GB2262640A - Security installation and operating method - Google Patents

Security installation and operating method Download PDF

Info

Publication number
GB2262640A
GB2262640A GB9225194A GB9225194A GB2262640A GB 2262640 A GB2262640 A GB 2262640A GB 9225194 A GB9225194 A GB 9225194A GB 9225194 A GB9225194 A GB 9225194A GB 2262640 A GB2262640 A GB 2262640A
Authority
GB
United Kingdom
Prior art keywords
lock
release
signals
request
unlocking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9225194A
Other versions
GB9225194D0 (en
GB2262640B (en
Inventor
Michael Trevor Ralph
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intelligent Locking Systems Ltd
Intelligent Locking Systems Ltd
Original Assignee
Intelligent Locking Systems Ltd
Intelligent Locking Systems Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intelligent Locking Systems Ltd, Intelligent Locking Systems Ltd filed Critical Intelligent Locking Systems Ltd
Publication of GB9225194D0 publication Critical patent/GB9225194D0/en
Publication of GB2262640A publication Critical patent/GB2262640A/en
Application granted granted Critical
Publication of GB2262640B publication Critical patent/GB2262640B/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00912Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for safes, strong-rooms, vaults or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • G07C2009/00793Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by Hertzian waves

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Lock And Its Accessories (AREA)

Abstract

A security installation (10), such as a cash carry van or depot, is fitted with one or more locks (14, 15) of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock. To avoid forced or willing cooperation of personnel at the security installation (10) enabling ready unlocking of the locks (14, 15). the security installation includes first communication means (19) for transmitting a request to a remote station (20) that a particular lock (14, 15) be enabled for unlocking, second communications means (19) for receiving release signals provided by said remote station (20) in response to said request, and transfer means (16) for transferring the release signals from the second communications means (19) to the lock concerned. The transfer means (16) are such as to keep from personnel present at said security installation (10), the identity of the release signals corresponding to a lock release code otherwise than for servicing the current request. This arrangement enables personnel at the remote station (20) to verify that the lock release request is a legitimate one and either prevents the personnel at the installation from knowing any release code at all or only makes a release code accessible to such personnel for servicing an already-verified request. <IMAGE>

