EP4332920A1 - Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus - Google Patents

Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus Download PDF

Info

Publication number
EP4332920A1
EP4332920A1 EP22192916.9A EP22192916A EP4332920A1 EP 4332920 A1 EP4332920 A1 EP 4332920A1 EP 22192916 A EP22192916 A EP 22192916A EP 4332920 A1 EP4332920 A1 EP 4332920A1
Authority
EP
European Patent Office
Prior art keywords
electronic
access
person
access credential
credential
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP22192916.9A
Other languages
English (en)
French (fr)
Inventor
Robert Kleger
Jacqueline Spoerri
Philipp Sumi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dormakaba Schweiz AG
Original Assignee
Dormakaba Schweiz AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dormakaba Schweiz AG filed Critical Dormakaba Schweiz AG
Priority to EP22192916.9A priority Critical patent/EP4332920A1/de
Publication of EP4332920A1 publication Critical patent/EP4332920A1/de
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00904Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for hotels, motels, office buildings or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/02Access control comprising means for the enrolment of users
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/04Access control involving a hierarchy in access rights

Definitions

  • the present disclosure relates to a method of managing access for a managed residential building as well as to devices for managing access for a managed residential building. Specifically, the present disclosure relates to a computer-implemented method of managing access for a managed residential building, further to a data processing apparatus, and a lock apparatus, and a mobile device, each configured to at least partially perform said method. Moreover, the present disclosure relates to a computer program product for execution of said method on a data processing apparatus.
  • Computer-implemented methods of managing access for a managed residential building, and respective devices are known with respect to managing electronic locks of private doors and common doors in a managed residential building.
  • a system of the present applicant is known, the system being called Resivo.
  • Resivo Admin Portal managers or administrators of managed residential buildings can assign access rights to certain persons, for example when a rental agreement of new tenants starts. Thereby, the complexity of change of tenants, for example with respect to apartment handovers, is reduced. No time-consuming key management is necessary since a fully digital access management is possible with no physical keys anymore, but with the help of digital keys using credentials that, when being presented to an electronic lock, allow the entrance through the respective door including the electronic lock.
  • the known system it is necessary that a person to be granted access to the managed residential building always needs to have a private area (such as an apartment) assigned before a transmission of credentials to the possession of the person can take place. Accordingly, the known system's flexibility is limited in the sense that the person can only be granted access to both, a private door (or several private doors) as well as a common door (or several common doors), at the same time.
  • the known system is limited regarding managed residential buildings that do not yet have private doors with electronic locks. Then, the use of the described management system is not possible since electronically accessible private doors with respective credentials need to be assigned to a person if it is wished to assign to the person a credential (digital key) for a common door.
  • the above-mentioned object of a more flexible access management of new tenants is achieved particularly, according to the present disclosure, by a computer-implemented method of managing access for a managed residential building, the managed residential building having at least one or more common door(s) including an electronic lock (each including an electronic lock), and the managed residential building having at least one private door.
  • the suggested computer-implemented method is also applicable for managing access for several managed residential buildings, for example a managed residential area, wherein the managed residential area at least comprises a first managed residential building and a second managed residential building, or even more managed residential buildings.
  • the common door controls (or the common doors control) access to a common area of the managed residential building, and the at least one private door controls access to a private area allocated to a first person according to a rental agreement information.
  • each common door could provide an entrance to a specific individual common area, for example a first common door to a first common area and a second common door to a different second common area, or several common doors could also provide an entrance to the same common area, such as a shared common area (for example a single room or a single common area that can be entered through the several common doors at two different points).
  • the first person initially, at a starting point in time, does not yet have any electronic access rights for the common area of the managed residential building.
  • the first person initially does not yet have any electronic access rights for the managed residential buildings, thereby not being able to enter electronically the managed residential buildings at all.
  • the first person initially does not yet have any access rights for the managed residential buildings, thereby not being able to enter the managed residential buildings at all.
  • the suggested computer-implemented method is being performed by an access management platform and comprises at least the following steps:
  • the above-mentioned object is achieved by a suggested data processing apparatus configured to perform the suggested computer-implemented method as described before or hereinafter (for example according to any one of the claims 1 to 11).
  • the suggested data processing apparatus comprises the access management platform or is configured to communicate with the access management platform.
  • An essential advantage of the present invention is that a higher flexibility is gained when managing a single or a plurality of managed residential buildings due to a management process being applicable to several different situations.
  • the reason is that a new tenant who shall enter the building according to his rental agreement does not have to be allocated with a private door including an electronic lock anymore in order to receive a permission to enter common doors. Due to the fact that a single access right only with respect to common doors can be granted to the first person, the first person does not have to be given overall permissions (including for example the permission to enter electronically controlled private doors as well) for being able to enter the managed residential building at all.
  • the access management platform can be used to provide the first person with the exclusive access right of only being able to unlock common doors. Accordingly, the first person as a new tenant can easily be given automatically and from a distance the right to be able to enter the managed residential building.
