JP2013229031A - Access control device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To suppress an alarm for opening of a device cover in a normal work, such as maintenance, by a simple operation, and to surely give the alarm for improper act.SOLUTION: An access control device 10 is installed as a stand-alone device corresponding to a door comprising an electric lock, unlocks or locks the electric lock by card authentication, and manages entering/leaving information comprising user information, facility setting information, and operation history information. An alarm part 114 outputs an alarm when predetermined time has passed after detecting opening of a device cover by a tamper switch 46 regardless of whether the opening of the device cover is detected, but an alarm suppression part 116 suppresses an alarm action of the alarm part 114 on the basis of insertion and connection of a USB memory 11 into a USB port by a registered user.

Description

The present invention relates to an access control device that unlocks or locks an electric lock by authentication using identification information stored in a card or the like and manages entry / exit information, and in particular, installed corresponding to a door equipped with an electric lock. The present invention relates to a possible stand-alone access control device.

  2. Description of the Related Art Conventionally, in various facilities such as office buildings, an entrance / exit management system that manages entry / exit of people into a room has been used to ensure security. This entry / exit management system generally includes a control device having a web server function arranged in a management room, a control panel arranged in the vicinity of each room, a card reader arranged in the vicinity of a door in each room, And it is comprised with the electric lock etc. which are arrange | positioned at each door.

  When operating the system, identification information of users allowed to enter and exit each room is set in the access control device, and this identification information is uploaded to the control panel. When a user enters or exits each room, if the card on which his / her identification information is recorded is passed through the card reader, the identification information read by the card reader is transmitted to the control panel, and the identification information is collated by this control panel. Is called. If the identification information matches, the electric lock is unlocked and the user can enter and exit. If the identification information does not match, the electric lock is kept locked and the user enters and exits. Is rejected.

The entry / exit management information can be referenced and viewed by accessing the web server from a client machine connected by Ethernet (R) or the like.

JP 2002-298182 A JP 2001-020574 A JP 2006-251849 A JP-A-7-14077 JP 2005-314932 A JP 2005-242585 A

  However, such a conventional entrance / exit management system is intended for large facilities with a large number of rooms, such as large office buildings, and has access control with a web server function installed at the top. Data management of the control panel and card reader installed in each room via the network from the device is expensive and cannot be supported for installation in a small facility with a relatively small number of rooms. There's a problem.

  Therefore, in order to support simple entry / exit management for small-scale facilities, a stand that adopts data management functions such as offline data transfer using portable memory devices in addition to conventional network data management. Alone type access control devices are considered.

  Also, with conventional access control devices, the maintenance method using a browser via a network interface is the mainstream, but with stand-alone access control devices, a portable type is required to ensure system configuration and security. A method of storing information necessary for maintenance in a memory device and connecting to an access control device to perform maintenance is preferable.

  In this case, a lock is provided on the device cover so that it cannot be opened unless a key is used. Furthermore, in order to prevent the device cover from being forcibly opened due to damage caused by a rough violent crime, the opening of the device cover is detected by a tamper switch. Therefore, a tamper function for alarming will be provided.

  However, when the tamper function is provided, there is a problem that an alarm is issued even when the device cover is opened to perform maintenance work using a portable memory device. In order to suppress such a tamper alarm during maintenance, an alarm stop switch may be provided in the device. However, if the device cover is broken, the alarm cannot be activated by operating the alarm stop switch. If the device cover is closed without forgetting to return the alarm stop switch, there arises a problem that an alarm cannot be issued even if the device cover is subsequently opened due to breakage.

The present invention provides an access control device that can easily suppress an alarm for opening the device cover in regular work such as maintenance, and can reliably issue an alarm for unauthorized opening of the device cover such as device destruction. The purpose is to do.

The present invention is an access control device that is installed corresponding to a door provided with an electric lock, unlocks or locks the electric lock by authentication of identification information, and manages user information and entry / exit information.
An opening detection unit for detecting the opening of the locked, detachable device cover;
An alarm unit that outputs an alarm regardless of the presence or absence of the opening detection of the device cover when a predetermined time has elapsed since the detection of the opening of the device cover by the opening detection unit;
A connection port to attach and detach a portable memory device;
An alarm suppression unit that suppresses an alarm operation of the alarm unit based on an insertion connection of the portable memory device inserted and connected to a connection port;
It is provided with.

