Title
Security system and process for monitoring and controlling the movement of people and goods.
Field of the Invention
The present invention relates generally to access control systems, electronic article surveillance, radio frequency identification and video surveillance.
Background of the Invention
Access control systems are well known in the art. They generally require a full list of authorised persons who can enter (or leave) a controlled space and the issue of machine readable identifying devices (cards, keyfobs, badges, etc.) of various technologies (mag-stripe, smart chip, barcode, RFID, etc.) to these persons so that the system could identify the person who carries them. Upon successful identification the person may enter (or leave) the controlled space and the system would enter the event in its log.
These systems have a general problem with non-compliance, i.e. with one single identity device a number of people can enter the controlled space with a single personal entry in the log. This is what some systems try to address with physical controlling devices, like forks or revolving doors. Also, such access control systems cannot account for unauthorised accesses with stolen or sometimes even forged identity devices. These drawbacks can be partially addressed by the addition of personal access codes, passwords or biometrical identification (finger or palmprint, face-recognition, iris-recognition, voice print, etc.) which can help binding the identifying device to its holder.
Video Surveillance is another widely used security tool. The combination of access control systems with continuous or time lapse video imaging of the
security gates can also help solving some of the above problems. However, there are still some open questions in case proof has to be provided. Like e.g. that a particular video image was taken at a particular occurrence and shows indeed a particular person carrying a particular i.d. and a particular article. Electronic Article Surveillance (EAS) for detecting and preventing theft or unauthorised removal of articles or goods from controlled spaces is also well known in the art. Although today they are nearly exclusively used in retail establishments and libraries, theft is a real problem in all walks of life. Namely, office buildings, factories and other similar establishments also contain valuable items that are targeted in various sophisticated methods of theft. However, traditional EAS cannot be used for such establishments as many of the target goods are allowed to be taken away from the premises by authorised personnel (like laptops, confidential documents, certain tools or other portable office equipment, etc.). Also the EAS systems need personnel to prosecute unlawful acts at the very time when persons pass a detection gate. These persons (customers) normally do not wear electronic i.d.'s.
A traditional EAS system cannot differentiate between the tags and thus it will sound the theft alarm every time such goods equipped with these tags pass through the security gates. This would result in a very high number of false alarms embarrassing even those personnel, who are otherwise authorised to carry the goods outside the premises.
A more modern approach, Radio Frequency Identification (RFID) can be used to differentiate between the tags and match them to certain criteria in a database. Such a system is disclosed in WO98/11520 (Clare et al.) but falls short of demonstrating the full potential of integration in order to provide a complete surveillance system. Above all, it describes a somewhat loosely distributed system, which stores and processes inventory and transactional data by computational means, and records images (time lapse or moving) on conventional videotapes. Even the abstract states that: "The discrepancies are investigated by viewing the captured video images near the time of the discrepancies." This may suffice for likelihood but certainly wouldn't provide proof as asked for above.
Given the privacy issues such a system would be able to elicit, unless the trespassers are caught red-handed with physical evidence, court cases or collecting images of individuals suspected of shoplifting are not facilitated by such systems demonstrated in prior art.
Summary of the Invention
The present invention solves the above mentioned problem item. It provides a fully integrated security solution with an access control system, an electronic article surveillance system and a digital video surveillance system for use in conjunction with a unified security database.
Due to the invention a secure synchronicity can be established between the different systems. So far, this has never been reached or demonstrated in prior art. Not even in the closest prior art (WO98/11520). By the inventively provided secure synchronicity one should be able to prove beyond reasonable doubt e.g. before a court of law that the person carrying the identification device(s) (i.e. RFID enabled id tag(s)) is the person the system has taken the image of, and recorded other data of.
The invention integrates all security and surveillance information in a (relational) database and hence does not allow any manipulation or misinterpretation of the data.
In the disclosed security solution all authorised personnel and valuable goods in the controlled space carry a common technology RFID tag with a unique ID. The RFID readers (or gates) are positioned at every access point to the controlled space and/or between certain zones within this space. Every such gate is also equipped with surveillance cameras that are aimed at the sensing volume of the RFID reader to be able to record video and/or capture images every time an RFID tag (person or article) is passing through. The data from the RFID tag(s) and the images or video recordings are stored linked to the other data of the event in question (time, gate No., direction, current alarm status, etc.) in a log within the database. In this simple setup all movements of
goods and people can be traced back in the event of a security breach and the use of false identity devices can be ruled out via positive image or other biometrical identification in an improvement of the invention. Thus, the system does not have to rely on synchronicity between access control logs and time lapse video, but rather the direct electronic link between the several pieces of data.