  • the present invention can facilitate the management process in that a permission to enter, at the pre-access point in time, is only given to the first person with respect to the common doors whereas the private door or doors are not accessible yet. Thereby, the first person could already enter the managed residential building but not yet its private area. This can be of interest during a time after having signed a rental agreement but before the beginning of the contract period, for example even while previous tenants are still living in the later-rented private area.
  • the computer-implemented method can be configured to be performed by the suggested and described data processing apparatus.
  • the suggested and described data processing apparatus is in turn preferably configured to execute the suggested computer-implemented method.
  • the features and specific advantages relating to the suggested data processing apparatus or the respective suggested computer-implemented method are regularly described collectively only once.
  • Features described in connection with the computer-implemented method can be included accordingly in an appropriate manner in claims relating to the data processing apparatus and vice versa.
  • these private doors either controlling access to one private area, such as several doors providing entrance to one apartment, or controlling access to several private areas (such as for example two different apartments on different floors or to an apartment and a personal garage) can be provided and allocated to the first person according to the rental agreement information.
  • several common areas might exist, such as the hall of the building with the common door in terms of the main entrance door and additionally a garage with a separate common door and additionally a fitness room with another common door.
  • the access rights might be granted to the first person with respect to all common doors or only with respect to a selection of common doors, as well as (at the later full-access point in time) with respect to all private doors or only with respect to a selection of private doors.
  • the access management platform is an online web application, moreover in particular not a mobile application.
  • the Resivo Admin Portal of the applicant can be used as access management platform.
  • the pre-access activation request can be entered in the access management platform, for example by a manager managing the relevant rental agreement information.
  • an unambiguous allocation of credentials to the identity of a person (the tenants) can be achieved.
  • the application-installation invitation can be sent to the mobile device of the first person via e-mail communication.
  • the e-mail then has the invitation link with the help of which the mobile application can be installed by the first person on its mobile device.
  • the mobile application for example can be the Resivo Home App of the applicant.
  • the first person automatically can also have stored the the electronic pre-access credential (and optionally the electronic full-access credential) on its mobile device within said mobile application.
  • the at least one private door includes an electronic lock.
  • the computer-implemented method further comprises at least the following steps:
  • the first person after already being able to enter common areas, then can be given the permission to also enter the private area.
  • the computer-implemented method further comprises at least the following step: transmitting the electronic pre-access credential also to the electronic lock of the first person's private door, thereby, at a full-access point in time after the pre-access point in time, configuring also the electronic lock of the first person's private door to unlock if the electronic pre-access credential is provided by the mobile device of the first person.
  • the first person then can be allowed to enter not only the common area but also the private area.
  • the following step is performed: receiving an extension for full-access request to adapt the electronic pre-access credential for the first person, thereby initiating the granting process of the right to open additionally to the first common door (doors) also the at least one private door.
  • the extension of the access rights for the first person for being able to also enter private areas after already being able to enter common areas needs to be actively performed by, for example, a manager.
  • the computer-implemented method further comprises at least the following step: predefining the pre-access point in time (and/or predefining the full-access point in time) under a predetermined condition related to the rental agreement information, in particular according to a date of a start of a rental agreement, and/or in particular according to a confirmation of payment, for example a confirmation of payment of a rent and/or of a deposit.
  • the manager can control in advance within the access management platform, from which point of time on an access should be possible.
  • an additional point of time via the predefined full-access point in time, can be determined as to when the first person (tenant) can also additionally enter its private area.
  • these point of times, from which on an access to certain areas is possible can be made dependent on pre-conditions, such as if the tenant has paid a deposit or as when the actual rental agreement will start. Additionally or alternatively, the definition of point of times can be made within the access management platform already at the beginning.
  • the electronic lock is (or the electronic locks are) configured to communicate via a communication network with the access management platform, preferably reciprocally.
  • the computer-implemented method further comprises at least the following steps:
  • the credential(s) can be stored preferably only online within the access management platform, thereby guaranteeing a high level of security.
  • Credential(s) within the whitelist online can then be credential(s) who have access to the respective common area (or even private area).
  • the credential(s) is (are) not stored within the lock(s)
  • a fraudulent use in terms of trying to get possession of the credential(s) by accessing the lock(s) can be made relevantly more difficult.
  • the computer-implemented method further comprises at least the following steps:
  • a control of the uses of the doors for example as to who is opening doors when and by which medium, can be provided, thereby for example being able to draw conclusion when something extraordinary happened in common areas.
  • a damage in a common area or even with respect of a common door which possibly could have been caused by a plurality of persons (tenants) could be better analysed with respect to a potential person responsible for the damage.
  • a communication network between the mobile application and the access management platform is used, then it could be a different or even the same communication network, as being used between the access management platform and the electronic lock(s).
  • the step of transmitting the pre-access credential and/or the step of transmitting the electronic full-access credential to the electronic lock(s) is executed via a direct communication via the communication network.
  • online doors or locks can be provided enabling a communication via the communication network.