Here, the alarm unit continues the alarm output when the opening of the device cover is no longer detected during the alarm output, and the alarm suppression unit is successful when the authentication of the portable memory device inserted and connected to the connection port is successful In addition, the alarm output is suppressed before the predetermined time has elapsed, and the alarm is stopped when the alarm is being output.

  According to the present invention, when a user such as an authorized administrator opens the device cover and performs maintenance, the user always has, for example, a USB memory as a portable memory device. When a predetermined time elapses after detection by the open detection unit, if it is a legitimate user, the alarm can be suppressed by inserting and connecting the USB memory to the USB port inside the device during It is possible to prevent an alarm from being output unnecessarily by a simple operation.

  On the other hand, if an illegal action that destroys the device cover occurs, an alarm is issued after a predetermined time, and even if the tamper switch knob is pushed with a finger and the device cover is closed, the alarm is stopped. Therefore, it is possible to reliably continue warnings for fraudulent activities.

Also, anyone can obtain the USB memory, and it is also possible to insert the USB memory into the port in order to open the device cover illegally and suppress the alarm. Therefore, identification information unique to the USB memory used by authorized users For example, a serial ID is registered in advance, an alarm is suppressed by matching with the serial ID of the USB memory inserted and connected to the port, data acquisition using a USB memory other than the management USB memory, browsing, falsification, etc. It is possible to reliably prevent cheating.

Explanatory drawing which showed the external appearance of the access control apparatus by this invention Explanatory drawing which showed the front, cross section, and bottom face of the access control apparatus by this invention Explanatory drawing which removed the cover of FIG. 1 and showed the structure inside a main body The block diagram which showed the circuit structure of the access control apparatus by this invention Functional block diagram showing an embodiment of an access control device according to the present invention for performing offline data management using a USB memory The flowchart which showed the control processing in embodiment of FIG.

  FIG. 1 is an explanatory view showing the appearance of an access control apparatus according to the present invention. In FIG. 1, the access control device 10 is installed on a wall surface in the vicinity of a door corresponding to the door of each room provided with an electric lock.

  The access control device 10 is provided with a contactless card reader 18 at the top of the cover 12, and the user information stored in the card is read by holding the contactless card held by the user over here, The electric lock is unlocked when a collation match is obtained by comparison and collation with user information registered in advance, the door is opened to enter the room, and the electric lock is locked when it is detected that the door is closed.

  Various displays and switches necessary for access control are arranged below the non-contact card reader unit 18. On the panel surface of the cover 12, a card reading status indicator lamp 20, an electric lock unlock indicator lamp 22, a door lock indicator lamp 24, a warning indicator lamp 26, a fire indicator lamp 32, an alarm indicator lamp 34, and a fault indicator lamp 36 are displayed. A warning mode setting switch 28, a warning mode canceling switch 30, and a recovery switch 38 are provided as operation switches.

  The card reading status indicator 20 reads the card and lights in green if it is a valid card, and flashes red if it is invalid. The electric unlocking indicator light 22 is turned on when the electric lock is unlocked. The door lock indicator lamp 24 displays the state when an intruder is detected by a human sensor or a shutter sensor connected to the access control device 10 or when the door lock is not completed. The warning indicator lamp 26 displays a warning state of a crime prevention facility (security sensor) connected to the access control device 10.

  The alarm mode setting switch 28 is operated when the security sensor is shifted to the alarm mode.

  The alarm mode release switch 30 is operated when canceling the alarm mode of the security sensor.

  The fire indicator light 32 is turned on when a fire signal is received from the fire receiver as a representative fire signal.

  The alarm indicator lamp 34 is turned on when various alarm conditions such as an intruder, a fire, and contact information occur. The warning indicator lamp 34 is also turned on when the cover 12 is removed due to an illegal act such as destruction.