In a retail shop environment, where there are naturally more people without identification tags (not employees of the shop) all the goods could be equipped with RFID tags either hidden or exposed. The inventory should contain the traditional barcode numbers and the unique RFID tag identifier numbers linked to the articles. (This also makes inventory handling easier as RFID technology doesn't require line of sight, i.e. multiple tags can be read even through all types of non-metallic packaging) The cashier would enter the goods by barcode or RFID reader to the cash register connected to the same database. After payment the system 'would clear' these goods for exit. Every time an RFID tag that wasn't cleared in the database by the above method passes any of the gate readers (at customer or personnel entrances/exits) the system would make a record of the event together with the appropriate images in the database, and would optionally activate a visible and/or audible alarm signal.
If required, all areas where such proper deactivation could be carried out (RFID or barcode reader access points to the database, typically at cash registers), cameras can be placed to record images to be linked to every such transaction in the database. The same readers that handle goods can also be used to identify store personnel for the security system and clear access through the reader to the database. In this manner, with the proper images recorded, unauthorised access can also be proven by the records.
In a more sophisticated setup, the system can be equipped with a 'tactical screen' through which security personnel can follow and control the events at the different gates utilising real time data from inventory records of tagged
articles, personnel records and images from both the gates' RFID reader and the security database, all on the same screen.
The security control can be partly or fully automated depending on individual needs by assigning certain attributes to both personnel as well as goods. Personnel for example could be part of a department, have a room as a workplace within the controlled space, and goods could be allocated as personal, department based, portable or on-site only. Any of the possible combination of these attributes occurring at the gates could trigger different actions or alarm levels. If the doors associated with the security gates have electromechanical or other remotely operable locks, certain predefined types of attribute combinations would prohibit passage through these doors. Other combinations could trigger audible and visible alarms, or even seal certain zones within the premises.
Moreover, such access control can also be combined with any of the aforementioned biometrical identification technologies, which further enhances the reliability, security and the level of automation within the system.
Such a system could also be used to protect areas or people entering controlled areas. Many biological or chemical agents for example require high hazard isolation levels, so they can only be kept or manipulated in certain areas of labs. If all people, protective gear (gloves, suits, helmets, etc.), tools and containers of such high hazard agents are equipped with RFID tags, a strategically located RFID reader gate would prohibit the exit of such agents from the area and the entry of personnel not wearing his/her own protective clothing into the same area, or it could notify security personnel of the breach. This system would highly enhance the security of such installations. Insurance companies would appreciate the installation of such a system for the benefit of employees working in high risk environments.
As it can be seen from the above, such a high level of integration creates endless possibilities for the security professional, all of which are within the scope of the invention.
Further information regarding the invention is laid open in the claims, in the list of figure numbers and in the drawings, which all of them contribute to the content of this specification.
Definitions regarding the terms used in this application
Definitions of database
One or more large structured sets of persistent data, usually associated with software to update and query the data. A simple database might be a single file containing many records, each of which contains the same set of fields where each field is a certain fixed width and where the fields are interconnected by internal links to each other in a way that independent amendment of the content of a field is not possible without having amendments of the other fields interconnected to said field and containing corresponding data.
In the invention and during use the database contains preferably a large collection of data records organised for rapid search and retrieval by searching single field types, one of which e.g. is a field of time or i.d. number of a particular personnel or article number or gate number etc.
The inventively used database preferably contains or is linked to a program that manages data, and can be used to store, retrieve, and sort information. For the benefit of universal use the database preferably allows an integrated collection of data that supplies information in a variety of forms or for a variety of applications.
In most cases the database will be in a single storage medium, however the invention is not limited to it. Hence a database may be spread over more than one storage medium. However the data fields in the different storage media need to be linked together in a way described above.