  • the step of transmitting the pre-access credential and/or the step of transmitting the electronic full-access credential to the electronic lock(s) is executed via an indirect communication by the step of: transmitting, at a first point in time, the pre-access credential (and/or the electronic full-access credential) to a manager's mobile device, in particular of a caretaker, thereby leading to a necessity of transmitting, at a second point in time after the first point in time, the pre-access credential (and/or the electronic full-access credential) from the manager's mobile device to the electronic lock(s).
  • the manager or caretaker could use a management app, such as a so-called utility app, which is not available for the tenants (first person).
  • the manager or caretaker then could provide the credential(s) to the lock(s) so that no direct online connection between the access management platform and the respective lock(s) would be needed for this step.
  • the pre-access credential and/or the electronic full-access credential is (are) encrypted, preferably using asymmetric encryption.
  • the credential(s) is (are) configured as being not readable by the mobile device (or the mobile application) of the first person, but being only readable by the electronic lock(s) and/or the access management platform.
  • the credential(s) is (are) transmitted in encrypted form from the access management platform to the mobile device (in particular the mobile application).
  • the credential(s) also remain(s) stored in an encrypted manner on the mobile device.
  • the credential(s) is (are) then also transmitted in encrypted form to the electronic lock at the moment of intention of access. Only at the electronic look, the credential(s) then is (are) decrypted in order to make the access decision by the verifying step.
  • the computer-implemented method further comprises the step of deactivating the right to open the common door(s) and/or to open the at least one private door, preferably by:
  • the suggested method guarantees a simple and fast way of adapting the access rights by invalidating previous access right.
  • a suggested lock apparatus configured to at least partially perform the suggested computer-implemented method as described before or hereinafter (for example according to any one of the claims 1 to 11), when interacting with the access management platform or when interacting with the suggested data processing apparatus.
  • the suggested lock apparatus comprises the electronic lock and is configured to lock and unlock the common door.
  • a method of managing access for a managed residential building having at least a common door including an electronic lock or having several common doors each including an electronic lock, and the managed residential building having at least one private door, the common door controls (or, respectively, the common doors control) access to a common area of the managed residential building, and the at least one private door controls access to a private area allocated to a first person according to a rental agreement information, wherein the first person initially, at a starting point in time, does not yet have any electronic access rights for the common area of the managed residential building, the method being performed by a lock apparatus and comprising at least the following steps:
  • a lock apparatus configured to at least partially perform the suggested method of managing access for a managed residential building being performed by a lock apparatus as described before or hereinafter, wherein the lock apparatus comprises the electronic lock and is configured to lock and unlock the common door.
  • the features and advantages described above and below in the context of the suggested method being performed by a lock apparatus can be transferred in an appropriate manner to the suggested lock apparatus.
  • the method can be configured to be performed by the suggested and described lock apparatus.
  • the suggested and described lock apparatus is in turn preferably configured to execute the suggested method.
  • the features and specific advantages relating to the suggested lock apparatus or the respective suggested method are regularly described collectively only once.
  • Features described in connection with the method can be included accordingly in an appropriate manner in claims relating to the lock apparatus and vice versa.
  • the lock apparatus comprises a whitelist for storing the electronic pre-access credential and/or the electronic full-access credential.
  • the method further comprises the step of storing the electronic pre-access credential and/or the electronic full-access credential in a whitelist.
  • the credential(s) can be stored, after being transmitted to the electronic lock, in said whitelist, thereby the whitelist being responsible for keeping all the credential(s) granting persons the right to open the respective door(s). Storing can advantageously take place offline.
  • a system comprising the suggested data processing apparatus as described before or hereinafter (for example according to claim 12), and the suggested lock apparatus as described before or hereinafter, the data processing apparatus and the lock apparatus being in interactive connection with each other, preferably thereby performing the suggested computer-implemented method being performed by a access management platform as described before or hereinafter (for example according to any one of the claims 1 to 11), and/or preferably thereby performing the suggested method being performed by a lock apparatus as described before or hereinafter.
  • a suggested mobile device configured to at least partially perform the suggested computer-implemented method as described before or hereinafter (for example according to any one of the claims 1 to 11), when interacting with the access management platform or when interacting with the suggested data processing apparatus.
  • the suggested mobile device comprises the mobile application having stored the electronic pre-access credential.
  • a computer-implemented method of managing access for a managed residential building having at least a common door including an electronic lock or having several common doors each including an electronic lock, and the managed residential building having at least one private door, the common door controls (or, respectively, the common doors control) access to a common area of the managed residential building, and the at least one private door controls access to a private area allocated to a first person according to a rental agreement information, wherein the first person initially, at a starting point in time, does not yet have any electronic access rights for the common area of the managed residential building, the method being performed by a mobile device and comprising at least the following steps:
  • a mobile device configured to at least partially perform the suggested computer-implemented method of managing access for a managed residential building being performed by a mobile device as described before or hereinafter, wherein the mobile device comprises the mobile application having stored the electronic pre-access credential.
  • the computer-implemented method can be configured to be performed by the suggested and described mobile device.
  • the suggested and described mobile device is in turn preferably configured to execute the suggested computer-implemented method.
  • the features and specific advantages relating to the suggested mobile device or the respective suggested computer-implemented method are regularly described collectively only once.
