WO1997040473A1 - Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys - Google Patents
Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys Download PDFInfo
- Publication number
- WO1997040473A1 WO1997040473A1 PCT/FR1997/000676 FR9700676W WO9740473A1 WO 1997040473 A1 WO1997040473 A1 WO 1997040473A1 FR 9700676 W FR9700676 W FR 9700676W WO 9740473 A1 WO9740473 A1 WO 9740473A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- data
- lock
- control system
- access control
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/21—Individual registration on entry or exit involving the use of a pass having a variable access code
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
Definitions
- the present invention relates to a secure access control system allowing automatic invalidation of stolen or lost logical keys and / or transfer of authorization to produce keys.
- the invention is particularly applicable to the field of access control to buildings, computer systems or all kinds of objects whose opening or use must be controlled.
- This system is based on the use of portable storage media such as smart cards (cards with integrated circuits) with flush or contactless contacts, magnetic cards, badges, electronic keys with contact or contactless. These materials are distributed to all users for whom access will be authorized. For this, the storage media have in memory an electronic key giving a right of access.
- portable storage media such as smart cards (cards with integrated circuits) with flush or contactless contacts, magnetic cards, badges, electronic keys with contact or contactless.
- This key includes data corresponding to an access authorization period and a digital signature of this data.
- the period of use corresponds in practice to a date of use and a time slot for use so that the key is only valid for one day and for the defined time slot.
- These keys have a short lifespan and are particularly well suited to an application such as delivery or collection of mail by an attendant. The user of such a support must reload his support every day with a new valid key.
- This access control system is very effective in applications for which one does not wish to give a permanent or very long access right. However, it turns out not to be suitable in the opposite case.
- Older control systems provide a blacklist for stolen or lost media to prevent unauthorized people who hold such media from accessing the protected set.
- the object of the present invention is to solve this problem.
- the secure access control system offered allows automatic invalidation of keys declared lost or stolen. According to the invention, there is no particular intervention to be made with electronic locks. These are the supports of the users who will automatically carry out an invalidation of the stolen or lost supports.
- the secure access control system also makes it possible to solve this problem, the media delivered are always valid even in the event of transfer of authorization to another person or more exactly to another means of producing keys.
- the invention more particularly relates to an access control system by means of a portable storage medium (C) on which is recorded an electronic key (CL) including user identification data, and a means ensuring an electronic lock function (L) capable of authorizing access in the case where the storage medium comprises the required electronic key, mainly characterized in that: the electronic key also comprises a specific data item DpA for the user and the support, and the digital signature S of this data,
- the lock (L) checks the digital signature S and checks that the specific data DpA of the key CL of the medium is equal to or greater than the data already recorded and only authorizes access when these conditions are carried out.
- the signature S is calculated from a secret key algorithm k and a corresponding public key K by means of production LE, the lock has in memory the public key K, a verification function V ⁇ of this signature S and of the means for implementing this verification function.
- the lock to verify a DpA data specific to a user, the lock:
- the DpA data specific to a user can be the date of personalization of its storage medium.
- the DpA own data can be a value obtained by a counter, this value being incremented with each new version of key for a given user.
- the specific data DpA (date of personalization) has a value greater than the previous one.
- the electronic key CL recorded on a support also includes data identifying this support, or will take for example as data the serial number of manufacture of the support.
- the electronic lock includes data corresponding to a DH reference value; access authorization is only given if, in addition, the DpA's own data for the user has a value less than the reference value DH.
- the DH reference data is the current date supplied by an internal clock of the electronic lock.
- the production means include authorization information HA given by an authority to produce the keys CL, including a public key K, and the digital signature CER of this information; and we operate a transfer of empowerment to new means by registering a new public key K 'and the corresponding signature CER'.
- the lock checks any new authorization.
- any new public key is registered in the electronic lock for verification with its certificate which will not in principle be kept.
- the data relating to the means of production comprise an identification data ID, a validity period VAL and the public key K, the validity period assigned to the old key K having an end date which corresponds to the start date of validity of the validity period of the new key K ', this date being able to be later (ie for example one month).
- the lock compares and replaces the end date of the validity period of the old key with the start date of validity of the key next.
- the lock also performs the following steps:
- the public keys K, K ' are obtained by the authority from a production function F j ⁇ with public key KA, with a secret key ka.
- the lock has in memory at the time of verification a verification function V j ⁇ and the key KA for the verification of signatures CER or CER '.
- Another subject of the invention is an access control system by means of a portable storage medium C on which an electronic key CL is recorded, means for producing these electronic keys and means ensuring a lock function.