  The failure indicator lamp 36 is turned on when a failure occurs in the device itself, the system state or the communication state. The recovery switch 38 is operated to stop the alarm and release the alarm state latch when an alarm state such as a fire, warning or failure occurs.

  FIG. 2 is an explanatory view showing the front, cross-section, and bottom of the access control apparatus 10 shown in FIG. That is, FIG. 2A shows the front, FIG. 2B shows the cross section, and FIG. 2C shows the bottom.

  In FIG. 2, the access control device 10 according to this embodiment includes a main body 14 and a cover 12 that is detachably provided on the front side of the main body 14. A cylinder lock 16 is provided at the bottom of the main body 14, and the cover 12 can be removed from the main body 14 by unlocking the cylinder lock 16 using a key.

  FIG. 3 is an explanatory view showing the structure inside the main body with the cover of FIG. 1 removed. In FIG. 3, a circuit board 42 is disposed inside the main body 14 of the access control apparatus 10, and a USB memory removal switch 50, a history data writing switch 52, equipment as operation switches below the circuit board 42. A data read switch 54 and a date / time setting switch 56 are provided.

  The circuit board 42 is provided with a buzzer 48 and a tamper switch 46 for detecting the opening of the cover 12. A USB connector 60 is arranged on the right side of the circuit board 42, and a USB memory, which is a portable memory device, is connected from the right side of the main body 14 to perform data management offline. Information and facility management information are read and written.

  As shown by a broken line on the left side of the circuit board 42, a LAN connector can be connected as necessary, and the access control device 10 of the present invention can be connected to a host device via a network as needed. .

  A CF card (compact flash (R) card) 64 known as a memory card is arranged below the USB connector 60, and an OS image necessary for the operation of the access control apparatus 10 and various necessary data are stored in advance. After being stored, it is set on the circuit board 42 of the main body 14 as shown in the figure so that the control processing of the access control device can be performed.

  As is apparent from the structure of the access control device 10 shown in FIGS. 2 and 3, the USB connector 60 for inserting and connecting the USB memory is provided on the circuit board 42 in the main body 14 closed by the cover 12. In order to connect the USB memory to the USB connector 60, the cylinder lock 16 must be unlocked and the cover 12 must be removed. The USB memory is used to prevent data acquisition, browsing, falsification, and the like of the access control device 10.

  Also, if the cover 12 is removed without breaking the cylinder lock 16 due to breakage or the like, the tamper switch 46 is turned on, and after a predetermined time, the buzzer 48 sounds and the alarm indicator lamp 34 shown in FIG. It is.

  Further, since the USB connector 60 is provided near the right side surface of the main body 14 and the USB memory is connected from the right side surface of the main body 14, the USB memory is placed outside the right side surface of the main body 14 when the USB memory is inserted. Connected to protrude. As a result, the cover 12 cannot be closed to the main body 14 unless the USB memory is removed, thereby preventing the USB memory from being forgotten.

  FIG. 4 is a block diagram showing a circuit configuration of the access control apparatus according to the present invention. In FIG. 4, the access control apparatus 10 is provided with a CPU 70, and a real-time clock circuit unit (RTC circuit unit) 72 that functions as a clock circuit unit is provided for the CPU 70.

  The real-time clock circuit unit 72 is also called a calendar clock, generates time data of year / month / day / hour / minute / second, stores history information with time information added thereto, and unlocks the electric lock 108 corresponding to a set time zone. You can control it.

  An external card reader 82 can be attached to the CPU 70 via the RS485 interface 80. Further, a built-in card reader module 84 is provided for the CPU 70. By holding a contactless card, the built-in card reader module 84 obtains user information of the card held by the user, and Unlocking and locking can be controlled.

  The USB interface 86 enables data processing of entry / exit information for the connection of the USB memory 11 to the USB connector 60 based on the authentication processing of the USB memory 11.

  For the external bus interface 71 of the CPU 70, a nonvolatile memory 74 using a flash memory, an SDRAM 76 used as a volatile memory, an SRAM 78 used as a temporary backup memory, a CF card interface 88, a LAN controller 90, and a status display And a control circuit unit 94 for locking and unlocking the electric lock and the like.