  • Features described in connection with the computer-implemented method can be included accordingly in an appropriate manner in claims relating to the mobile device and vice versa.
  • the mobile device and/or the lock apparatus comprise a wireless communication interface, preferably a short range communication interface, the wireless communication interface of the lock apparatus being configured to receive the electronic pre-access credential and/or the electronic full-access credential, preferably being sent from the mobile application; the wireless communication interface of the mobile device being configured to send the electronic pre-access credential and/or the electronic full-access credential, preferably to the lock apparatus or the electronic lock.
  • the method further comprises the step of receiving or sending the electronic pre-access credential and/or the electronic full-access credential via a wireless communication interface, preferably a short range communication interface.
  • the wireless communication interface performs steps of sending and/or receiving the personal access right identifier via bluetooth low energy (BLE) technology.
  • BLE bluetooth low energy
  • the wireless communication interface of the lock apparatus is configured to process a via bluetooth low energy (BLE) technology received signal further in a following verifying step only if a predetermined threshold value of a signal strength, in particular of a received signal strength indicator (RSSI), is reached.
  • BLE bluetooth low energy
  • RSSI received signal strength indicator
  • the predetermined threshold value of a signal strength can be adapted, in particular via the access management platform.
  • bluetooth technology can be used for the entrance into respective doors.
  • a threshold value can be used to adapt the proximity of the used mobile device to the electronic lock, thereby avoiding opening unwished doors if any what so low signal strength were sufficient to initiate a verifying step of the transmitted credential(s) in the electronic lock.
  • the threshold value can be even made dependent on the type of mobile device used and can be adapted, for example in the access management platform.
  • a system comprising the suggested data processing apparatus as described before or hereinafter (for example according to claim 12), and the suggested mobile device as described before or hereinafter, the data processing apparatus and the mobile device being in interactive connection with each other, preferably thereby performing the suggested computer-implemented method being performed by a access management platform as described before or hereinafter (for example according to any one of the claims 1 to 11), and/or preferably thereby performing the suggested computer-implemented method being performed by a mobile device as described before or hereinafter.
  • a system comprising the suggested mobile device as described before or hereinafter, and the suggested lock apparatus as described before or hereinafter, the mobile device and the lock apparatus being in interactive connection with each other, preferably thereby performing the suggested computer-implemented method being performed by a mobile device as described before or hereinafter, and/or preferably thereby performing the suggested method being performed by a lock apparatus as described before or hereinafter.
  • a suggested computer program product comprising commands which, when the computer program product is executed by a processor of a data processing apparatus, preferably of the suggested data processing apparatus, cause the data processing apparatus to perform the steps of the suggested computer-implemented method performed by the access management platform as described before or hereinafter (for example according to any one of the claims 1 to 11).
  • a computer-readable medium is suggested, on which the suggested computer program product as described before or hereinafter is stored.
  • a system comprising the suggested data processing apparatus as described before or hereinafter, the suggested lock apparatus as described before or hereinafter, and the suggested mobile device as described before or hereinafter, the data processing apparatus, the lock apparatus, and the mobile device being in interactive connection with each other, preferably thereby performing the suggested computer-implemented method being performed by a access management platform as described before or hereinafter (for example according to any one of the claims 1 to 11), and/or preferably thereby performing the suggested method being performed by a lock apparatus as described before or hereinafter, and/or preferably thereby performing the suggested computer-implemented method being performed by a mobile device as described before or hereinafter.
  • the data processing apparatus or the lock apparatus comprise a blacklist for storing the electronic pre-access credential and/or the electronic full-access credential.
  • the method further comprises the step of storing the electronic pre-access credential and/or the electronic full-access credential in a blacklist.
  • a blacklist can be used to overrule the entries within a whitelist, thereby causing that a credential (credentials) listed in the blacklist does not have the access right to open the respective lock anymore.
  • Writing a credential (credentials) into a blacklist can be a way of the before-described deactivating of a credential.
  • the suggested methods for managing access for a managed residential building are also applicable for managing access for several managed residential buildings, for example a managed residential area, as described with respect to the suggested computer-implemented method being performed by an access management platform.
  • the explanations with respect to said suggested computer-implemented method being performed by an access management platform which explanations deal with the use of several common doors or, respectively, deal with initially non-existing access rights of the first person also apply to the further presented suggested methods for managing access for a managed residential building.
  • FIG. 1 schematically shows a managed residential area 1.
  • the managed residential area 1 comprises in this example two managed residential buildings 2 and 3.
  • the managed residential area 1 may be a private site on which the two managed residential buildings 2 and 3 are located, the private site having an entrance in the form of a common door 4, for example an access gate to the private site.
  • the managed residential buildings 2 and 3 are managed for example by an owner or an administrator and the managed residential buildings 2 and 3 for example have apartments for being rented to private persons.
  • common doors 5 and 6 are the entrances to the respective managed residential buildings 2 or 3.
  • private doors 7 and 8 are the entrances to private rooms such as apartments of tenants indicated by dashed lines and being located within the managed residential building 2.
  • another common door 9 is present, which is the entrance to another general room represented by the dashed lines below and being accessible not only for one person (tenant) but for different persons (different tenants) within the managed residential building 2.
  • the common doors 4, 5, 6, and 9 control access to common areas 10, 11, 12, and 13 whereas the private doors 7 and 8 control access to private areas 14 and 15.