Description

SECURITY INSTALLATION AND OPERATING METHOD The present invention relates to a security installation such as a mobile cash carry van or a fixed depot, and a method of operating the installation as part of an integrated security system.
It is known to provide security installations with a plurality of lockable closure members that may be external doors and/or internal locker doors. It is also known to provide such closure members with a lock of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock. As used herein, the term "enabled for unlocking" is intended to cover both the case of the lock automatically unlocking following receipt of release signals corresponding to the release code and the case where a further local input is required to effect unlocking following receipt of the release code.
In known security installations of the form considered above, personnel at the installation can gain access to the release code. As a consequence, the security of the installation can be prejudiced by the forced or willing participation of such personnel.
Thus, where the installation is a security cash carry van, armed robbers can gain access to the van and force the security guards to open the cash-carrying lockers.
It is an object of the present invention to provide a security installation where forced or willing participation of local personnel does not prejudice the security of the installation.
According to one aspect of the present invention, there is provided a security installation comprising a closure member which can be opened from a closed position, and a lock for physically locking the closure member in its closed position, said lock being of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock, the security installation further comprising: - first communication means for transmitting a request to a remote station that said lock be enabled for unlocking, - second communication means for receiving release signals provided by said remote station in response to said request, and - transfer means for transferring the release signals from the second communications means to said lock; the transfer means being such as to keep from any person present at said security installation, the identity of the release signals corresponding to said release code otherwise than for servicing the current request.
This arrangement enables personnel at the remote station to verify that the lock release request is a legitimate one before the release signals are transmitted. Furthermore, personnel at the security installation cannot initiate lock opening themselves as the release code is either not made known to them at all or is only made known in a form valid solely for the current request.
Advantageously, to keep the release code secret, the release signals are encrypted signals and the lock is provided with decryption means holding a decryption key for decrypting release signals intended for the lock.
However, encryption by itself does not prevent the release signals being recorded and later replayed to release the lock on an unauthorised occasion. To meet this threat, the release code known to the lock preferably comprises a sequence number which is changed in a predetermined manner for successive unlockings of the lock whereby the release signals enabling unlocking of the lock differ for each unlocking. If the manner of changing of the sequence number is programmed into the lock and known only at the remote station, then personnel at the security installation cannot effect unauthorised locking even if the current release code is made known to them.Sending the release code uncrypted does, however, leave open the possibility that the predetermined manner of changing of the sequence number can be worked out from a record of prior codes; this possibility can be avoided by encrypting the release codes.
Generally, the security installation will comprise a plurality of locks of said type each enabled for unlocking by respective release signals, said first communication means being operative to permit any desired one of the locks to be identified for unlocking.
In this case, the release code known to the lock can be made different for each lock or, where encryption is used, the release code known to the lock may be the same for each lock and the decryption key associated with each lock made different.
Preferably, each lock includes means for changing the release code known to the lock in response to an external input. Where encryption is used, the or each lock may include means for changing the decryption key in response to an external input.
Generally, the transfer means for transferring the release signals from the second communications means to a lock, will take the form of a communications system transferring the release signals in digitally-encoded form without the intervention of a human operator. However, the transfer means may alternatively take the form of a hand-portable device that can be interfaced both with said second communication means to receive and store the release signals, and with the lock for transferring the stored release signals thereto, the hand-portable device being movable between the second communication means and the lock by a human operator.In face, in arrangements where knowledge of the release signals for servicing the current request are of no use for effecting subsequent unlocking of the lock, the transfer means may simply comprise output means (such as a digital display) operatively connected to the second communications means to generate a human discernible output representative of the release signals, and input means (such as a key pad) operatively connected to the lock and by which a human operator can input the release signals to the lock.
The security installation may be one of a plurality of such installations that together with a central station, form an integrated security system (the central station serving as the remote station referred to above). The central station will comprise receiving means operative to receive a request for the, or one of the, locks to be enabled for unlocking, and transmitting means for transmitting release signals appropriate for the lock in respect of which a request has been made, the transmitting means being such that following receipt of a said request by the receiving means, the appropriate release signals are transmitted only after the transmitting means has been provided with an input generated independently of the received request.
According to another aspect of the present invention, there is provided a method of operating a security installation that comprises a closure member which can be opened from a closed position, and a lock for physically locking the closure member in its closed position, said lock being of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock; said method comprising the steps of: - transmitting a request to a remote station that said lock be enabled for unlocking, - receiving release signals provided by said remote station in response to said request, and - transferring the release signals from the second communications means to said lock in a manner such as to keep from any person present at said security installation, the identity of the release signals corresponding to said release code otherwise than for servicing the current request.
A security system embodying the present invention will now be particularly described, by way of non-limiting example, with reference to the accompanying diagrammatic drawings, in which: Figure 1 is a diagram showing a central station and remote installation of the security system; and Figure 2 is a functional block diagram showing in more detail the parts of the Figure 1 system for exchanging encrypted messages between the central station and locks of the remote installation.
The security installation shown in Figure 1 comprises a central station 20 and a remote installation 10. The security system may be provided with a plurality of installations 10 and these installations may be mobile (for example, cash carry vans) or static (for example, depots). The central station 20 and the remote installation 10 can intercommunicate over a network 21. The network 21 provides for two-way digital communication and may, for example, be constituted by a secure mobile radio network. This network provides for the secure and reliable transmission of message between the central station 20 and the remote installation 10. Such networks are known in the art and the network 21 will therefore not be further described herein.
