WO2003023722A2 - Procede de controle d'autorisation d'acces - Google Patents

Procede de controle d'autorisation d'acces Download PDF

Info

Publication number
WO2003023722A2
WO2003023722A2 PCT/EP2002/010091 EP0210091W WO03023722A2 WO 2003023722 A2 WO2003023722 A2 WO 2003023722A2 EP 0210091 W EP0210091 W EP 0210091W WO 03023722 A2 WO03023722 A2 WO 03023722A2
Authority
WO
WIPO (PCT)
Prior art keywords
access
control device
subscriber
locking device
sni
Prior art date
Application number
PCT/EP2002/010091
Other languages
German (de)
English (en)
Other versions
WO2003023722A3 (fr
Inventor
Wolfgang Rankl
Original Assignee
Giesecke & Devrient Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke & Devrient Gmbh filed Critical Giesecke & Devrient Gmbh
Publication of WO2003023722A2 publication Critical patent/WO2003023722A2/fr
Publication of WO2003023722A3 publication Critical patent/WO2003023722A3/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/08With time considerations, e.g. temporary activation, valid time window or time limitations

Definitions

  • the invention relates to a method for checking the access authorization to an area and / or device closed by means of a locking device.
  • the invention relates to a control device and a system with a corresponding control device for performing such a method.
  • Specially secured areas such as buildings, rooms, underground garages or areas are usually protected by suitable locking devices, such as. B. blocked mechanical or electric locks or electrically opening and closing gates or doors to prevent unauthorized access.
  • security-relevant devices for example computers
  • security-relevant devices for example computers
  • special electronic locking devices which, for example, switch the mains voltage of the device on and off or block access to a user interface.
  • contact cards that are used more and more frequently without contact are being used, which contain a chip in which the data or computation routines required for control purposes are stored.
  • the locking device is then connected to a reading device which is able to communicate with the chip card without contact over a certain distance and to exchange characteristic data and / or to check security routines.
  • a disadvantage of such systems that work with contactlessly communicating cards and reading devices is that they only function without problems in a spatial area of a few centimeters up to a maximum of 1 m. Because of this short range, the reading devices must be directly exposed to user access, ie, for example, be arranged outside a closed area next to a door. You are therefore exposed to attacks by unauthorized persons who could attempt to gain unauthorized access to the protected area or the device or who simply want to destroy the reading device.
  • Another disadvantage of such systems is that The user or authorized user must always carry the card, which serves as proof of identification, with them. If a user has to pass through several different security barriers with such control systems, in addition to the credit cards, EC cards etc.
  • a mobile terminal of the authorized user serves as identification medium.
  • the term "mobile terminal” is to be understood here as a mobile radio device or a similar device, for example a PDA, with a mobile radio function.
  • the person seeking access calls a control device connected to the locking device by means of the mobile terminal device carried.
  • a subscriber number of the person is automatically transmitted during the call to the control device.
  • the control device can then compare the subscriber number received during the call with a number of stored subscriber numbers of persons authorized to access. If the received subscriber number matches one of the saved subscriber
  • the control device can number the control device, for example by means of a corresponding activation via an interface, to grant access to the person seeking access.
  • the method is particularly advantageous in that the participant number of the person, i.e. H.
  • the call number stored on a SIM card in the mobile device is usually transferred to the called device. It is already standard today that a called device can receive and recognize this number, for example with the so-called CLIP function. Since no connection has to be set up to transmit the subscriber number, but usually the number is transmitted to the receiving device itself during the call at the first or second ring, the use of the mobile terminal device for access control according to the inventive method does not result in any additional costs.
  • the identification of the access seeker has a relatively high level of security, since manipulation of the transferred subscriber number is extremely difficult and requires very expensive equipment.
  • the reason for this is that a caller's subscriber number is managed by the background system, i. H. in the case of mobile devices, the mobile network is generated and not directly by the calling subscriber or in the mobile device.
  • the background system usually checked the access authorization to the network and thus the identity of the subscriber before the call was forwarded from a terminal when the device was logged in.
  • control device itself, and consequently the system consisting of the control device and the terminal devices, is also relatively inexpensive in comparison to the conventional access control systems with contact-based or contactless chip cards.
  • control device itself can be of relatively simple design. It only has to have a telephone network connection, for example a landline connection or a mobile radio module. Depending on the load on the control device, it can also have several telephone connections in order to be able to operate several users simultaneously.
  • control device requires a device for receiving a subscriber number when the terminal calls, this function as a CLIP function likewise already being standard in most connection devices or terminals. Furthermore, a memory, in which the subscriber numbers of access-authorized persons are stored, and a simple comparator unit for
  • connection to the locking device can be made via a separate interface.
  • the control device can be a control device specially constructed for this purpose, which is arranged, for example, directly on the closure device or even integrated into it. However, it can also be a system located locally at a completely different location, which, for example, controls a large number of different locking devices as the central system.
  • a control device can be implemented with suitable software in any computer, for example a commercially available PC, which is operated via has a corresponding landline connection or a cell phone module.
  • the stored subscriber numbers are assigned different access authorization levels. The person seeking access is then only granted access to the desired area and / or device in accordance with their access authorization level.