  • the common area 10 could be the private site, such as a secured area, of the owner of the managed residential area 1, and the common area 10 should accordingly be accessible to all tenants.
  • the first managed residential building 2 could have the common area 11 in terms of the entry hall of the building, as well as an additional common area 13 in terms a fitness room.
  • the second managed residential building 3 could have the common area 12, being the entire building itself, in terms of a garage.
  • the two private rooms 14 and 15 could be two different private apartments, one for a first person in terms of a first tenant and the other one for another tenant.
  • both tenants should receive access rights to the common areas 10 and 11 whereas the common areas 12 and 13 could be individually allocated according to the rental agreements as well as the private area 14 is allocated to one tenant and the private area 15 to the other tenant.
  • the suggested methods, devices and systems could apply for only the managed residential building 2, which at least has a common area 11 or 13 and a private area 14 or 15.
  • the suggested methods, devices and systems could apply for both managed residential buildings 2 and 3 together (as common doors 5, 6, and 9, as well as private doors 7, and 8 are present as well).
  • the suggested methods, devices and systems could apply for the entire managed residential are 1, including managed residential buildings 2 and 3.
  • the suggested methods, devices and systems provide advantages for example when a change of tenant takes place and is to be managed with regard to giving the tenants the permission from a distance to enter common areas 10, 11, 12, 13 and/or private areas 14, 15.
  • FIG. 2 schematically shows a system of managing access for the managed residential building 2.
  • the private door 8 is left out in the illustration according to Figure 2 .
  • the three doors in terms of the common doors 5 and 9, as well as the private door 7 are depicted, each door 5, 7 and 9 comprising a lock apparatus 16 including an electronic lock.
  • the suggested system and especially the suggested computer-implemented method could also work and has the described advantages if the private door 7 did not have an electronic lock but a solely mechanic lock.
  • the managed residential building 2 is in the possession of the owner and might be managed by the owner or for example by an administrator. Said possession is schematically depicted with the help of the outer dash-dotted box. Furthermore, according to the depicted system, the owner or administrator is in control of a data processing apparatus 17, forming part of or being in interactive communication with the cloud 18.
  • the cloud 18 or the data processing apparatus 17 comprises an access management platform, with the help of which platform the computer-implemented method of managing access for the managed residential building 2 can be performed.
  • An example for such access management platform is the -called Resivo Admin Portal as a web application of the recent applicant dormakaba.
  • a mobile device 19 is depicted as well.
  • the new tenant is able to open the common doors 5 and 9, and, at a later point of time, the private door 7 to his/her apartment as well, when given the respective permission.
  • An example for such mobile application is the so-called Resivo Home App of the recent applicant dormakaba.
  • the data processing apparatus 17 is configured to communicate via a communication network 20 with the lock apparatuses 16 of the common doors 5 and 9 (indicated by the double arrow), and furthermore optionally with the lock apparatus 16 of the private door 7 (indicated by the dashed double arrow) by another communication network or, as depicted, by the same communication network 20. Moreover, the data processing apparatus 17 is configured to communicate via a communication network 21 (which could also be the same communication network 20 as mentioned before) with the mobile device 19 of the new tenant.
  • connection between the data processing apparatus 17 and the mobile device 19 usually is unidirectional as depicted with the help of the single arrow, thereby allowing the data processing apparatus 21 to send information to the mobile device 19 but not allowing the mobile device 19 to initiate a communication directly with the data processing apparatus 17.
  • a communication connection namely a short range communication connection, exists between the mobile device 19 of the new tenant as well as the lock apparatuses at least of a common door 5, in the recent case, also of the common door 9 (indicated by the single arrows) and the private door 7 (indicated by the single dashed arrow).
  • the short range communication connections 22 are realised via bluetooth low energy technology, with the help of a bluetooth low energy transmitter module, which is integrated in the mobile device 19 of the new tenant, as well as with the help of bluetooth low energy receiver modules integrated in the lock apparatuses 16.
  • the mobile device 19 and/or the lock apparatuses 16 can comprise a wireless communication interface, preferably a short range communication interface, the wireless communication interface of the lock apparatus being configured to receive the electronic pre-access credential and/or the electronic full-access credential, preferably being sent from the mobile application; the wireless communication interface of the mobile device 19 being configured to send the electronic pre-access credential and/or the electronic full-access credential, preferably to the lock apparatuses 16 or the electronic lock.
  • the wireless communication interface performs steps of sending and/or receiving the personal access right identifier via bluetooth low energy (BLE) technology.
  • BLE bluetooth low energy
  • common mobile devices 19 of the tenants, with bluetooth technology can be used to unlock and lock door(s), preferably with the help of the mobile application. Preferably.
  • the wireless communication interface of the lock apparatus is configured to process a via bluetooth low energy (BLE) technology received signal further in a following verifying step only if a predetermined threshold value of a signal strength, in particular of a received signal strength indicator (RSSI), is reached.
  • BLE bluetooth low energy
  • RSSI received signal strength indicator
  • the predetermined threshold value of a signal strength can be adapted, in particular via the access management platform.
  • bluetooth technology can be used for the entrance into respective doors.
  • a threshold value can be used to adapt the proximity of the used mobile device to the electronic lock, thereby avoiding opening unwished doors if any what so low signal strength were sufficient to initiate a verifying step of the transmitted credential(s) in the electronic lock.
  • the threshold value can be even made dependent on the type of mobile device 19 used and can be adapted, for example in the access management platform.
  • the shown lock apparatuses 16 are configured as so-called connected or on-line devices due to the arrangement of the communication network 20, with the help of which an on-line communication, for example with the data processing apparatus 17, can take place.
  • the lock apparatuses 16 it is also possible according to the present disclosure, to realise the lock apparatuses 16 as so-called off-line or stand-alone devices.