The remote installation 10 comprises a plurality of lockable closure members including two external doors 11,12 and locker doors 13A, 13B, 13C and 13D or a bank of lockers 13. Associated with each closure member 11,12,13 is a lock for physically locking the closure member in its closed position; each lock comprises a lock mechanism 14 and a lock control unit 15.As shown in the enlarged portion of Figure 1, the lock mechanism comprises a mechanical bolt 25 for physically locking the associated closure member, a bolt actuator 26 for moving the bolt 25 between its locking and unlocking positions and a lock status sensor 27 for sensing when the bolt is in its locked position and the associated closure member is shut (in these circumstances the lock is taken to be locked whereas if either the bolt is in its unlocked position or the associated closure member is open, the lock is taken to be unlocked).
The bolt actuator 26 is controlled by the associated lock control unit 15 which is also fed with the output of the corresponding sensor 27. The lock control units 15 of all the locks are connected to a common network 16 which is connected to a master unit 17 of the remote installation 10. Each of the locks may be individually enabled for unlocking by appropriate release signals fed from the master unit 17 to the lock control 15 of the lock it is desired to unlock. If the release signals correspond to a release code known to the lock control unit of the lock concerned, then this unit enables the lock for unlocking.In the present example, the lock control unit 15 upon detecting release signals corresponding to its release code, directly commands the bolt actuator 26 to move the bolt 25 into an unlocked position; however, it is also possible to arrange for the lock control unit simply to set the lock in a state in which a local manual input is sufficient to complete the unlocking process.
The lock control units 15 are made tamper proof, for example, either by embedding in the structure of the closure member themselves or by the provision of a housing which, if tampered with destroys any record of the lock release code held in the unit.
The master unit 17 is also preferably made tamper-proof.
The master unit 17 is fed with the status of each lock by the lock control unit 15 of the lock. The master unit 17 keeps a record of the current status of the locks and may be arranged to only permit one lock to be unlocked at a time or, alternatively, to delay the opening of a lock to occur no sooner than a predetermined time after the locking of a preceding lock.
When it is desired to unlock a particular lock, personnel at the remote installation 10 input a lock identity code LID to the master unit 17, this code serving to identify the particular lock which it is desired unlock. The master unit 17 does not, however, immediately send appropriate release signals to the lock concerned as the master unit 17 does not, in fact, have knowledge of the necessary release codes for the locks.
Instead, the master unit 17 passes a release request via a transceiver unit 19 and the network 21 to the central station 20.
A lock release request transmitted over the network 21 is received by a transceiver unit 22 of the central station 20 and is passed to a lock request control unit 23. The lock release signals necessary for unlocking a particular lock are known to the lock request control 23. However, before the release signals appropriate to the lock in respect of which a release request has been made, are transmitted from the central station to the remote installation 10, an opportunity is provided for verifying whether the release request is legitimate. Thus, for example, personnel at the central station may wish to verify that a cash carry van constituting the remote installation 10 is at a particular destination where the lock in respect of which a request has been made is intended to be unlocked.This verification can be effected in any appropriate manner, for example, by means of a telephone call to the destination concerned (for example, to staff at a Bank where the cash carry van is supposed to be delivering cash). Once staff at the central station 20 are satisfied that the lock release request is legitimate, the lock request control unit 23 is operated to cause the appropriate release signals to be transmitted from the central station 20 via the transceiver 22 and the network 21 to the remote station 10 where the release signals pass via the transceiver 19 to the master unit 17. The release signals are then transferred out by the master unit 17 over the network 16.The release signals may be addressed solely to the particular lock concerned or may be passed to all locks - in this latter case, assuming that the locks have different release codes, only the lock in respect of which the release request has been made will identify the release signals as corresponding to its release code.
It will be appreciated that the foregoing security system does not require that personnel at the remote installation 10 have any knowledge of the release signals necessary to unlock any of the locks at the remote installation. As a result, robbers cannot force personnel at the remote installation to directly open the locks but can only get them to make a lock release request; the making of such a request will set in train a verification process which will generally thwart the robbers.
It will, however, be apparent that although the release codes are not available in a once off situation, except after verification by the central station that a request is legitimate, observation/access to the remote installation over a period spanning at least one prior unlocking of a lock could provide robbers with knowledge of the release signals necessary to unlock the locks. Thus, for example, if a person legitimately having access to the remote installation intended to illegitimately open one of the locks without going through the verification procedure, that person could access the network 16 to ascertain the identity of the release signals giving rise to unlocking of a particular lock.
The fact that the release signals can be monitored means that they can also be recorded and later replayed. It is therefore not enough simply to encrypt the release signals for transfer over the network 16 since a skilled person could simply play back the encrypted release signals over the network 16 to release a particular lock. The Figure 2 embodiment of the Figure 1 provides a way in which this threat to the security system may be overcome. The approach used by the Figure 2 implementation uses the concept of sequence numbers to ensure that the release signals required to operate a lock differ between successive unlockings.
Turning now to consideration of Figure 2, this Figure shows the functional elements of one of the lock control units 15, of the master unit 17 and of the lock request control unit 23.
The lock control unit 15 includes a lock status circuit 30 which is fed with the output of the sensor 27 of the corresponding lock mechanism. The lock status circuit 30 detects any change in the status of the lock and, upon detecting such a change, causes a lock status update message to be passed over the network 16 to the master unit 17 to update a table of current lock status held in a lock request control unit 55. The generation of the lock status update message in the lock control unit 15 is effected as follows. Upon a change in lock status, the lock status circuit 30 feeds the lock identity and the new lock status to a multiplexer 32 where it is formed into a message together with a sequence number S3 output from a sequence number generator 31. This generator is arranged to output a new sequence number each time the lock status circuit 30 detects a change in lock status.In the present embodiment, the sequence numbers output by the sequence number generator 31 simply increment by one each time, although it will be appreciated that the sequence numbers may change in a different predetermined manner. Once the lock identity, lock status and sequence number have been assembled into a message by the multiplexer 32, the message is passed through an encryption unit 33 where it is encrypted under a cypher key CK held in a store 34.
The encrypted message is then output to a bus transceiver 35 for transmission over the network to the master unit 17, an appropriate destination address being associated with the message by the transceiver 35.
At the master unit 17 the lock status update message is received by a bus transceiver 50 and passed to a description unit 51 which is supplied with the same cypher key CK as used by the lock control unit 15 to encrypt the message, the cypher key being stored in the master unit 17 in a store 52. The decrypted lock status update message is then passed to a sequence check circuit 53 where the sequence number S3 contained in the message is examined to ascertain whether or not it corresponds to the expected sequence number S3, the latter being held in a store 54,. If the sequence number of the message corresponds to that held in the store 54, then the lock status update message is passed on to the lock request control unit 55 and the sequence number held in the store 54 is incremented to indicate the next-expected sequence number for messages received over the network 16 from the locks.