  • locking devices can be opened one behind the other from doors of a wider area, for example with one call, using different access authorization levels, e.g. accordingly, only those doors are opened which give one person access to a particular department, while other users only have access to other departments.
  • the control device must accordingly have means for assigning an access authorization level to a subscriber number and means for actuating the locking device in accordance with the access authorization level.
  • One way of realizing this is to store a separate list with subscriber numbers of appropriately authorized persons in the memory for the different access authorization levels.
  • the control device searches through all lists upon receipt of a subscriber number and then grants access according to the access authorization level of the list in which the Participant number was found.
  • An alternative possibility is that a parameter representing the access authorization level is assigned to each subscriber number in the memory, that is to say that after a subscriber number has been found in the list of parameters, it is read out and accordingly access is granted.
  • the single figure shows a schematic representation of the method and the system for checking the access authorization.
  • the figure shows a situation in which a user (not shown) - also called access seeker in the following - requests access to an area 2, here a room 2, which is closed by a door 3.
  • This door 3 is secured by means of a locking device 4, here an electronically controlled lock.
  • the closure device 4 is connected via a line 14 to an interface 10 of a control device 6. Instead of this line 14, there can also be a wireless connection between the interface 10 and the closure device 4.
  • the control device 6 is not located inside the room 2, but at an external location. However, it can also be arranged within the space 2 and, for example, arranged directly next to the closure device 4 or even integrated into the closure device 4.
  • the control device 6 has at its core a CPU 9 which is programmed accordingly to carry out the method according to the invention.
  • the subscriber numbers SNi are each assigned parameters B1, B2 which provide access calculation represent level.
  • the access seeker In order to be able to unlock the locking device 4 and open the door 3, the access seeker must dial a subscriber number which is assigned to the control device 6 or the associated mobile radio module 7 of the control device 6 in a telephone network 5. The call R of the terminal 1 is then forwarded to the mobile radio module 7 of the control device 6 via the background system of the telephone network 5. In addition, the background system simultaneously transmits the subscriber number SN of the mobile radio device 1 of the access seeker with the call R. This
  • Subscriber number SN is generated in the background system of the mobile radio network 5 or is correspondingly determined from the memories available in the background system on the basis of the access data which are required for identifying the mobile radio device 1 and for logging into the mobile radio network 5.
  • the system is shown using a mobile radio network 5.
  • a fixed network is used instead of the mobile radio network 5, the control device having a fixed network connection and the call R of the mobile radio device 1 being forwarded to the control device 6 via this fixed network.
  • the connection is interrupted, ie no fee-based connection is established, but only the subscriber number SN transmitted on the call R is read.
  • the subscriber number SN is preferably identified within the CPU 9, in which, with suitable software, for example, a conventional CLIP routine, shown in the figure as a CLIP module 12, is set up to recognize transmitted call numbers.
  • the list 11 is searched by means of a comparator device 13 likewise implemented in software within the CPU 9 in order to determine whether the received subscriber number SN matches one of the subscriber numbers SNi of the persons authorized to access stored therein.
  • the locking device 4 is not opened, ie, for example, no signal is sent to the locking device 4.
  • the locking device 4 has a signal generator outside the room 2, with which the access seeker is signaled, for example, that access is still prohibited.
  • the control device 6 sends a corresponding signal to the locking device 4, so that it informs the access seeker of the failed attempt via this signaling device.
  • the subscriber number SN is found in the list 11
  • the parameter B1, B2 assigned to this subscriber number is read, which specifies the access authorization level. Access is then granted in accordance with this access authorization level.
  • the one access authorization level only allows access to room 2 during certain office hours.
  • the other access authorization level entitles access at any time even outside office hours.
  • a clock (not shown) is located in the CPU 9, so that the control device 6 or the CPU 9 can check in a further routine when the transmitted part number SN is found in the list and after reading out the access authorization level, whether the access seeker has access to it Time of entry is granted.
  • the example described clearly shows how, in a very simple and cost-effective manner, secure access control is possible using a conventional mobile phone.
  • the method can be used in wide areas to secure any areas such as buildings, rooms, underground garages, company areas or similar as well as devices such as computers, telephone systems, vehicles etc.
  • An interface only has to be present on the closure device in order to be able to carry out control via the control device.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un procédé permettant de contrôler l'autorisation d'accéder à une zone/ou un appareil verrouillé(e) par un dispositif de verrouillage. Une personne désireuse d'accéder à la zone/l'appareil appelle un dispositif de contrôle lié audit dispositif de verrouillage, au moyen d'un terminal mobile. Un numéro utilisateur de la personne est automatiquement transmis au cours de l'appel passé audit dispositif de contrôle. Le dispositif de contrôle compare le numéro utilisateur reçu lors de l'appel avec une pluralité de numéros utilisateurs stockés de personnes disposant d'une autorisation d'accès. En cas de concordance entre le numéro utilisateur reçu et un des numéros utilisateurs stockés, le dispositif de contrôle influe sur le dispositif de verrouillage de façon que ce dernier accorde l'accès.
PCT/EP2002/010091 2001-09-12 2002-09-09 Procede de controle d'autorisation d'acces WO2003023722A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE10144936.4 2001-09-12
DE10144936A DE10144936A1 (de) 2001-09-12 2001-09-12 Verfahren zur Prüfung der Zugangsberechtigung