- electronic L capable of authorizing access in the case where the storage medium comprises the required electronic key, according to which the production means include authorization information HA to produce the keys CL, including a public key K, and the signature digital CER of this information, and in which an authorization transfer is made to new means of production by registering a new public key K 'and the corresponding signature CER'.
- This new public key is, after verification of the authorization, recorded in the electronic lock L which verifies the keys CL produced by these means LE.
- the data relating to the means of production comprises an identification data ID, a validity period VAL and the public key K; the period of validity assigned to a new key K 'has a starting date which corresponds to the date of end of validity of the period of validity of the previous key K.
- the lock compares the start date of the validity period of the new key to the end date of the validity of the previous key.
- Public keys are obtained by the authority from a key production function F KA public KA, with a secret key ka, the lock comprising in memory at the time of verification a verification function V j ⁇ and the key KA for verifying these signatures CER or CER '.
- this means is declared to the lock which will control the keys produced by this means.
- the authority registers the authorization certificate with the lock and the KA key that it used for the calculation.
- the means of production can itself register its authorization with the lock.
- FIG. 1 represents a secure access control system according to a first object of the invention
- FIG. 2 shows a secure access control system according to a second object of the invention.
- an authority is understood to mean an organization possessing secret keys, means capable of issuing public keys and authorization data.
- secret key is meant digital data which is known only to an organ of the authority or a means of production.
- public key KA, K, K ' is meant digital data shared by several users, namely, the authority and the means of production of the electronic keys or the means of production and the electronic lock.
- key production means LE is understood to mean a device for processing digital information, for example a micro-computer, holding HA authorization information and having computing means for carrying out the digital signature of data implementing functions such as 'a classic public key algorithm.
- electronic key or logical key CL is understood to mean digital data or several digital data accompanied by their digital signature giving right of access.
- the invention is described by way of example, in the application to managing access to buildings.
- the storage media C comprising the electronic keys distributed to authorized users may be either smart cards, or smart keys, or badges or magnetic cards.
- the transmission between the support C and the lock L can be made through electronic contacts or by radio means or by reading a magnetic tape.
- a smart card has been chosen as the support. It includes an I / O input / output interface 100 and an electrically writable non-volatile memory 101.
- the personalization of a support C consists in particular in writing in memory an identification information IDA of the user A comprising for example his name, the number of his apartment and the own data item DpA which gives him is affected. According to a preferred embodiment of the date of personalization of its storage medium.
- the personalization of the supports is made by the LE device (and the person who uses it) who holds an HA authorization (ID, KA, CER, K).
- the LE production device is for example produced by a microcomputer of the PC type, provided with a card reader.
- FIG. 1 schematically represents the different functional blocks of this LE device.
- the production apparatus LE comprises a microprocessor type processing unit 200 connected by a bus 201 to memories.
- a volatile working memory of the RAM 202 type contains the data of the application.
- An EEPROM type non-volatile memory includes in the protected area the secret key k used for the production of the electronic keys. It also includes the electronic key production program. This program implements a production algorithm of the public key algorithm type F ⁇ using the secret key k and the corresponding public key K.
- the memory 203 also includes the personalization program which consists in writing the own data, that is to say according to the preferred embodiment the date D p A of the personalization day (plus the time if necessary). This information is obtained from an internal clock 204.
- the own data can also be obtained by a counter 206 whose value is increased (incremented by 1 for example) with each new version of key.
- the volatile memory 203 can also contain the public key KA and the authorization certificate CER.
- an LE production device must be authorized to produce CL keys.
- the authorization is taken over by the AT authority.
- the authority gives him a public key K which will be used to calculate the keys CL.
- the key K is transmitted to it with a signature which is called here CER certificate.
- This CER certificate is therefore the digital signature of a data set including the identity of the authorized person ID, their public key K and the validity period VAL such as:
- the electronic locks CL are constituted by an apparatus of the chip card reader or microcomputer type equipped with a chip card reader interface for the example of embodiment described.
- the lock L comprises a processing unit 300, an electrically programmable non-volatile memory 301 and a working memory 302.
- the memory 301 comprises the key verification program implementing a verification function V ⁇ of the electronic keys CL.
- This memory 301 also contains the public key K corresponding to the secret key k which was used for the production of the keys CL.
- Lock L allows, according to a first object of the invention, to detect false electronic keys. For this, the lock compares the date of personalization D p A of the key CL to the date of personalization that it has in memory for the same medium (IDA identification).
- the lock allows access. If the date D p A> on the date of personalization present in the lock, then this is a new version of key, the lock updates its list of keys, that is to say that it saves the new customization date instead of the old one. If the date D p A ⁇ on the personalization date present in the lock, then this is a reuse of a key declared stolen or lost.