The lock status update message is then used by the unit 55 to update its table of lock status.
When personnel at the remote installation wish to unlock a particular lock, the identity LID of the lock concerned is input into the master unit 17 and is passed to the lock request control unit 55. On receiving this request to unlock a particular lock, the lock request control unit 55 checks its lock status table to ascertain whether any other locks are currently open. If this is the case, the unit 55 may either refuse the new request (if it had been programmed to allow only one lock to be opened at a time), may delay actioning the request (if the unit 55 has been programmed to permit release of a lock no sooner than a predetermined time after the last lock release), or may immediately action the lock release request by transmitting a release request message to the central station 20.
The transmission of a release request message is effected as follows. The lock request control unit 55 outputs the identity of the lock it is wished to unlock to a multiplexer 57 where it is assembled into a lock release message together with a sequence number S1 provided by a sequence number generator 56. This generator 56 outputs a new sequence number, incremented by one from the last output number, on request from the unit 55. The release request message assembled by the multiplexer 57 is output to an encryption unit 58 where it is encrypted under the cypher key CK held in the store 52. The encrypted release request message is then passed to the transceiver 19 for transmission over the network 21 to the central station 20 where it is received by the transceiver 22 of that station.
The release request message received by the transceiver 22 is then processed in a decryption circuit 60 supplied with the cypher key CK from a store 61. The decrypted message is next processed in a sequence check circuit 62 which examines the sequence number S1 contained in the message to check that it corresponds to the next expected sequence number S1, this latter being held in a store 63. If the sequence number checks out, then the release request message is passed to a lock request output circuit 64 and the sequence number held in the store 63 is incremented. The output 64 is arranged to indicate to an operator in the central station 20 that a request has been made to open a particular lock (assuming that the locks are uniquely identified throughout the security system, it will be apparent from the lock identity which remote installation is involved).
The operator at the central station 20 then carries out whatever verification procedures are appropriate.
Assuming that the verification is satisfactory, the operator then inputs the release code appropriate for the lock concerned, this input being passed to an input circuit 65.
Thereupon, the input circuit 65 causes a release message to be assembled and transmitted to the remote installation. This message is assembled as follows. the input circuit 65 passes the release code to a multiplexer 67 where it is assembled together with a sequence number S2 provided from a sequence number generator 66. This generator 66 outputs a new sequence number, different from the last preceding number, under the control of the circuit 65. The release message assembled by the multiplexer 67 is then passed through an encryption unit 68 where it is encrypted under the cypher key CK held in the store 61. The encrypted release message is next fed to the transceiver unit 22 where it is transmitted via the network 21 to the remote installation 10.
The encrypted release message is received by the transceiver 19 of the remote installation 10 and passed to the master unit 17. However, the message is not decrypted by the master unit 17 but is passed direct to the bus transceiver 50 and is transmitted out over the network 16 to all the locks (this is achieved by associating a destination address with the message that indicates that all the locks are to receive the message.
On receiving a message over the network 16, the bus transceiver 35 of the lock control unit 15 passes the message to a destination check circuit 36. If the destination address associated with the message indicates that the message was intended for the master unit (that is, it was a lock status update message output by another one of the lock control units 15) the destination check circuit 36 takes no action other than to provide an increment signal to the sequence number generator 31 - this is necessary so that the sequence number S3 held by the generator 31 is incremented as frequently as the sequence number S3 held in the store 54 of the master unit 17.If, however, the destination check circuit determines that the message received over the network 16 is one intended for the locks (that is, it is a release message), then it forwards the message to a decryption circuit 37 where it is decrypted according to the cypher key CK held in the store 34. The decrypted release message is then passed to a sequence check circuit 39 where the sequence number S2 contained in the message is compared with the value of S2 held in a store 38, this being the next expected release message sequence number. Assuming that the sequence number checks out, the release message is passed to a check code circuit 40 and the sequence number stored in the store 38 is incremented.Note that all the locks receive the release messages and increment their stored value of the sequence number S2 regardless of whether or not the release message is finally intended to unlock the lock.
The check code circuit 40 then examines the release code held in the release message and compares its value to the value of a release code held in the store 41. If the two codes correspond, the circuit 40 outputs an enabling signal to the bolt actuator 26 of the associated lock mechanism 14.
The use of sequence numbers in the Figure 2 arrangement means that should anyone have access to the network 16 over a prolonged period, it will be of little assistance to them in achieving unverified unlocking of a lock of the remote installation. More particularly, simply recording and playing back a release message will be of no use since the sequence number contained in the message will not correspond to the next expected sequence number. Furthermore, the fact that the release messages are encrypted means that it is not possible to ascertain the identity of each sequence number with a view to predicting the next such number and, even if the next sequence number was known, it would not be possible to construct an encrypted release message because the appropriate cypher key would not be known.
Many variations are, of course, possible to the security system of Figures 1 and 2.
Thus, for example, it would be possible to arrange for each lock control unit 15 to have its own cypher key; in this case, the release code may be the same for every lock because now only the lock with the cypher key necessary to decrypt the release message will correctly decrypt the message and produce the release code. Such an arrangement does, of course, require the central station to contain a record of the cypher keys associated with each lock and to use the appropriate cypher key when sending a release message to unlock a particular lock.
Furthermore, since given enough time any encryption system can be cracked, provision is preferably made to change the cypher keys at periodic intervals. In known manner this provision may involve a hierarchy of cypher keys by which a key at a higher level is used to transmit a key at a lower level encrypted under the higher level key until at the bottom of the hierarchy, the lowest level keys are used for the transmission of messages.
Provision may also be made for changing the release codes held in the store 41.
Although the transfer of release messages from the master unit 17 to the lock control unit 15 has been described as being effected by a communications network 16, this is not essential and, for example, a hand-portable device could be used (for example, a plastic card bearing a magnetic strip) to which the release message is written by the master unit 17, the device then being transferred by hand to the appropriate lock and the release message then read off from the device into the lock. Indeed, with the basic encryption and sequence number arrangement shown in Figure 2, there is no risk to security if personnel at the remote installation transfer the release message from the master unit 17 to a lock simply by remembering a code displayed by the unit and representing the current release message.