  • the necessary communication, for example, of the data processing apparatus 16 with the lock apparatuses 16 could be realised also as short range communication connection, preferably still wireless, as for example by bluetooth low energy technology as mentioned with respect to the short range communication connections 22.
  • the owner or administrator or a delegated person such as a caretaker could conduct the necessary communication between the data processing apparatus 17 and the lock apparatuses 16 in an indirect manner, for example with the help of an administrator's mobile device being able to communicate with the data processing apparatus 17, preferably on-line, as well as with the lock apparatuses 16 off-line as described.
  • the administrator or caretaker could therefore use a different mobile application, such as the so-called Utility App of the recent applicant dormakaba (cf. Figure 6 and steps S12.1 and S12.2 later).
  • the communication networks 20 could comprise a mobile radio network, such as GSM (Global System for Mobile Communication), UMTS (Universal Mobile Telephone System), WLAN (Wireless Local Area Network) or the like.
  • the communication networks 20 could also comprise a wire based network, such as provided by LAN (Local Area Network), an Ethernet connection or an USB connection or the like, and/or the Internet as preferred on-line connection medium.
  • the short range communication connections 22 could also be implemented as a radio-based communication interface, such as RFID communication interfaces (Radio Frequency Identifier), so-called NFC interfaces (Near Field Communication), optical interfaces like infrared or visual communication interfaces. Preferred however is the interface arranged as bluetooth low energy interface.
  • Figure 3 shows a timing diagram illustrating an exemplary sequence of steps for managing the access for the managed residential building 2 for the new tenant (the first person 23).
  • the first person initially at a starting point in time (as indicated by reference S0) does not yet have any electronic access rights for the common area 11 or 13. Then, in the access management platform, for example by an entry of an administrator, a pre-access activation request is received within step S1.1.
  • the pre-access activation request is done in order to assign an electronic pre-access credential to the first person 23.
  • the electronic pre-access credential therefore, is configured to grant the first person 23, at a pre-access point in time, only the right to open the common doors 5 and 9 for accessing the common areas 11 and 13.
  • an access right can be assigned to the first person 23 also being able to open the private door 7 or 8.
  • step 1.2 the electronic pre-access credential associated is generated in the access management platform (or, respectively, in the data processing apparatus 17 or, respectively, in the cloud 18) with an identifier of the first person 23, thereby resulting in an unambiguous credential and electronic key for the first person 23.
  • step S2.1 the electronic pre-access credential is transmitted to the electronic locks of both common doors 5 and 9.
  • the transmitting could take place at the same time and is, according to the example depicted in Figure 2 , conducted via the communication network 20.
  • the electronic locks of the lock apparatuses 16 of the common doors 5 and 9 are configured, at the pre-access point in time, to unlock if the electronic pre-access credential is provided by the mobile device 19 of the first person 23, which configuration step is depicted by the reference S2.2.
  • step S3 the access management platform (or, respectively, in the data processing apparatus 17 or, respectively, in the cloud 18) send an application-installation invitation to the mobile device 19 of the first person 23.
  • the sending is preferably made via the communication network 20 on-line, for example via an e-mail sent to the first person 23.
  • a link can be included, enabling the first person 23 to, by following the link, download the mobile application, such as the Reviso Home App.
  • the first person 23 is enabled to then install and activate within step S3.1 the mobile application.
  • the electronic pre-access credential is receivable and storable within step S3.2.
  • the individual version of the mobile application could permit the first person 23 to automatically download and store the personal electronic pre-access credential which has before been generated in the access management platform (step S1.2).
  • Figure 4 shows a timing diagram illustrating an exemplary sequence of the steps of additionally giving the first person 23 a full-access, also to the private area 14 by enabling the first person 23 to be able to unlock the private door 7.
  • the sequence of steps is practically the same as the before described with respect to the diagram of Figure 3 , only with additional method steps. Accordingly, hereinafter, said additional steps will only be described.
  • the step S4.1 is performed by the suggested computer-implemented method.
  • a full-access activation request to assign an electronic full-access credential to the first person 23 is received.
  • the electronic full-access credential finally can grant the first person 23 the right to open the common doors 5 and 9 for accessing the common area 11 and 13, but additionally also the right to open the first private door 7 for accessing the private area 14, such as the new tenant's apartment.
  • step S4.2 the electronic full-access credential associated is generated with the (before-already-used) identifier of the first person 23.
  • the electronic full-access credential is transmitted to the electronic locks of the common doors 5 and 9 and also to the electronic lock of the first person's private door 7, thereby, at a full-access point in time after the pre-access point in time, configuring (step S5.2) the electronic locks to unlock if the electronic full-access credential is provided by the mobile device 19 of the first person 23.
  • the electronic full-access credential would only be transmitted to the first person's private door 7, since the common doors 5 and 9, or, respectively, their corresponding electronic locks or lock apparatuses 16 already have the electronic pre-access credential which still could guarantee the possibility to enter the respective common doors 5 and 9.
  • the steps S4.1, S4.2, S5.1, and S5.2 are already performed before, for example also already with the generation and transmission of the electronic pre-access credential.
  • the full-access credential at least is not sent or at least cannot be used by the first person 23 to open private doors 7 or 8 at the beginning already.
  • any of the common doors 5, 9, or 4, or 6 can be opened by the first person 23, and then, afterwards, the permission to open also private doors 7 and/or 8 might be given to the first person 23.
  • the full-access point in time could also be the moment when the electronic full-access credential is sent to the first person 23.
  • the electronic full-access credential is sent in step S6 to the mobile device 19 of the first person 23 using the mobile application installed thereon.
  • the electronic full-access credential is received and stored (step S6.1) in the mobile application, enabling the first person 23 to open also the private door 7 when presenting the electronic full-access credential to the private door's electronic lock (lock apparatus 16).
  • Figure 5 shows a timing diagram illustrating an exemplary sequence of the steps of additionally giving the first person 23 a full-access, also to the private area 14 by enabling the first person 23 to be able to unlock the private door 7, as an alternative to the sequence of steps as shown in Figure 4 .