- Access is. not allowed. There is no update of the key list.
- the pair of public key and CER certificate of the LE key production device as well as the key KA are recorded in the lock in working memory for example, to allow the lock to perform a verification of authorization.
- the lock also contains the certificate verification program, this program implementing a verification function V j ⁇ of the certificate.
- V j a verification function
- the certificate corresponds to the public key K
- the key is saved in EEPROM memory
- the certificate and the key KA are not kept.
- a CER certificate 'for a new key K' is calculated by the AT authority and loaded into the LE device, reference may be made to the diagram in FIG. 2.
- this change of authorization consists in using a new public key K 'and in assigning this new key K' to the device.
- the lock can check the access conditions set out in the first part of the description and also compare the date D p A at the period of validity of the public key of the device.
- the lock can then compare the date of personalization with the period of validity of the corresponding public key.
- the lock authorizes access when, after this verification, it finds that the date D p A is within the period of validity of the corresponding public key.
- each public key K or K 'has its own validity period it is easy to detect fraud.
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP97918233A EP0956540A1 (en) | 1996-04-19 | 1997-04-15 | Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys |
JP9537774A JP2000509451A (en) | 1996-04-19 | 1997-04-15 | Secured access monitoring system that allows automatic revocation of stolen or lost electronic keys and / or transfer of authority to generate keys |
AU26433/97A AU724882B2 (en) | 1996-04-19 | 1997-04-15 | Secured access checking system enabling the automatic disabling of stolen or lost electronic keys and/or the transfer of entitlement to produce keys |
CA002252001A CA2252001A1 (en) | 1996-04-19 | 1997-04-15 | Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR96/04963 | 1996-04-19 | ||
FR9604963A FR2747813B1 (en) | 1996-04-19 | 1996-04-19 | SECURE ACCESS CONTROL SYSTEM FOR AUTOMATIC INVALIDATION OF STOLEN OR LOST ELECTRONIC KEYS AND / OR TRANSFER OF AUTHORIZATION TO PRODUCE KEYS |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1997040473A1 true WO1997040473A1 (en) | 1997-10-30 |
Family
ID=9491397
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR1997/000676 WO1997040473A1 (en) | 1996-04-19 | 1997-04-15 | Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys |
Country Status (6)
Country | Link |
---|---|
EP (1) | EP0956540A1 (en) |
JP (1) | JP2000509451A (en) |
AU (1) | AU724882B2 (en) |
CA (1) | CA2252001A1 (en) |
FR (1) | FR2747813B1 (en) |
WO (1) | WO1997040473A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001317246A (en) * | 2000-05-02 | 2001-11-16 | Nippon Signal Co Ltd:The | Locking and unlocking system |
CN110473329A (en) * | 2019-09-25 | 2019-11-19 | 永安行科技股份有限公司 | Access card approaches to IM, management system and intelligent terminal |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ES2236973T3 (en) | 1999-01-28 | 2005-07-16 | International Business Machines Corporation | METHOD AND CONTROL SYSTEM OF ELECTRONIC ACCESS. |
CZ14807U1 (en) * | 2001-03-14 | 2004-10-18 | Jan Kalous | Safety system of key protection against unauthorized manufacture thereof |
DE102004044892A1 (en) | 2004-09-14 | 2006-03-30 | Thoughtfab Limited, Birmingham | Process for the documentation of a property or possession as well as the transfer of the same to a commodity |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2597142A1 (en) * | 1986-04-08 | 1987-10-16 | Schlage Lock Co | CRYPTOGRAPHIC ELECTRONIC LOCK SYSTEM AND METHOD OF OPERATION |
EP0299826A1 (en) * | 1987-07-10 | 1989-01-18 | Schlumberger Industries | Method and system for authenticating electronic memory cards |
EP0605996A1 (en) * | 1993-01-07 | 1994-07-13 | Ford Motor Company Limited | Remote controlled security system |
WO1996002899A1 (en) * | 1994-07-13 | 1996-02-01 | La Poste | Access control system for restricting access to authorised hours and renewing it using a portable storage medium |
-
1996
- 1996-04-19 FR FR9604963A patent/FR2747813B1/en not_active Expired - Lifetime
-
1997
- 1997-04-15 AU AU26433/97A patent/AU724882B2/en not_active Ceased
- 1997-04-15 CA CA002252001A patent/CA2252001A1/en not_active Abandoned
- 1997-04-15 WO PCT/FR1997/000676 patent/WO1997040473A1/en not_active Application Discontinuation
- 1997-04-15 JP JP9537774A patent/JP2000509451A/en active Pending