Definition of RFID and its different types
RFID
An abbreviation for Radio Frequency IDentification. It is a technology that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency (RF) portion of the electromagnetic spectrum to uniquely identify an object, animal, or person. RFID is coming into increasing use in industry as an alternative to the bar code. The advantage of RFID is that it does not require direct contact or line-of-sight scanning. An RFID system consists of three components which are an antenna, a transceiver (often combined into one reader), and a transponder (the tag, bracelet or ID object). The antenna uses radio frequency waves to transmit a signal that activates the transponder. When activated, the tag transmits data back to the antenna. The data is used to notify a programmable logic controller (PLC) that an action should occur. The action could be as simple as raising an access gate or as complicated as interfacing with a database to carry out a monetary transaction. RFID is sometimes called dedicated short range communication (DSRC).
However, when used RFID in this invention the meaning of RFID is not limited to radio frequency but employs also any other through-the-air, magnetic or electromagnetic fields which allow for detecting and identifying effects. RFID in the sense of the invention is not restricted to sender antenna systems but could also include systems where a person has to identify himself and the goods carried with him by sliding his i.d. and the tag of the carried good over a detector. However in most cases of use of the invention the RFID system will be using antennas and senders as usually used in EAS systems.
The readers for RFID can be configured either as a handheld or a fixed- mount device. The most common reader emits radio waves in ranges of anywhere from one inch to 100 feet or more, depending upon its power output and the radio frequency used. When an RFID tag passes through the electromagnetic zone, it detects the reader's activation signal. The reader decodes the data encoded in the tag's integrated circuit and the data is passed to the host computer for processing.
RFID tags come in a wide variety of shapes and sizes. RFID tags are categorised as either active or passive. Active RFID tags are powered by an internal battery and are typically read/write, i.e., tag data can be rewritten and/or modified. An active tag's memory size varies according to application requirements; some systems operate with up to 1 MB of memory. In a typical read/write RFID work-in-process system, a tag might give a machine a set of instructions, and the machine would then report its performance to the tag. This encoded data would then become part of the tagged part's history. The battery-supplied power of an active tag generally gives it a longer read range. The trade off is greater size, greater cost, and a limited operational life (which may yield a maximum of 10 years, depending upon operating temperatures and battery type).
Passive RFID tags operate without a separate external power source and obtain operating power generated from the reader. Passive tags are consequently much lighter than active tags, less expensive, and offer a virtually unlimited operational lifetime. The trade off is that they have shorter read ranges than active tags and require a higher-powered reader. Read-only tags are typically passive and are programmed with a unique set of data (usually 32 to 128 bits) that cannot be modified. Read-only tags most often operate as a license plate into a database, in the same way as linear barcodes reference a database containing modifiable product-specific information.
Their frequency ranges also distinguish RFID systems. Low- frequency (30 KHz to 500 KHz) systems have short reading ranges and lower system costs. They are most commonly used in security access, asset tracking, and animal identification applications. High-frequency (13,56 MHz) systems offer slightly longer read ranges and smaller paper thin tag sizes. They are increasingly used in factory automation, logistics and security applications. Ultra High Frequency (850 MHz to 950 MHz and 2.4 GHz to 2.5 GHz) systems, offering long read ranges (greater than 30 feet) and high reading speeds, are used for such applications as railroad car tracking and automated toll collection. However, the higher performance of high-frequency RFID systems typically incurs higher system costs.
The significant advantage of all types of RFID systems is the non-contact, non-line-of-sight nature of the technology. Tags can be read through a variety of substances such as snow, fog, ice, paint, and other visually and environmentally challenging conditions, where barcodes or other optically read technologies would be useless. RFID tags can also be read in challenging circumstances at remarkable speeds, in most cases responding in less than 100 milliseconds. The read/write capability of an active RFID system is also a significant advantage in interactive applications such as work-in- process or maintenance tracking.
Definition of electronic article surveillance (EAS) detector:
An EAS in the sense of the invention comprises a RFID or similar device for detecting or identifying a responder tag (i.d.) or a personal i.d.
In common systems EAS are restricted to the detection of responder tags. For that reason the meaning of EAS in the sense of the invention is somewhat broader then in known systems.
An EAS in the sense of the invention may contain two or more EAS's one being responsible for detecting an i.d. and an other being responsible for detecting a p. i.d. However in most cases it will be a single device.
Definition: Person and Transporter
A person in the sense of the invention is any natural individual.
A transporter in the sense of the invention is either a person or an animal or a mechanical device for transporting goods (e.g. a robot, a lorry, etc.)
Definition: Computer
A computer in the sense of the invention is either a software generated virtual computer within a larger control system, a data processor or an ordinary computer as generally used for controlling automated systems.