  • the sequence of steps is practically the same as the before described with respect to the diagram of Figure 3 , only with additional method steps. Accordingly, hereinafter, said additional steps will only be described.
  • step S7.1 is performed by the suggested computer-implemented method.
  • step 7.1 the electronic pre-access credential before generated and already transmitted to the first person 23 is also transmitted to the electronic lock of the first person's private door 7, thereby, at a respective full-access point in time after the pre-access point in time, configuring (step S7.2) also the electronic lock of the first person's private door 7 to unlock if the electronic pre-access credential is provided by the mobile device 19 of the first person 23. Accordingly, the first person 23 then also has the right to open the private door 7 for accessing the private area 14, such as the new tenant's apartment.
  • the following step could be performed: receiving an extension for full-access request to adapt the electronic pre-access credential for the first person 23, thereby initiating the granting process of the right to open additionally to the common door(s) 5, 9 also the at least one private door 7.
  • Figure 6 shows a timing diagram illustrating several exemplary steps which can be part of the suggested sequences of steps for managing access to the managed residential building 2.
  • the steps can be combined with the before described embodiments.
  • the steps newly described with respect to Figure 6 do not need to be all combined.
  • single steps can be provided or combined with respect to the suggested embodiments.
  • the first person 23 is only to be allowed to open the common door 5 (and not anymore the common door 9), only by way of an example.
  • the pre-access point in time and/or the full-access point in time can be predefined within the access management platform.
  • the predefinition results in a predetermined condition related to the rental agreement information, in particular according to a date of a start of a rental agreement and/or according to a confirmation of payment, such as a payment of a rent and/or a deposit.
  • the first person 23 could be given the permission to access either the common area 11 or even the private are 7, according to the depicted embodiment, under said condition that a deposit has been paid for example.
  • the first person 23 can be given via only one entry within the access management platform the access right from a first date on to common area 11 and from a second date on to the private area 7.
  • step S9 the electronic pre-access credential (and/or according to another embodiment the electronic full-access credential) is stored in an access management platform whitelist. Furthermore, in step S10, it is verified if a used electronic pre-access credential (and/or a used electronic full-access credential) being transmitted from the electronic lock(s), corresponds to the electronic pre-access credential (and/or the electronic full-access credential) stored in the access management platform whitelist.
  • step S10 the step of transmitting (step S2.1, or S5.1, or S7.1) the pre-access credential (and/or the electronic full-access credential) to the electronic lock(s) and configuring (S2.1; S5.1; S6.1) the electronic lock(s) only is executed if the step of verification (step S10) is positive.
  • step S10 the steps depending on a positive verification have been depicted with dashed arrows and boxes in Figure 6 . Accordingly, a storage of the credentials in the electronic locks does not have to take place.
  • a online lock apparatus 16 needs to be provided or at least a lock apparatus 16 being able to permanently connect to the access management platform under a request of a person to enter the respective door.
  • entrance execution data is received via the communication network 20 from the electronic lock(s) and/or via a communication network 21 from the mobile application. Then, the entrance execution data is stored (step 11.2.) in the access management platform.
  • the entrance execution data can comprise a time of entrance information about when the electronic lock(s) is or has (are or have) been opened; and/or a user information about which electronic pre-access credential and/or which electronic full-access credential is or has been used to open the electronic lock(s); and/or a medium information about which mobile device 23 and/or which mobile application is or has been used to open the electronic lock(s).
  • the credential could also be added to a blacklist (not depicted) of the access management platform or of the electronic locks, wherein credentials entered in the blacklist have priority in comparison to credentials listed in the whitelist in a manner that a credential being in the blacklist cannot lead to opening the respective door.
  • a blacklist not depicted
  • the credential could also be added to a blacklist (not depicted) of the access management platform or of the electronic locks, wherein credentials entered in the blacklist have priority in comparison to credentials listed in the whitelist in a manner that a credential being in the blacklist cannot lead to opening the respective door.
  • the presented steps S2.1, S5.1 and/or S7.1 in terms of transmitting the pre-access credential and/or the electronic full-access credential to the electronic lock(s) can be executed via a direct communication via the communication network 20.
  • the steps S2.1, S5.1 and/or S7.1 in terms of transmitting the pre-access credential and/or the electronic full-access credential to the electronic lock(s) can be executed via an indirect communication by the step of: transmitting (step S12.1), at a first point in time, the pre-access credential (and/or the electronic full-access credential) to a manager's mobile device, in the particular example the mobile device 24 of the caretaker 25, thereby leading to a necessity of transmitting (in step S12.2), at a second point in time after the first point in time, the pre-access credential (and/or the electronic full-access credential) from the manager's mobile device 24 to the electronic lock(s).
  • This alternative of an indirect transfer of the credentials is depicted in Figure 6 with
  • the pre-access credential and/or the electronic full-access credential can be encrypted, preferably using asymmetric encryption.
  • asymmetric encryption is the Elliptic Curve Cryptography.
  • the credential(s) is (are) configured as being not readable by the mobile device 19 (or the mobile application) of the first person 23, but being only readable by the electronic lock(s) and/or the access management platform.
  • the credential(s) can be transmitted in encrypted form from the access management platform to the mobile device 19 (in particular the mobile application).
  • the credential(s) also remain(s) stored in an encrypted manner on the mobile device 19.
  • the credential(s) can then be also transmitted in encrypted form to the electronic lock at the moment of intention of access. Only at the electronic look, the credential(s) then is (are) decrypted in order to make the access decision by the verifying step.
  • the computer-implemented method further comprises the step of deactivating the right to open the common door(s) 4, 5, 6, and/or 9 and/or to open the private doors 7 and/or 8, preferably by:

