GB2359914A - A method of selectively granting or barring access in a token controlled access system - Google Patents
A method of selectively granting or barring access in a token controlled access system Download PDFInfo
- Publication number
- GB2359914A GB2359914A GB0004963A GB0004963A GB2359914A GB 2359914 A GB2359914 A GB 2359914A GB 0004963 A GB0004963 A GB 0004963A GB 0004963 A GB0004963 A GB 0004963A GB 2359914 A GB2359914 A GB 2359914A
- Authority
- GB
- United Kingdom
- Prior art keywords
- card
- token
- access
- access control
- barring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/21—Individual registration on entry or exit involving the use of a pass having a variable access code
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Lock And Its Accessories (AREA)
Description
2359914 1 A Method of Selectively Granting and Barring Access and
Apparatus Therefor This invention relates to a method of selectively granting and barring access to specific users in a token controlled access system and to apparatus employing the method.
A common requirement for security systems is to control access to areas and allow access only to authorised persons.
One known approach is to control access to an area by having doors or other accessways into the area locked by electronically operated locks. An access control unit is situated adjacent each door and will unlock the locks and allow access to the area only when an access control card is inserted into the unit.
Generally, the access control cards are smart cards or magnetic stripe cards or barcode cards carrying encoded information identifying them as legitimate access control cards together with a unique identifying number identifying the specific access control card.
When it is necessary to authorise access for new users the access control unit is informed of the numbers of the cards which are newly authorised to allow access to the area and these numbers are added to a listing of authorised cards in a memory within the access control unit. Similarly, when it is necessary to deny access to a specific user the access control unit is informed of the number of the card to no longer be given access and this card number is deleted from the listing of authorised cards held in the memory within the access control unit.
In principle, adding and removing users in such an access control system is simple. However, there are considerable practical difficulties in implementing and operating such a system.
Where the individual access control devices are connected in a network to a master controller, granting and removing access to new users is relatively simple because this can be carried out centrally at the control system where the identifying numbers of cards to be given access or denied access can be entered, for example through a keyboard.
However, in order to minimise set up and operating costs for an access control system many systems employ stand alone access control units so that the identifying 2 numbers of cards to be granted or denied access must be separately provided to each of the access control units.
Many installations require a large number of separate access control units and it is normal for the access control units to be situated in unsupervised locations. Accordingly, it is necessary to keep the individual cost of the access control unit as low as possible and to minimise the vulnerability of the access control unit to attempts to override its programming to allow access to unauthorised individuals or to straightforward vandalism. Accordingly, it is normal for the access control units to have only a read mechanism for access authorising cards together with read-out lights to show correct function. The provision of additional data entry means such as keyboards or interfaces to portable data carriers will increase expense, provide a data access route vulnerable to attempts to re-programme to allow unauthorised access and provide a target for vandalism.
Accordingly, the normal system used to update access control units to allow or deny access to specific cards is to employ a master or supervisor card together with the card to be granted or denied access.
In order to allow access to a user, the supervisor card is placed in the card reading mechanism of the access control unit and then removed within a threshold time to place the access control unit into a learning mode. The cards which are to be granted access are then placed in the card reader one after another and the number of each card placed in the reader while the access control unit is in learning mode is added to the list of authorised cards. Finally, the supervisor card is placed in the card reader again to return the access control unit to its normal operating mode.
A similar process is used to bar access to a card. The supervisor card is placed in the card reader and removed after a threshold time to place the access control unit in a card barring mode. The cards to be barred are then placed one after another in the card reader and their card numbers are deleted from the list of numbers granting access. Finally, the supervisor card is again placed in the card reader to return the access control unit to its normal operating mode.
Generally, there is no difficulty with granting access to cards by this system because it is simple to ensure that all of the necessary access control units learn that a 3 card is to be granted access before the card is issued to a user. Similarly, where the user is allowed access to some areas by the system and not others it is normally simple to have the user hand over their card or be present with their card in order to allow access to new areas to be granted. However, where it is necessary to bar access to a user this process can be difficult or impossible. Where a card has been lost so the user must be issued with a new card and the lost card barred to prevent unauthorised access the card to be barred is always unavailable. Further, in many situations where barring of a specific user is required it is common for the user to fail to cooperate through indifference or malice. Typical examples are departing employees failing to return cards before leaving, guests and delegates in hotels or conferences failing to return access cards before departure and the like.
In known systems of this type the procedure commonly used to avoid this difficulty is for cards to be generated in two complete sets. One set of cards is then issued for use while a duplicate set of cards is retained so that when a specific users access is to be barred but the users card is unavailable the duplicate card can be used instead.
The requirement to produce and store a duplicate set of cards is inconvenient and significantly adds to the costs of setting up and running the access control system. Further, the existence of a duplicate set of cards is itself a security problem and it is onerous and inconvenient to apply the necessary procedures to allow timely access to the stored duplicate cards when necessary without compromising their security.
This invention was made in an attempt to provide a method and apparatus for selectively granting and barring access in a card controlled system which would overcome these problems.
In a first aspect this invention provides a method of selectively granting or barring access in a token controlled access system where each token has an identifying number and access control apparatus is arranged for grant access in response to tokens having identifying numbers held in a memory of the access control apparatus, comprising the following steps:
selectively placing the apparatus in a token barring mode; presenting a token and storing the token identifying number of said token as a barring index number; 4 re-presenting said token a number of times and incrementing or decrementing the barring index number in response to each re-presentation; removing the barring index number from the identifying numbers held in the memory of the access control apparatus; removing the apparatus from the token barring mode.
In the barring method of the invention the incrementing or decrementing of the barring index number by re-presentation of a token allows any token to be barred without that token or a duplicate token being required. As a result, it is not necessary to obtain the original token to bar it or to produce and maintain a duplicate set of tokens for use in barring operations.
In a preferred arrangement a supervisor token is presented to the apparatus to selectively place the apparatus in a token barring mode and the supervisor token is represented to the apparatus to remove the barring index number from the identifying numbers held in the memory.
This allows the barring method of the invention to be entirely controlled by the presentation of tokens to the token controlled access system, so that no mechanism for control or data entry to the access control system is required other than the token reader which the system must have in any event. This provides the further advantage that the expense and complexity of the access control system is not increased and that no data entry route is needed which could be used to "hack" into the access control system and illicitly change the information or operating instructions within the access control system and so allow unauthorised access.
A preferred embodiment of the invention will now be described by way of example only, with reference to the accompanying Figure 1 which shows an access control unit suitable for carrying out the invention.
An access control unit 1 able to employ the invention is shown by way of example only in Figure 1.
The access control unit has a smart card read pad 2 on its upper surface together with three different colour LED's 4 to 6. Otherwise, the outer surface of the access control unit is a continuous strong sealed casing to prevent tampering.
In normal operation a first, green, LED 3 is continuously illuminated to show that the access control unit 1 is operating normally.
If the access control unit 1 is not operating normally a third red, LED 5 may be illuminated to show that there is a problem.
When a user wishes to gain access they place a contactless smart card carrying data identifying the smart card as an authentic access authorising card together with a unique identification number for that specific card against the card read pad 2.
The access control unit 1 contains an electromagnetic transmitting antenna which transmits a continuous electromagnetic signal at a relatively low power and a fixed frequency. When the smart card is in close proximity to the card read pad 2 this transmitted electromagnetic signal is received by an antenna within the access control card and used to power electronics within the card. The electronics within the access control card alter the impedance presented to the transmitted electromagnetic signal by the card in order to transmit digital data from the card to the access control unit 1. The access control unit 1 contains means for sensing the change of impedance caused by a nearby card and recovering and processing the transmitted digital data.
It will be appreciated by the reader that this is a general account of the method of operation of a specific type of contactless smart card system. Contactless smart card systems reading data from cards are very well known in their own right and the details of the actual method of operation of the smart card itself to transfer data between the smart card and the access control unit 1 is not regarded as part of the present invention. The person skilled in the art will easily be able to obtain details of suitable smart card reading systems from published sources.
The data identifying the access control card as a valid card is processed and compared with data held within the access control unit 1 to identify whether or not the access control card is a valid access control card. If the access control card is identified as a valid access control card the unique identifying number of the card is compared to a list of authorised cards held in a memory within the access control unit 1. If this number is found on the memorised list the access control unit 1 recognises the card as a valid and authorises access, transmits electronic signals to unlock the associated door and illuminates the second, amber, LED 4 to show that access has been allowed.