- 1997-04-15 EP EP97918233A patent/EP0956540A1/en not_active Withdrawn
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2597142A1 (en) * | 1986-04-08 | 1987-10-16 | Schlage Lock Co | CRYPTOGRAPHIC ELECTRONIC LOCK SYSTEM AND METHOD OF OPERATION |
EP0299826A1 (en) * | 1987-07-10 | 1989-01-18 | Schlumberger Industries | Method and system for authenticating electronic memory cards |
EP0605996A1 (en) * | 1993-01-07 | 1994-07-13 | Ford Motor Company Limited | Remote controlled security system |
WO1996002899A1 (en) * | 1994-07-13 | 1996-02-01 | La Poste | Access control system for restricting access to authorised hours and renewing it using a portable storage medium |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001317246A (en) * | 2000-05-02 | 2001-11-16 | Nippon Signal Co Ltd:The | Locking and unlocking system |
JP4590061B2 (en) * | 2000-05-02 | 2010-12-01 | 大日本印刷株式会社 | Key opening and closing system |
CN110473329A (en) * | 2019-09-25 | 2019-11-19 | 永安行科技股份有限公司 | Access card approaches to IM, management system and intelligent terminal |
Also Published As
Publication number | Publication date |
---|---|
CA2252001A1 (en) | 1997-10-30 |
EP0956540A1 (en) | 1999-11-17 |
AU2643397A (en) | 1997-11-12 |
FR2747813A1 (en) | 1997-10-24 |
FR2747813B1 (en) | 1998-06-05 |
JP2000509451A (en) | 2000-07-25 |
AU724882B2 (en) | 2000-10-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2171626C (en) | Access control system for restricting access to authorised hours and renewing it using a portable storage medium | |
EP0114773B1 (en) | Method and device for authorizing the holder of a portable object, such as a card, access by means of this card, to at least one service delivered by at least one authorizing organisation | |
EP3113099B1 (en) | Payment container, creation method, processing method, devices and programs therefor | |
CA2144124C (en) | Process and device for authentifying a data medium used to authorize a transaction or to authorize access to a service or a location, and related medium | |
EP0250309B1 (en) | Method for having a portable object, such as a memory card coupled to an external medium, be authenticated by this medium | |
FR2606909A1 (en) | PROCESSING SYSTEM FOR A PORTABLE ELECTRONIC DEVICE, SUCH AS AN INTEGRATED CIRCUIT BOARD | |
EP0552079B1 (en) | Mass memory card for microcomputer | |
FR2716021A1 (en) | Chip card transaction method and system. | |
FR2654236A1 (en) | METHOD FOR PROTECTING AGAINST THE FRAUDULENT USE OF MICROPROCESSOR CARDS, AND DEVICE FOR IMPLEMENTING SAME. | |
EP1055203B1 (en) | Protocol between an electronic key and a lock | |
FR2765985A1 (en) | METHOD FOR MANAGING A SECURE TERMINAL | |
WO1997040474A1 (en) | Security access control system enabling transfer of authorisation to make keys | |
WO1997040473A1 (en) | Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys | |
FR3080934A1 (en) | METHOD AND SYSTEM FOR PERFORMING SECURE DATA EXCHANGE | |
FR2749956A1 (en) | Access control system allowing transfer of authorisation to write keys | |
FR3090959A1 (en) | Processing an electronic ticket service | |
EP3765984A1 (en) | Secure data processing | |
FR2834366A1 (en) | SELF-LOCKING CHIP CARD, DEVICE FOR SECURING SUCH A CARD AND RELATED METHODS | |
FR3062501A1 (en) | METHOD FOR SECURING ELECTRONIC OPERATION | |
EP0910839B1 (en) | Method for safely storing credit units in a smart card and monetary transaction system using same | |
FR2773405A1 (en) | METHOD AND SYSTEM FOR CONTROLLING ACCESS TO A RESOURCE LIMITED TO CERTAIN TIME RANGES | |
EP3179400B1 (en) | Method for loading a computing resource into an electronic device, electronic module and corresponding computer program | |
FR2789774A1 (en) | Security module for secure comparison of an authentication code with one stored in memory has additional auxiliary registers in which randomly chosen data words are placed for use in authenticating the code in the main registers | |
FR2761840A1 (en) | METHOD FOR CERTIFYING A CUMULATION IN A READER | |
FR2700864A1 (en) | System for detecting falsification of stored information. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU CA JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
ENP | Entry into the national phase |
Ref document number: 2252001 Country of ref document: CA Ref country code: CA Ref document number: 2252001 Kind code of ref document: A Format of ref document f/p: F |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1997918233 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1997918233 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1997918233 Country of ref document: EP |