Claims (14)

1. A security installation comprising a closure member which can be opened from a closed position, and a lock for physically locking the closure member in its closed position, said lock being of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock, the security installation further comprising:: - first communication means for transmitting a request to a remote station that said lock be enabled for unlocking, - second communication means for receiving release signals provided by said remote station in response to said request, and - transfer means for transferring the release signals from the second communications means to said lock the transfer means being such as to keep from any person present at said security installation, the identity of the release signals corresponding to said release code otherwise than for servicing the current request.
2. A security installation according to Claim 1, wherein said release signals are encrypted signals and the lock includes decryption means provided with a decryption key for decrypting release signals intended for the lock.
3. A security installation according to Claim 1 or Claim 2, wherein said release code known to the lock comprises a sequence number which is changed in a predetermined manner for successive unlockings of the lock whereby the release signals enabling unlocking of the lock differ for each unlocking.
4. A security installation according to any one of the preceding Claims, further comprising one or more further locks of said type each enabled for unlocking by respective release signals, said first communication means being operative to permit any desired one of said locks to be identified for unlocking.
5. A security installation according to Claim 4 , wherein the said release code known to the lock is different for each said lock.
6. A security installation according to Claim 4 when directly or indirectly dependent on Claim 2, wherein the said release code known to the lock is the same for each lock, the decryption means provided in each lock operating according to a different respective decryption key.
7. A security installation according to any one of the preceding claims, wherein the or each said lock includes means for changing the said release code known to the lock in response to an external input.
8. A security installation according to claim 2 or Claim 6, wherein the or each said lock includes means for changing the said decryption key in response to an external input.
9. A security installation according to any one of claims 1 to 8, wherein said transfer means takes the form of a communication system for transferring said release signals from the second communications means to said lock in digitally-encoded form without the intervention of a human operator.
10. A security installation according to any one of claims 1 to 8, wherein said transfer means comprises a hand-portable device that can be interfaced both with said second communication means to receive and store said release signals, and with said lock for transferring the stored release signals thereto, the hand-portable device being movable between said second communication means and said lock by a human operator.
11. A security installation according to any one of claims 1 to 8, wherein said transfer means comprises output means operatively connected to said second communications means to generate a human discernible output representative of said release signals, and input means operatively connected to said lock and by which a human operator can input said release signals to the lock.
12. A security installation according to Claim 4, further comprising coordinating means connected to all said locks and operative to prevent or delay the unlocking of any lock when another one of the locks is already unlocked.
13. A security system comprising a central station and at least one security installation of a form according to any one of the preceding claims, said central station serving as said remote station referred to in said claims and comprising receiving means operative to receive a request for the, or one of the, said locks to be enabled for unlocking, and transmitting means for transmitting release signals appropriate for the lock in respect of which a request has been made, the transmitting means being such that following receipt of a said request by the receiving means, the appropriate release signals are transmitted only after the transmitting means has been provided with an input generated independently of the received request.
14. A method of operating a security installation that comprises a closure member which can be opened from a closed position, and a lock for physically locking the closure member in its closed position, said lock being of a type which is arranged to receive release signals and which is enabled for unlocking by those signals when the lock recognises the signals as representing a release code known to the lock; said method comprising the steps of: - transmitting a request to a remote station that said lock be enabled for unlocking, - receiving release signals provided by said remote station in response to said request, and - transferring the release signals from the second communications means to said lock in a manner such as to keep from any person present at said security installation, the identity of the release signals corresponding to said release code otherwise than for servicing the current request.
GB9225194A 1991-12-21 1992-12-02 Security installation and operating method Expired - Lifetime GB2262640B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB919127215A GB9127215D0 (en) 1991-12-21 1991-12-21 Security installation and operating method