  The CF card interface 88 executes an input / output interface for connection of the CF card 64 as shown in FIG. The LAN controller 90 is connected to the network 92 as necessary, and enables, for example, acquisition or browsing of data managed by the access control apparatus 10 by a higher-level web server.

  An operation unit 96 is provided for the control circuit unit 94, and a USB memory removal switch 50, a history data writing switch 52, an equipment data reading switch 54, and a date / time setting switch 56 are provided therein. An indicator lamp 98, a buzzer 100, and a tamper switch 46 are provided for the control circuit unit 94.

  Further, an electric lock driving circuit 106 is provided for the control circuit unit 94, and controls the locking and unlocking of the electric lock 108 of the door installed in the vicinity. Furthermore, a contact signal input / output circuit unit 110 is provided for the control circuit unit 94, and a transfer output to the external device 112 and a transfer input from the external device 112 are performed by the input / output of the contact signal. As the external device 112, for example, a fire detection contact signal by a fire alarm facility or an intruder detection contact signal by a crime prevention monitoring system is input.

  FIG. 5 is a functional block diagram showing an embodiment of an access control apparatus according to the present invention for performing offline data management using a USB memory. In FIG. 5, the CPU 70 provided in the access control apparatus 10 is provided with an alarm unit 114, an alarm suppression unit 116, a maintenance processing unit 118, and an entry / exit control processing unit 120 as functions realized by executing the program. .

  For the CPU 70, the memory area such as the SRAM 78 shown in FIG. 4 and the CF card 64 are used, and the user information file 122, the equipment setting information file 124, the operation history information file 126, and the access control device 10 A serial ID 130 of a USB memory held by a regular administrator used for maintenance is stored as a management serial ID 128.

  On the other hand, the serial ID 130 unique to the USB memory 11 is set in the USB memory 11. In this embodiment, the serial ID 130 of the USB memory 11 is used to suppress an alarm for the opening of the cover and to make an illegal operation. To prevent unnecessary data access.

  The USB memory 11 is provided with an encrypted file 132, and an encrypted serial ID 134 obtained by encrypting the serial ID 130 is stored in the encrypted file 132. The creation and storage of the encrypted serial ID 134 is provided with a function of creating a USB memory 11 used for management in software installed in a personal computer for data management prepared separately, and the USB memory 11 is installed in a personal computer equipped with this function. Is set and the creation process of the management USB memory is executed, the serial ID 130 of the USB memory 11 is acquired, the encrypted serial ID 134 encrypted according to a predetermined encryption format is created, and the USB memory 11 is encrypted. Store in file 132.

  When the maintenance for offline data management is performed on the access control apparatus 10 using the USB memory 11, necessary user information 136, facility setting information 138, Alternatively, each of the operation history information 140 is encrypted and stored in the encrypted file 132.

  The alarm unit 114 of the CPU 70 starts a timer by detecting the opening of the cover by the tamper switch 46, and warns by the sound of the buzzer 48 and the lighting of the alarm indicator lamp 34 when the time is up after a predetermined time.

  The alarm suppression unit 116 inserts and connects the management USB memory 11 to the USB connector 60 in the apparatus shown in FIG. 3 during the timer operation of the alarm unit 114. When the authentication processing of the connected USB memory 11 is successful, the alarm suppression unit 116 Is reset and the alarm operation by the alarm unit 114 is suppressed.

  The USB memory authentication processing by the alarm suppression unit 116 is one of the following three methods.

  (1) The management serial ID 128 is registered in advance in the CF card 64, and when the USB memory 11 is connected, the serial ID 130 read from the USB memory 11 is compared with the management serial ID 128 registered in the CF card 64. The alarm operation of the alarm unit 114 is suppressed.

  (2) The management serial ID 128 is registered in the CF card 64 in advance, and when the USB memory 11 is connected, the encrypted serial ID 134 is read from the USB memory 11 and decrypted, and the management serial ID registered in the CF card 64 is registered. The alarm operation of the alarm unit 114 is suppressed when the IDs 128 are matched with each other.

  (3) The management serial ID 128 is not registered in the CF card 64, and when the USB memory 11 is connected, the serial ID 130 is read from the USB memory 11, and the encrypted serial ID 134 is read and decrypted, and the two are compared. When they match, the alarm operation of the alarm unit 114 is suppressed.

  For this reason, when the cylinder lock 16 is unlocked and the cover 12 is removed in order to perform maintenance of the access control apparatus 10 using the USB memory 11 prepared for management by a regular administrator, the cover 12 is opened. Is detected by the tamper switch 46 and the timer 114 is started by the alarm unit 114. By inserting and connecting the management USB memory 11 to the USB connector 60 within a predetermined time, the (1) to (3) of the USB memory 11 are connected. ), The timer is reset based on the authentication success, and the alarm by the alarm unit 114 is suppressed.

  On the other hand, if the cover is removed illegally due to destruction, etc., or if a third party who does not have a regular management USB memory removes the cover 12, there may be no USB memory insertion connection within a predetermined time. Since it is not a regular USB memory for management, authentication fails and an alarm can be issued after a predetermined time.

  Also, once the alarm unit 114 detects the opening of the cover 12 and starts the timer, the timer count is stopped even if the knob of the tamper switch 46 is manually pushed in and the cover 12 is mounted and closed. First, the alarm is continuously output after counting up for a predetermined time, so that it is possible to eliminate fraud.

  When the cover is removed, the cover opening is stored in the CF card 64 or the like as a history.

  The maintenance processing unit 118 of the CPU 70 determines that the USB memory 11 is valid based on the successful authentication of the USB memory 11 by the alarm suppression unit 116, transfers data to and from the USB memory 11 determined to be valid, and enters / exits Perform information processing.

  FIG. 6 is a flowchart showing control processing in the embodiment of FIG. In FIG. 6, when the power of the access control device 10 is turned on, after performing predetermined initialization processing and self-diagnosis processing in step S1, if normal, whether or not the cover is opened by turning on the tamper switch 46 is determined in step S2. To check.

  If it is determined that the tamper switch 46 is turned on when the cover is opened, the process proceeds to step S3 and a timer is started. In step S4, it is determined whether or not the insertion of the USB memory 11 is detected.

  If it is determined in step S4 that the insertion of the USB memory 11 has been detected, the process proceeds to step S5, where the authentication of the USB memory 11 is executed according to any of the methods (1) to (3), and the authentication success is determined in step S6. Proceeding to step S7, the alarm is suppressed by resetting the timer.

  On the other hand, if the insertion detection of the USB memory is not determined in step S4, the process proceeds to step S8 to determine whether or not the time is up, and if the time is not up, the processing from step S4 is repeated. If the insertion detection of the USB memory is not determined in step S4, or if it is determined that the time is up in step S8 due to the authentication failure in step S6, the process proceeds to step S9 to give an alarm and then terminate abnormally. The abnormal end is stored as a history.

  After determining the authentication success of the USB memory 11 in step S6 and suppressing the alarm in step S7, the information stored in the encrypted file 132 of the USB memory 11 is read and decrypted in step S10, and the maintenance process is executed.

  As shown in FIG. 5, the maintenance process in step S10 is an editing process in which the user information 136 is read from the USB memory 11 and the user information file 122 is updated, deleted, corrected, etc. in the access control apparatus 10, as well. The equipment setting information 138 is read to edit the equipment setting information file 124 to be changed, added, or deleted, and the requested operation history information 140 is read from the operation history information file 126 stored in the access control apparatus 10. A process of storing in the USB memory 11 is performed.

  Since the user information 136, the equipment setting information 138, and the operation history information 140 stored in the USB memory 11 are also encrypted, they are decrypted when read to the access control apparatus 10 and necessary editing processing is performed. I do. When the operation history information 140 is stored in the USB memory 11, the operation history information 140 is encrypted and written to the USB memory 11.

  When the maintenance process is completed, the USB memory removal switch 50 shown in FIG. 3 is turned on to remove the USB memory 11, so in step S11 it is determined whether or not a USB memory removal operation has been performed.

  When the operation of the USB memory extraction switch 50 is determined in step S11, the end of the offline processing using the USB memory 11 inserted in step S4 is recognized. After the USB memory is removed, the apparatus main body 14 is put on the cover 12 and the cylinder lock 16 is locked to restore the normal use state.

  Therefore, it is determined in step S12 that the tamper switch 46 is turned off by closing the cover 12, and the process returns to the normal access control process.

  In the normal monitoring state, it is determined whether or not the card held by the user is read in step S13. When the card reading is determined, the process proceeds to step S14, and the entry / exit control process is executed.

  That is, the user's card reading information and the user information stored in the user information file 122 as shown in FIG. 5 are collated, and when the collation match is obtained, the electric lock is unlocked and the user is unlocked. The door is opened when the user opens the door and enters the room, and the electric lock is locked again based on the subsequent closing detection. In addition, the user's room entry time is stored in the operation history information file 126 so that the status of the user in the room can be managed based on this.

  Further, when a shutdown operation is determined in step S15, a stop process is performed in step S16 and the process is terminated.

  In the above embodiment, the USB memory is taken as an example of the portable memory device. However, any other suitable memory device can be used as long as it is a portable memory device.

  In the above embodiment, the device itself warns against removal of the cover due to fraud, but when connected to the network, it notifies the management server etc. of the occurrence of an abnormality. You may do it.

  Also, when performing maintenance using a management USB memory, if a warning is output after a predetermined period of time has elapsed since opening the cover, the USB memory insertion was detected during the alarm and authentication was successful. In such a case, the alarm may be stopped.

  Also, the management serial ID for authentication is registered in the CF card 64. However, if a network is connected, the management serial ID may be received and authenticated via the network.

  Further, in the above embodiment, the functions of the alarm unit and the alarm suppression unit are realized by executing a program by the CPU, but may be realized by a hardware circuit of the control circuit unit 94 of FIG. The means for detecting opening and closing of the cover is not limited to the mechanical tamper switch 46, but may be a detection switch due to magnetic fluctuations such as a reed switch or a Hall element.

  Further, the identification information of each user is not limited to the identification information stored in the card, but may be stored in a mobile phone or the like, or information that can be identified by the user by a specific part of the human body.

Further, the present invention includes appropriate modifications that do not impair the object and advantages thereof, and is not limited by the numerical values shown in the above embodiments.

10: Access control device 11: USB memory 12: Cover 14: Main body 16: Cylinder lock 18: Non-contact card reader unit 50: USB memory eject switch 60: USB connector 70: CPU
74: Non-volatile memory 94: Control circuit unit 106: Electric lock drive circuit 108: Electric lock 114: Alarm unit 116: Alarm suppression unit 118: Maintenance processing unit 120: Entrance / exit control processing unit 122: User information file 124: Equipment setting Information file 126: Operation history information file 128: Management serial ID
130: Serial ID
132: Encrypted file 134: Encrypted serial ID
136: User information 138: Equipment setting information 140: Operation history information

Claims (2)

In an access control device installed corresponding to a door with an electric lock, unlocking or locking the electric lock by authentication of identification information, and managing user information and entry / exit information,
An opening detection unit for detecting the opening of the locked, detachable device cover;
An alarm unit that outputs an alarm regardless of the presence or absence of the detection of the opening of the device cover when a predetermined time has elapsed since the detection of the opening of the device cover by the opening detection unit;
A connection port to attach and detach a portable memory device;
An alarm suppression unit that suppresses an alarm operation of the alarm unit based on an insertion connection of a portable memory device to the connection port;
An access control device comprising:
The access control device according to claim 1,
The alarm unit continues alarm output when opening of the device cover is no longer detected during alarm output,
The alarm suppression unit suppresses output of an alarm if the predetermined time has not elapsed when authentication of the portable memory device inserted and connected to the connection port is successful, and outputs an alarm if the alarm is being output. An access control device characterized by stopping.

Images