6 In the event that either the card is not identified as a valid access control card at all or the card is identified as a valid access control card but the card identifying number is not found on a list of authorised card numbers the access door is not unlocked and the red LED 5 is illuminated to indicate that access is denied.
In order to change the listing of card numbers allowed access held within the memory of the access control unit 1 and so allow the access control unit 1 to learn newly authorised cards or to bar cards to which access is to be denied a supervisor card is used.
When the supervisor card is placed adjacent to the card read pad 2 of the access control unit 1, data identifying the supervisor card as the supervisor card is transferred to the access control unit 1 in the same manner as for the normal access control cards.
It is preferred that the information identifying the supervisor card as a valid access control card should be the same as the other normal access control cards with the identification number of the supervisor card being the lowest possible card number allowed by the system and this identification number being recognised as the supervisor card in order to simplify the system. However, the supervisor card could have unique identifying information. In the preferred embodiment the supervisor card is allocated the number 1.
In order to place the access control unit 1 in a learning mode to allow the numbers of newly authorised access control cards to be added, the supervisor card 3hould be placed against the card read pad 2 and then removed again within five seconds. The access control unit 1 responds by entering a learning mode and illuminating the green and amber LED's 3 and 4 together to confirm that the learning mode has been entered.
The user then places the access control cards to be given access one after another onto the card read pad 2 and the access control unit identifies each of them in turn as a valid access control card and reads their identifying numbers. The identifying number of each card in turn is stored in a memory of the access control unit 1 and the LED's 3 and 4 link to confirin satisfactory reading and storage of the identification number of each access control card.
When all of the required access control cards have been read into the acce3s control unit 1 the supervisor card is again placed on the card read pad 2. The access 7 control unit 1 identifies the card as being the supervisor card and goes back to its normal operating mode.
When it is desired to bar an access control card the supervisor card is held against the card read pad 2 for greater than 10 seconds. The access control unit 2 responds by entering a delete mode and illuminates the green and red LED's 3 and 5 together to show that it is in a card barring mode.
If the access control card to be barred from the system is available this access control card is placed on the card read pad 2. The card is identified as a valid access control card and its identifying number read and held as a barring index number and a last card read number and the amber LED 4 is then flashed to confirm successful reading of the identifying number. Then, the supervisor card is re-presented to the read pad 2. Once the supervisor card is identified as the supervisor card the identifying number held as the barring index number is removed from the memory of the access control unit 1.
Where the card to be barred from the system is not available the procedure followed is for the supervisor card to be placed against the card read pad 2 for greater than 10 seconds to place the access control unit 1 into a barring mode. Then, an access control card having an identifying number lower than the identifying number of the card to be barred is placed against the card read pad 2. This card is identified as a valid access control card and its number is read and held by the access control unit 1 as a barring index number and a last card read number.
Then, the same access control card is placed on the card read pad 2 again and is again identified as a valid access control card and the number read- When the access control unit 1 identifies that the card number being read is the same as the last card read number so that a card having the same identification number has been presented again, the number held as the barring index number is incremented by This procedure is repeated as necessary until the barring index number is incremented to the desired card number to be barred. Then, the supervisor card is again placed against the card read-pad 2 and the card identifying number held as the barring index number is deleted from the list of authorised cards held in the memory of the access control unit 1.
8 If no lower numbered access control card is available, for example if the card to be barred is the lowest numbered access control card other than the supervisor card, or if a lower numbered access control card cannot be conveniently obtained, the supervisor card alone can be used to bar any numbered card as follows. First, the supervisor card is presented to the card read pad 2 for greater than 10 seconds to place the access control unit 1 in the delete mode. Then, the supervisor card is presented once and its number (1) is read and held as the barring index number and last read card number. The supervisor card is then represented as many times as necessary, for less than 5 seconds each time. The barring index number is incremented by one each time the supervisor card is presented for less than five seconds until the barring index number reaches the desired card number to be barred. The supervisor card is then presented for greater than 10 seconds to confirm that the card identifying number held as the barring index number should be deleted. The held barring index number is then deleted from the list of authorised access control cards held in the memory of the access control unit 1 and the access control unit 1 returns to its normal mode of operation.
A similar incrementing method to that described can be used to set the numbers of cards to be added to the list held by the access control unit and so authorised, but this is not usually necessary.
As explained above, the supervisor card is identified as being the supervisor card by the access control unit 1 in order to control the allowing and barring of access to other cards. The access control unit 1 may allow access in response to the supervisor card but it is normally preferred to employ the supervisor card to control grant and barring of access only in order to avoid accidentally placing the access control unit in the learning or delete mode when attempting to gain access using the supervisor card.
As explained above, it is preferred that the supervisor card be assigned an identifying number which can be used as the initial barring index number because this allows the supervisor card alone to be used to bar cards as explained above. However, the invention can be used in systems where the supervisor card is just identified as the supervisor card to control the system. In this case, the system could be arranged to default to a pre-selected barring index number in response to re-presentation of the supervisor card in order to allow cards to be barred by using the supervisor card only.
9 In theory, the inventive card barring procedure described above could, in systems where the supervisor card is assigned an identifying number, result in accidental barring of the supervisor card itself This may or may not be possible depending upon the way in which the identifying numbers are stored within the unit. If this is possible, an override instruction preventing deletion of the supervisor card identifying number should be included in the system operating instructions as a safety precaution.
In the example, an access control system operated by smart cards is described in which the cards are to be placed against a card reading pad so that their contents can be read.
It will be appreciated that there are numerous methods of reading contactless smart cards which could be used in such a system. In contactless smart card systems it is normal for the card to be readable within a small read volume around the reading apparatus so that strictly speaking, contact with the read pad may not be necessary. However, in practice it is usually convenient to provide a marked contact pad to ensure that the cards are placed within the reading volume for long enough for reliable data transfer to take place even though actual physical contact is not necessary.
The described embodiment employs smart cards and this is a term commonly used in the art. However, it will be understood that the physical form of the contactless data transfer devices could be other than a card such as a badge, key fob or tag. However, it is important that the reading volume within which the contactless data carriers can be read is precisely defmed so that the access control unit 1 can discriminate between contactless data carriers actually being presented to the access control unit and carriers simply being carried by the user.
Although the use of contactless data carriers such a smart cards is preferred the system is equally applicable to all types of media carrying a unique identifying number, such as cards or other media requiring conductive contact, magnetic swipe cards or optically read bar code cards.
In the described embodiment the supervisor card has the lowest possible number and re-presenting cards increments the provisional card number held by the access control unit 1 by one. It would of course be equally possible to have the supervisor card having the highest possible number and decrement the provisional card number. However, this is believed to be more prone to user error when cards must be represented several times to increment or decrement to the correct card number because it is believe that users are more likely to make mistakes when counting down than they are when counting up.
In the described embodiment the lowest possible number in the system assigned to the supervisor card is 1, the system would be equally applicable to systems where the lowest possible number were zero or some number greater than 1.
It is normal in systems assigning unique identifying numbers to access control cards for the cards to be numbered sequentially because this is the simplest and most convenient option. However, this is not essential. Where a system only allocates some i'dentif ying numbers it will be convenient for the provisional card number to be incremented or decremented to the next assignable card number rather than incrementing or decrementing by one in order to minimise the number of card presentations required.
In the described embodiment, the access control unit is placed in a learning mode or the card barring mode by presenting a supervisor card to the access control unit. As explained above, this is a particularly advantageous arrangement. However, other methods of placing the access control unit in the learning or card barring modes could be used. Examples of alternative methods includes inputting a supervisor code through a switch array or keyboard arrangement or use of a physical supervisor key to move a locked mode switch.
Similarly, other methods could also be used to cause deletion of the barring index number, or addition of an adding index number, to the list of numbers held in the memory and to return the access control unit to its normal mode of operation. However, as explained above, the use of a supervisor card to do this is particularly advantageous.
The invention is described above in terms of a system allowing access to an area by selectively unlocking doors. The invention is also applicable to other forms of token controlled access such as selective access to goods, services and information.
The described embodiment is one example of the invention only, and the skilled person will be able to envisage alternative arrangements.
11
Claims (8)
1. A method of selectively granting or barring access in a token controlled access system where each token has an identifying number and access control apparatus is arranged to grant access in response to tokens having identifying numbers held in a memory of the access control apparatus, comprising the following steps: selectively placing the apparatus in a token barring mode; presenting a token and storing the token identifying number of said token as a barring index number; representing said token a number of times and the barring index number in response to each re-presentation; incrementing or decrementing removing the barring index number from the identifying numbers held in the memory of the access control apparatus; removing the apparatus from the token barring mode.