Definition: i.d. information
Means any number or descriptive information being stored in an i.d. or p. i.d. for identifying a good or a transporter or a person carrying said i.d. or p. i.d. As an example of the invention drawings are provided which show sketches of possible security installations using the invention. The drawings and the description of the drawings are not limiting the scope of protection defined by the claims.
Description of the drawings:
The following figures show
Fig. 1 the main theory and the structural outline of the invention with the database (8) in the centre;
Fig. 2 a combined flowchart and layout of the system;
Fig. 3 a typical barebone solution for office environments;
Fig. 4 a typical shop environment and
Fig.5 a symbolic tactical screen printout for direct prosecution of persons.
Fig. 1 shows the main theory and the structural outline of the invention with the database (8) in the centre. All data regarding inventory, transactions and events are stored and processed in the database, thus providing full security and integrity of the linked data, whether it is numerical, textual, video or even audio. This can be established by the use of modern relational databases utilising structured query language (SQL) or any other computational means that is capable of properly and securely storing and linking the different data types.
Inventory and personnel of the controlled space can be recorded with the help of RFID or barcode hand readers (3), passage of the articles or personnel through the sensing volume of any of the RFID gates (2), external data sources (e.g. manual typed entry, available inventory, personnel files or transfer lists), through remote access (5)) or the combination of any of the above. Image data (1) can be acquired from many sources including, but not limited to digital surveillance cameras or digital capture methods with traditional analogue video cameras. Several types of biometrical data (4) can also be linked to personnel, which can highly enhance the security of the access control functions of such a system.
The core software, or in embedded systems the firmware, is responsible for linking all applicable data to the corresponding entities within the database. It should also track and analyse all events to determine the necessary actions, like the activation of alarms (7) and/or notify other parties through remote access (8). At any given point authorised personnel can extract all records
and various logs through a suitable reporting system (6) either on site or through remote access (5).
Fig. 2 shows a combined flowchart and layout of the system. Nearly all events in the system are initiated by some type of sensory input (1) which depends on either the physical realisation of the system or through software options. Sensory inputs (1) can be passive infrared sensors, radar sensors, optogates or any other motion or presence sensing devices that can activate the RFID gates if they are not active at all times. The unnecessary emission of radio waves can be minimised in this manner. Additional measures can also limit access to the controlled space, such as fork gates, doors with electromagnetic locks (5), etc. They can be combined with biometrical identification devices that can still add to the level of security. All data from the above devices will also be used as inputs to the same system.
If the RFID gates are always active, the above sensors are still able to trigger imaging and/or alarms to notify personnel about breaches of security where someone tries to pass through the gates without valid RFID tags or cards.
When an RFID event (2) occurs, all necessary details are instantly stored in the database as one of the primary events. As most RFID systems are able to perform simultaneous interrogation of several (<100) tags in their sensing volume, such simultaneous reads can be linked together to form a collective event. The imaging subsystem (8) is activated to record video or a predetermined number of images of the sensing volume of the gates and/or other portions of the access area. Various timeout settings based on empirical research of the local installation environment can help resolve timing deficiencies.
Tag attributes and the applicable access rights for the collective event are extracted from the database (12). The software core (3) then processes ail article and personnel combinations (4) to determine the necessary actions. If the person passing through the gates is authorised to carry the detected articles, the system can open locks or gates (5), notify security personnel (11)
to let the person through doors. If the combination of the tags is in any way prohibited by their attributes and the corresponding security settings, the system can stop the entry (or exit) of the controlled space (5), activate the necessary alarm level (6), notify security personnel either through the local terminal (11) or through remote access (9), etc. (7).
Such a system is highly scalable with a high number of device options and optional software settings to suit various security needs and installation types. The main operating conditions can be set and edited by a local authorised user (10), preferably the security chief of the installation. Also, he/she is the person who should be authorised to extract reports and logs from the system to analyse security events. This 'super-user' is also the person that could edit, delete or modify article and personnel records together with their attributes and access rights.
On-site security personnel (11) (if there are any) should only be authorised to handle the current security events or grant temporary access rights with the issue of guest RFID tags.
Fig. 3 shows a typical barebone solution for office environments where several valuable articles (B) and personnel (A) are contained within the same controlled space (D). Imaging devices (H) are located at the access points to the controlled space (D) aimed at the sensing volume (F) of the RFID gates (E). All protected valuable items can be equipped with RFID tags (C) just as all personnel (A).
This system can also operate in a covert mode in which the RFID and access events are logged together with the matching image data without any permanent terminal or client attached to the main unit. General office personnel should only be notified of the access control function of the system and article tags (C) can be covertly applied to the target items (B). Such a covert article surveillance solution is able to resolve 'inside' security breaches and can be installed quickly. Even simple analysis of the data can provide sufficient proof of a security breach.
Fig. 4 shows a typical shop environment where two separate zones (G1 and G2) are defined within the same controlled space (D). Goods (B) arriving through the access point of the storage area or the 'loading bay' (I) pass through the sensing volume (F) of the RFID gates (E) and automatically entered to the inventory of the storage area (G1 ) with the simultaneous read capability of the RFID readers. If they are not already equipped with RFID tags (C) arriving from the warehouse or the factory, they can be entered to the system locally with the help of hand readers (N). Later, when the goods pass through the gates (J) between the storage area (G1) and the retail area (G2) their records are automatically transferred from the storage to the retail inventory. The cashier (A/L) will put together the bill using a hand reader (N), thus clearing the items from the retail inventory. After appropriate payment the system will 'clear' items (B/C) to be taken off the premises by customers (M) through the customer exit (K). Any items not cleared through the cash register (L) can activate alarms and imaging devices (H) located at the access points (l/J/K). Shop personnel (A), who clear goods (B) for exit can also be permanently identified for the system with the same hand readers (N) used at the cashier for the goods as they carry the same technology RFID cards (C). Also, image data (H) from all the read events at any of the readers, whether hand or gate (E/L), can be linked to the appropriate transactions. Any person carrying any RFID tags, either personal or article tags, (C) through any of the access points to the whole controlled space or between the zones is also taken a moving or stationary image of.
Some of the above is already demonstrated in prior art WO98/11520 (Clare et al.) but only for retail shop environments with the exception of full integration of video/audio, inventory, transaction and personnel data into the same database. Also, prior art fails to integrate access control and electronic article surveillance functions, despite the obvious economical and security benefits.
Fig. 5 shows a typical report of a security event extracted from the reporting subsystem. This is the main functionality of the tactical screen as well in a slightly different layout (landscape monitor layout). It contains all the necessary data to analyse an access or security event with all available
images from both the surveillance cameras and the images stored in the database for reference. The current analysis shows that the person currently in the sensing volume of the RFID gate cannot take the cat outside the premises as it is designated as 'on site only'.
Additional features may include a facial recognition module to automatically match real time image data to stored id card images and displaying the results. Suitable graphics will be used to differentiate between certain alarm levels with colour coding or highlighting.
Legend for figures 1-4
Fig. 1
1 image data, camera, imaging device
2 RFID gate readers, RFID data
3 RFID hand readers, RFID data
4 biometrical data, fingerprint, iris image, palmprint, voice sample
5 remote access, network terminal, Internet, dial-up connection 6 event log & reports, reporting system
7 alarm subsystem, audio and visual alarm
8 database with core software, stored procedures
Fig. 2
1 sensory input, passive infrared and radar motion detectors + RFID
2 RFID read event, tag passing through the gate
3 software core, transactional control element 4 tag combination analysis, article and person combinations, core sw
5 lock/gate subsystem, physical access control
6 alarm subsystem, audio and visual alarm
7 other actions required for additional security
8 camera, imaging subsystem triggered by RFID read event
9 remote access, network terminal, Internet, dial-up connection
10 terminal and access rights for chief of security, super-user
11 terminal and access rights for on-site security personnel
12 database with core software, stored procedures
Fig. 3
A office personnel, staff, guest with id card B valuable articles, goods within the controlled space
C RFID tag, personnel or article allocated
D controlled space, office
E RFID gate readers
F sensing volume of RFID gate antennas H camera, imaging device, directed to the sensing volume
Fig. 4
A shop personnel, staff with RFID card B goods in packages, with RFID tags
C RFID tag, personnel or article allocated
D controlled space, retail establishment
E RFID gate readers
F sensing volume of RFID gate antennas G1 storage area of the controlled space, zone 1
G2 retail area of the controlled space, zone 2
H camera, imaging device, directed to the sensing volume
I storage entry, loading bay
J gate between storage area and retail area K customer exit
L cashier, cash desk
M customer, person without personal tag
N RFID hand readers, RFID data