Publications (2)

Publication Number Publication Date
WO2003023722A2 true WO2003023722A2 (fr) 2003-03-20
WO2003023722A3 WO2003023722A3 (fr) 2003-10-16

Family

ID=7698782

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2002/010091 WO2003023722A2 (fr) 2001-09-12 2002-09-09 Procede de controle d'autorisation d'acces

Country Status (2)

Country Link
DE (1) DE10144936A1 (fr)
WO (1) WO2003023722A2 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL1029550C2 (nl) * 2005-07-18 2007-01-19 Der Kinderen Beheer B V Werkwijze, systeem en computerprogrammaproduct voor het langs elektronische weg verstrekken van een toegangsproduct.
WO2009003841A1 (fr) * 2007-06-29 2009-01-08 Business Gates S.R.L. Appareil pour ouverture à distance de portes ou de grilles de bâtiment
US8041016B2 (en) 2004-04-21 2011-10-18 Anders Trell Trust Method and device for access communication/control
WO2012064264A1 (fr) * 2010-11-09 2012-05-18 Zaplox Ab Procédé et système permettant de réduire l'impact d'un événement non désiré par une distribution de certificats basée sur un événement
CN104851167A (zh) * 2015-05-14 2015-08-19 深圳市家信信息科技开发有限公司 一种非接触式开锁方法和锁体装置
GB2540173A (en) * 2015-07-08 2017-01-11 Hugslock Systems Ltd Encrypted locks

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005031483A1 (fr) * 2003-09-10 2005-04-07 Dorma Gmbh + Co. Kg Dispositif d'autorisation pour un utilisateur d'une commande

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993014571A1 (fr) * 1992-01-09 1993-07-22 Supra Products, Inc. Systeme d'entree de securite a communication radio
WO2000035178A2 (fr) * 1998-11-26 2000-06-15 M-Phone Communications Ab Procede et dispositif pour commande d'acces grace a un telephone portable
JP2000220332A (ja) * 1999-01-29 2000-08-08 Nippon Telegraph & Telephone East Corp 電子錠制御装置
WO2001057824A1 (fr) * 2000-02-04 2001-08-09 Alexander Shemer Systeme et procede permettant de faire fonctionner un dispositif au moyen de la fonction d'identification utilisateur d'un telephone

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11120398A (ja) * 1997-10-21 1999-04-30 Ntt Power And Building Facilities Inc セキュリティシステムおよびセキュリティ方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993014571A1 (fr) * 1992-01-09 1993-07-22 Supra Products, Inc. Systeme d'entree de securite a communication radio
WO2000035178A2 (fr) * 1998-11-26 2000-06-15 M-Phone Communications Ab Procede et dispositif pour commande d'acces grace a un telephone portable
JP2000220332A (ja) * 1999-01-29 2000-08-08 Nippon Telegraph & Telephone East Corp 電子錠制御装置
WO2001057824A1 (fr) * 2000-02-04 2001-08-09 Alexander Shemer Systeme et procede permettant de faire fonctionner un dispositif au moyen de la fonction d'identification utilisateur d'un telephone