2. A method according to claim 1, in which a supervisor token is presented to the apparatus to selectively place the apparatus in a token barring mode and the supervisor token is re-presented to the apparatus to remove the barring index number from the identifying numbers held in the memory.
3. A method according to claim 1 or claim 2 in which access can be granted by the following steps:
selectively placing the apparatus in a token access granting mode; presenting a token and storing the token identifying number of said token as a access granting index number; re-presenting said token a number of times and incrementing or decrementing the access granting index number in response to each re- presentation; adding the access granting index number to the identifying numbers held in the memory of the access control apparatus; removing the apparatus from the token access granting mode.
12
4. A method according to claim 3, in which a supervisor token is presented to the apparatus to selectively place the apparatus in a token access granting mode and the supervisor token is re-presented to the apparatus to add the access granting index number to the identifying numbers held in the memory.
5. A method according to claim 2 or claim 4, in which the supervisor token has an identifying number.
6. A method according to claim 5, in which the supervisor token has a lower identifying number than any other token and the barring index number is incremented in response to each re-presentation.
7. A method according to claim 5, in which the supervisor token has a higher identifying number than any other token and the barring index number is decremented in response to each re-presentation.
8. An access control system employing the method of any preceding claim.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0004963A GB2359914B (en) | 2000-03-01 | 2000-03-01 | A method of selectively granting and barring access and apparatus therefor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0004963A GB2359914B (en) | 2000-03-01 | 2000-03-01 | A method of selectively granting and barring access and apparatus therefor |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| GB0004963D0 GB0004963D0 (en) | 2000-04-19 |
| GB2359914A true GB2359914A (en) | 2001-09-05 |
| GB2359914B GB2359914B (en) | 2003-07-09 |
Family
ID=9886761
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0004963A Expired - Fee Related GB2359914B (en) | 2000-03-01 | 2000-03-01 | A method of selectively granting and barring access and apparatus therefor |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2359914B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1996019083A1 (en) * | 1994-12-11 | 1996-06-20 | Alliance Technologies | Access control system |
-
2000
- 2000-03-01 GB GB0004963A patent/GB2359914B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1996019083A1 (en) * | 1994-12-11 | 1996-06-20 | Alliance Technologies | Access control system |
Also Published As
| Publication number | Publication date |
|---|---|
| GB0004963D0 (en) | 2000-04-19 |
| GB2359914B (en) | 2003-07-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5089692A (en) | Electronic lock | |
| US3857018A (en) | Controlled access systems | |
| US5608387A (en) | Personal identification devices and access control systems | |
| US4095739A (en) | System for limiting access to security system program | |
| CA1240768A (en) | Multi-access security system | |
| USRE29259E (en) | Self re-keying security device | |
| US20090167485A1 (en) | Controller providing shared device access for access control systems | |
| AU4781590A (en) | Secure data interchange system | |
| JP2004528655A (en) | Frequency method | |
| JPH11280317A (en) | Access control system and access control method | |
| WO1987000233A1 (en) | Method of operating a security device | |
| WO2001042598A1 (en) | Key control system for electronic locks | |
| US5567926A (en) | Minibar system | |
| JPS60500340A (en) | Improved card reader for security systems | |
| EP0416792A2 (en) | Access control devices and systems incorporating such devices | |
| US4142097A (en) | Programmable keyboard sequencing for a security system | |
| EP0250101B1 (en) | Electronic locking devices | |
| GB2359914A (en) | A method of selectively granting or barring access in a token controlled access system | |
| CA2035638C (en) | Minibar system | |
| JP2717887B2 (en) | Access control system | |
| GB2446912A (en) | Access control having antipassback | |
| JP2008196154A (en) | Authentication equipment, mode switching card, control system for entrance into/exit from room, and authentication method | |
| JP2000356058A (en) | Passage control device | |
| KR200188799Y1 (en) | Apparatus for controlling entrance | |
| KR200214065Y1 (en) | A Control Apparatus for Locking &Unlocking System Utilizing Personal Identification Datas. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PCNP | Patent ceased through non-payment of renewal fee |