Publications (3)

Publication Number Publication Date
GB9225194D0 GB9225194D0 (en) 1993-01-20
GB2262640A true GB2262640A (en) 1993-06-23
GB2262640B GB2262640B (en) 1995-05-31

Family

ID=10706707

Family Applications (2)

Application Number Title Priority Date Filing Date
GB919127215A Pending GB9127215D0 (en) 1991-12-21 1991-12-21 Security installation and operating method
GB9225194A Expired - Lifetime GB2262640B (en) 1991-12-21 1992-12-02 Security installation and operating method

Family Applications Before (1)

Application Number Title Priority Date Filing Date
GB919127215A Pending GB9127215D0 (en) 1991-12-21 1991-12-21 Security installation and operating method

Country Status (1)

Country Link
GB (2) GB9127215D0 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0740037A1 (en) * 1995-04-28 1996-10-30 Hewlett-Packard Company Security device
NL1014482C2 (en) * 2000-02-24 2001-09-07 Pin Lock Internat B V Device and method for timely storage of electronically ordered goods comprises number of storage locations, each with closure and locking devices, processors and at least one central operating unit
GB2362188A (en) * 2000-05-11 2001-11-14 Michael Trevor Ralph Security system for lockable enclosures
WO2002005228A2 (en) * 2000-07-06 2002-01-17 Andrew Holding Secure home delivery system
WO2004079666A1 (en) * 2003-03-04 2004-09-16 Microdevice S.R.L. Device with remotely controllable safety lock
GB2443633A (en) * 2006-11-08 2008-05-14 Drop Ltd Remotely enabled lock
WO2009056900A1 (en) * 2007-11-02 2009-05-07 Ismet Yesil A method for opening a vault or safe responsive to a security code transmitted by a remote host computer
WO2010040867A1 (en) * 2008-10-06 2010-04-15 Talleres De Escoriaza, S.A Programmable electronic access control system with "on line" updating without cables

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0740037A1 (en) * 1995-04-28 1996-10-30 Hewlett-Packard Company Security device
NL1014482C2 (en) * 2000-02-24 2001-09-07 Pin Lock Internat B V Device and method for timely storage of electronically ordered goods comprises number of storage locations, each with closure and locking devices, processors and at least one central operating unit
GB2362188B (en) * 2000-05-11 2004-01-21 Michael Trevor Ralph A security system
GB2362188A (en) * 2000-05-11 2001-11-14 Michael Trevor Ralph Security system for lockable enclosures
GB2364413B (en) * 2000-07-06 2004-02-11 Andrew Christopher Holding Secure home delivery system
WO2002005228A3 (en) * 2000-07-06 2002-10-17 Andrew Holding Secure home delivery system
WO2002005228A2 (en) * 2000-07-06 2002-01-17 Andrew Holding Secure home delivery system
WO2004079666A1 (en) * 2003-03-04 2004-09-16 Microdevice S.R.L. Device with remotely controllable safety lock
GB2443633A (en) * 2006-11-08 2008-05-14 Drop Ltd Remotely enabled lock
GB2443633B (en) * 2006-11-08 2011-07-27 Drop Ltd Lock
WO2009056900A1 (en) * 2007-11-02 2009-05-07 Ismet Yesil A method for opening a vault or safe responsive to a security code transmitted by a remote host computer
WO2010040867A1 (en) * 2008-10-06 2010-04-15 Talleres De Escoriaza, S.A Programmable electronic access control system with "on line" updating without cables
ES2340754A1 (en) * 2008-10-06 2010-06-08 Talleres De Escoriaza, S.A Programmable electronic access control system with "on line" updating without cables

Also Published As

Publication number Publication date
GB9127215D0 (en) 1992-02-19
GB9225194D0 (en) 1993-01-20
GB2262640B (en) 1995-05-31

Similar Documents

Publication Publication Date Title
CN1820482B (en) Method for generating and managing a local area network
US5120939A (en) Databaseless security system
CA2467911C (en) Portable device and method for accessing data key actuated devices
US5321242A (en) Apparatus and method for controlled access to a secured location
US4944008A (en) Electronic keying scheme for locking data
JP4890248B2 (en) Control access to a given area
CN100387798C (en) Electric key and electric lock device and realization method thereof
US5144667A (en) Method of secure remote access
KR100611502B1 (en) Key and lock device
CN105869246A (en) Intelligent unlocking system and method thereof
KR102282633B1 (en) Method of linkage certification between railway control system and multiple radio-blocking devices
RU2078894C1 (en) System for protection of documents of valuable objects
WO1992003805A1 (en) Method for conducting a televote in a safe manner
GB2262640A (en) Security installation and operating method
EP0843439B1 (en) Data encryption technique
US20210233383A1 (en) Impeding unauthorized network infiltration at remote critical infrastructure facilities
CN114299645A (en) Encryption communication method for padlock of Internet of things
KR101599055B1 (en) a locking control apparatus using a password
CN110298939A (en) It locks the method for the function of electrical equipment and implements the electrical equipment of this method
US20200379734A1 (en) Tamper-resistant smart factory
KR100963802B1 (en) Digital Door Lock Using Wireless Signal and Control Method Thereof
JP2002123172A (en) Encryption apparatus, decryption apparatus, information management system and locking system
CN115867950A (en) Secure electronic lock system and method of use
RU2274899C2 (en) Portable device and method for accessing device activated by key data
US20110298584A1 (en) Securing a cash safe with a circuit

Legal Events

Date Code Title Description
727 Application made for amendment of specification (sect. 27/1977)
727A Application for amendment of specification now open to opposition (sect. 27/1977)
727B Case decided by the comptroller ** specification amended (sect. 27/1977)
PE20 Patent expired after termination of 20 years

Expiry date: 20121201