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Lock And Its Accessories (AREA)
EP22192916.9A 2022-08-30 2022-08-30 Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus Pending EP4332920A1 (de)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP22192916.9A EP4332920A1 (de) 2022-08-30 2022-08-30 Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP22192916.9A EP4332920A1 (de) 2022-08-30 2022-08-30 Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus

Publications (1)

Publication Number Publication Date
EP4332920A1 true EP4332920A1 (de) 2024-03-06

Family

ID=83151705

Family Applications (1)

Application Number Title Priority Date Filing Date
EP22192916.9A Pending EP4332920A1 (de) 2022-08-30 2022-08-30 Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus

Country Status (1)

Country Link
EP (1) EP4332920A1 (de)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1024239A1 (de) * 1999-01-28 2000-08-02 International Business Machines Corporation Elektronisches Zugangskontrollsystem und Verfahren
US20180005143A1 (en) * 2016-06-30 2018-01-04 Alarm.Com Incorporated Scheduled temporary rental property access
US20210142601A1 (en) * 2019-11-08 2021-05-13 Latchable, Inc. Smart building integration and device hub

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1024239A1 (de) * 1999-01-28 2000-08-02 International Business Machines Corporation Elektronisches Zugangskontrollsystem und Verfahren
US20180005143A1 (en) * 2016-06-30 2018-01-04 Alarm.Com Incorporated Scheduled temporary rental property access
US20210142601A1 (en) * 2019-11-08 2021-05-13 Latchable, Inc. Smart building integration and device hub

Similar Documents

Publication Publication Date Title
US11625965B2 (en) Smart building integration and device hub
US10186097B2 (en) Movable barrier operator configured for remote actuation
US10192377B2 (en) Movable barrier operator configured for remote actuation
KR102085975B1 (ko) 도어락 정보 관리 시스템 및 그 구동방법
US9922480B2 (en) Method, system, and computer program product for establishing a temporary remote control association between a mobile device and a peripheral device
KR102019097B1 (ko) 코드표시를 통한 차량 출입통제 시스템 및 방법
KR101652181B1 (ko) 스마트기기를 이용한 공동 현관 출입문 개폐 시스템 및 그 방법
KR102336068B1 (ko) 도어락, 도어락 컨트롤 장치, 도어락 컨트롤 프로그램 및 도어락 관리 서버
EP4332920A1 (de) Verfahren und vorrichtungen zum verwalten des zugangs für ein verwaltetes wohnhaus
US20230072114A1 (en) Access control system and a method therein for handling access to an access-restricted physical resource
KR102339318B1 (ko) 공개키 기반 구조를 이용한 출입 통제 시스템
KR102344137B1 (ko) 시설물 사용자 인증 시스템 및 그 제어방법
KR20180045424A (ko) 숙박업소 스마트 출입 시스템
EP3553755B1 (de) Verfahren zur gewährung von zugang zu einem physischen raum
KR102019093B1 (ko) 코드표시를 통한 차량 출입통제 시스템 및 방법
TWI724572B (zh) 保管箱微定位身分確認系統及方法
JP7490237B2 (ja) 電気錠システム、電気錠装置、及び、プログラム
WO2024043835A1 (en) A system and method for sharing access to an electronic lock
JP2024523856A (ja) ドアロック管理者権限による連動設定方法
KR20220104526A (ko) 비콘 기반 출입 통제 시스템 및 그 제어 방법

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR