a, 200, 300 ends.
  • the at least one first rule in the mobile device 2 is first checked after at least one rule has been checked in the access control device 3.
  • the rule to be checked in the access control device 3 may correspond at least to the comparison of the comparison value with the check value.
  • at least one rule to be checked in the access control device 3 is checked for a rule to be checked in the mobile device 2.
  • steps 206 and 207 could be temporally swapped.
  • a first rule in the mobile device 2 may already be checked before a rule in the access control device 3 is checked.
  • a first rule in the mobile device 2 may be checked before the comparison value in the access control device 3 is compared with the check value.
  • a first rule can be checked in the method step 101.
  • it may be that for the received access control device identifiers first check whether a payment has been made (rule g.). Only the access control devices 3 are displayed on the display 18 for selection for the user for whom a corresponding payment has been made.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mobile Radio Communication Systems (AREA)
EP17203908.3A 2017-11-27 2017-11-27 Procédé de contrôle d'entrée et système de contrôle d'entrée Pending EP3489914A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP17203908.3A EP3489914A1 (fr) 2017-11-27 2017-11-27 Procédé de contrôle d'entrée et système de contrôle d'entrée

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP17203908.3A EP3489914A1 (fr) 2017-11-27 2017-11-27 Procédé de contrôle d'entrée et système de contrôle d'entrée

Publications (1)

Publication Number Publication Date
EP3489914A1 true EP3489914A1 (fr) 2019-05-29

Family

ID=60480228

Family Applications (1)

Application Number Title Priority Date Filing Date
EP17203908.3A Pending EP3489914A1 (fr) 2017-11-27 2017-11-27 Procédé de contrôle d'entrée et système de contrôle d'entrée

Country Status (1)

Country Link
EP (1) EP3489914A1 (fr)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006098690A1 (fr) 2005-03-18 2006-09-21 Phoniro Ab Procede pour deverrouiller une serrure au moyen d'un dispositif de serrurerie capable de radiocommunications de donnees courte portee selon un standard de communications
US20070200665A1 (en) * 2004-01-06 2007-08-30 Kaba Ag Access control system and method for operating said system
WO2008110589A1 (fr) * 2007-03-14 2008-09-18 Bundesdruckerei Gmbh Procédé pour transmettre les données concernant une personne à un dispositif de contrôle
US20150067792A1 (en) * 2013-08-27 2015-03-05 Qualcomm Incorporated Owner access point to control the unlocking of an entry
WO2015124168A1 (fr) * 2014-02-18 2015-08-27 Bekey A/S Contrôle d'accès à un emplacement
EP2998484A1 (fr) 2014-09-22 2016-03-23 DORMA Deutschland GmbH Armature pour une porte de bâtiment
US20170002586A1 (en) * 2015-07-01 2017-01-05 Dominick S. LEE Installation-Free Rechargeable Door Locking Apparatus, Systems and Methods
US20170213404A1 (en) * 2016-01-27 2017-07-27 Honeywell International Inc. Remote application for controlling access
WO2017180454A1 (fr) * 2016-04-11 2017-10-19 Carrier Corporation Capture d'intention de communication d'utilisateur lors d'une interaction avec des contrôles d'accès multiples

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070200665A1 (en) * 2004-01-06 2007-08-30 Kaba Ag Access control system and method for operating said system
WO2006098690A1 (fr) 2005-03-18 2006-09-21 Phoniro Ab Procede pour deverrouiller une serrure au moyen d'un dispositif de serrurerie capable de radiocommunications de donnees courte portee selon un standard de communications
WO2008110589A1 (fr) * 2007-03-14 2008-09-18 Bundesdruckerei Gmbh Procédé pour transmettre les données concernant une personne à un dispositif de contrôle
US20150067792A1 (en) * 2013-08-27 2015-03-05 Qualcomm Incorporated Owner access point to control the unlocking of an entry
WO2015124168A1 (fr) * 2014-02-18 2015-08-27 Bekey A/S Contrôle d'accès à un emplacement
EP2998484A1 (fr) 2014-09-22 2016-03-23 DORMA Deutschland GmbH Armature pour une porte de bâtiment
US20170002586A1 (en) * 2015-07-01 2017-01-05 Dominick S. LEE Installation-Free Rechargeable Door Locking Apparatus, Systems and Methods
US20170213404A1 (en) * 2016-01-27 2017-07-27 Honeywell International Inc. Remote application for controlling access
WO2017180454A1 (fr) * 2016-04-11 2017-10-19 Carrier Corporation Capture d'intention de communication d'utilisateur lors d'une interaction avec des contrôles d'accès multiples

Similar Documents

Publication Publication Date Title
EP3057025B1 (fr) Procédé mis en oeuvre par ordinateur destiné au contrôle d'accès
EP3103057B1 (fr) Procédé d'accès à une baie physiquement sécurisée ainsi qu'infrastructure informatique
EP2595341B1 (fr) Gestion des droits d'utilisateurs et système de contrôle d'accès avec restriction de durée
DE102016104530A1 (de) Verfahren zur Kontrolle des Zugriffs auf Fahrzeuge
WO2008095866A2 (fr) Procédé pour autoriser l'accès à au moins un élément d'automatisation d'une installation technique
EP0811739A2 (fr) Dispositif et méthode pour vérifier l'autorisation de contrÔle d'accés, en particulier dispositif de fermeture des véhicules
DE102014219502A1 (de) System und Verfahren für einen beschränkten Zugang zu einem Fahrzeug
EP3009992B1 (fr) Procede et dispositif de gestion d'autorisations d'acces
DE112020006933T5 (de) Authentifizierungsterminal und Sicherheitssystem
EP2996299B1 (fr) Procédé et système d'autorisation d'une action sur un système auto-commandé
EP2584539B1 (fr) Procédé de configuration d'une serrure électromécanique
EP3425598B1 (fr) Procédé de gestion d'un état d'ouverture d'un coffre-fort à l'aide d'un code unique basé sur des données biométriques
EP3362997A1 (fr) Contenant verrouillable
EP3489914A1 (fr) Procédé de contrôle d'entrée et système de contrôle d'entrée
DE102018202173A1 (de) Verfahren und Vorrichtung zur Authentifizierung eines Nutzers eines Fahrzeugs
EP3489916B1 (fr) Dispositif de contrôle d'accès, système de contrôle d'accès et procédé
EP3489915A1 (fr) Procédé de contrôle d'entrée et système de contrôle d'entrée
EP3300037B1 (fr) Dispositif de gestion d'accès, dispositif d'évaluation des informations d'accès et procédé de gestion d'accès
DE102017128025A1 (de) Zeiterfassungsverfahren und Zeiterfassungssystem
DE102017128028A1 (de) Zeiterfassungsvorrichtung, Zeiterfassungssystem und Verfahren
EP4050545A1 (fr) Procédé d'installation d'une pluralité de composants de porte
WO2022180088A1 (fr) Procédé d'installation d'une pluralité de composants de porte
EP3723339A1 (fr) Libération sécurisée d'une fonction protégée
DE102010048870B4 (de) Verfahren und Gerät zur Einrichtung eines neues Benutzers in einer zugangsbeschränkten elektronisch angesteuerten Einrichtung
DE102016107435A1 (de) Zeiterfassungssystem mit einem mobilen Endgerät

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20191129

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20220315