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
PATENT ABSTRACTS OF JAPAN vol. 1999, no. 09, 30. Juli 1999 (1999-07-30) -& JP 11 120398 A (NTT POWER AND BUILDING FACILITIES INC), 30. April 1999 (1999-04-30) *
PATENT ABSTRACTS OF JAPAN vol. 2000, no. 11, 3. Januar 2001 (2001-01-03) -& JP 2000 220332 A (NIPPON TELEGRAPH &TELEPHONE EAST CORP; NIPPON TELEGRAPH & TELE), 8. August 2000 (2000-08-08) *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041016B2 (en) 2004-04-21 2011-10-18 Anders Trell Trust Method and device for access communication/control
NL1029550C2 (nl) * 2005-07-18 2007-01-19 Der Kinderen Beheer B V Werkwijze, systeem en computerprogrammaproduct voor het langs elektronische weg verstrekken van een toegangsproduct.
WO2009003841A1 (fr) * 2007-06-29 2009-01-08 Business Gates S.R.L. Appareil pour ouverture à distance de portes ou de grilles de bâtiment
JP2011508114A (ja) * 2007-06-29 2011-03-10 ビジネス ゲイツ エッセ.ピ.ア. 建物のドア又はゲートの遠隔開扉装置
US8390426B2 (en) 2007-06-29 2013-03-05 Business Gates S.P.A. Apparatus for remote opening of doors or gates of a building
WO2012064264A1 (fr) * 2010-11-09 2012-05-18 Zaplox Ab Procédé et système permettant de réduire l'impact d'un événement non désiré par une distribution de certificats basée sur un événement
US9137236B2 (en) 2010-11-09 2015-09-15 Zaplox Ab Method and system for reducing the impact of an undesired event using event-based distribution of certificates
CN104851167A (zh) * 2015-05-14 2015-08-19 深圳市家信信息科技开发有限公司 一种非接触式开锁方法和锁体装置
GB2540173A (en) * 2015-07-08 2017-01-11 Hugslock Systems Ltd Encrypted locks

Also Published As

Publication number Publication date
DE10144936A1 (de) 2003-04-17
WO2003023722A3 (fr) 2003-10-16

Similar Documents

Publication Publication Date Title
EP1955287B1 (fr) Procede et dispositif central destines a des controles d'acces a des zones ou installations securisees
EP0875871B1 (fr) Méthode et système d'authorisation dans des systèmes de transfert de données
DE9217379U1 (de) Zugriffkontrollierte Vorrichtung zum Leisten von Diensten
DE69729321T2 (de) Entriegelungssystem einer sicherheitsstruktur zur betätigung im notfall und durch befugte personen
WO2003023722A2 (fr) Procede de controle d'autorisation d'acces
DE202005021375U1 (de) Berechtigungssystem
DE102020005344B3 (de) Verfahren zur Deaktivierung und Aktivierung einzelner Berechtigungen und/oder Funktionen eines Fahrzeugschlüssels
WO2004034334A1 (fr) Systeme de controle d'acces pour portes et procede pour faire fonctionner un tel systeme
DE2533699A1 (de) Anordnung zum pruefen der berechtigung von fernmelde-, insbesondere fernsprechteilnehmern
WO2006056085A1 (fr) Installation de contrôle d'accès munie de plusieurs dispositifs de fermeture
DE102010019467A1 (de) Kontaktlos arbeitendes Zugangssystem
DE19838129C2 (de) Elektronisches Schließsystem
DE4436605A1 (de) Verfahren zur sicheren Ver- und Entriegelung von Schlössern mit einer Authentisierung
DE3342651A1 (de) Verfahren zur absicherung des zugriffs an terminals
DE19542732B4 (de) Verfahren zur Erkennung des Mißbrauchs einer Zugangsberechtigung
EP1821262A2 (fr) Système de contrôle d'autorisations de personnes à exécuter des activités autorisées
EP0794306A2 (fr) Système de contrÔle d'accès et de sécurité électronique
DE19611072C2 (de) Chipkarte, die sowohl kontaktbehaftet als auch kontaktlos betreibbar ist
EP3089119A1 (fr) Systeme d'authentification d'acces a un point d'acces d'un batiment ou d'une piece
DE10209890A1 (de) Verfahren zum Betreiben einer elektromechanischen Schließanlage für Türen in Gebäuden
WO2008055484A1 (fr) Système d'identification
WO2016001103A1 (fr) Système de déverrouillage et de verrouillage d'un mécanisme de fermeture
EP1768316B1 (fr) Déblocage d'une carte mobile
EP1752928A1 (fr) Procédé destiné au contrôle d'entrée d'une zone accessible à des personnes, en particulier pour une pièce fermée par une porte
EP0238577A1 (fr) Systeme anti-effraction ou anti-vol

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DK DZ EC EE ES FI GB GD GE GH GM HR ID IL IN IS JP KE KG KP KR KZ LC LK LS LT LU LV MA MD MG MK MN MW MZ NO NZ OM PH PL PT RO RU SD SE SI SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP