WO2016092432A1 - Key management system - Google Patents

Key management system Download PDF

Info

Publication number
WO2016092432A1
WO2016092432A1 PCT/IB2015/059325 IB2015059325W WO2016092432A1 WO 2016092432 A1 WO2016092432 A1 WO 2016092432A1 IB 2015059325 W IB2015059325 W IB 2015059325W WO 2016092432 A1 WO2016092432 A1 WO 2016092432A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
central database
cylinder lock
nfc
configuration device
Prior art date
Application number
PCT/IB2015/059325
Other languages
French (fr)
Inventor
Frank DEHOUCK
Johan FRANSEN
Original Assignee
Viadact N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Viadact N.V. filed Critical Viadact N.V.
Publication of WO2016092432A1 publication Critical patent/WO2016092432A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00634Power supply for the lock
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00761Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by connected means, e.g. mechanical contacts, plugs, connectors
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/0088Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed centrally

Definitions

  • the present invention relates to a key management system for dynamic management of keys in efficient and secure manner.
  • key management system Different types are known in the prior art.
  • Most conventional key management systems comprise cylinder locks and corresponding physical keys, wherein the grooves in the keys are adapted to the cylinder lock such that the cylinder lock can be opened with the keys.
  • Keys can be managed here by making physical copies of the key and giving these physical copies to relevant persons.
  • the advantage of such a key management system is that standard cylinders and standard keys can be used, wherein both the cylinder locks and the keys are passive, i.e. no energy means need be provided and/or replaced, whereby the technical setup and maintenance of such a key management system is inexpensive and simple. Distribution of the keys among a plurality of persons must however take place physically, whereby the key management system is not very dynamic.
  • Alternative key management systems for instance used in hotels, operate with digital keys, for instance with a numerical code, which are compatible with digital locks.
  • a door can for instance be provided here with a numeric keypad and a logic and mechanism which unlocks the door when a correct code is entered via the numeric keypad.
  • the code can change periodically here.
  • the digital key can be sent to persons who are authorized to open the lock.
  • the advantage of such a system is that the keys can be managed extremely dynamically. Because the keys can be sent digitally and because time restrictions can also be set for the keys, distribution and
  • the invention provides for this purpose a key management system with at least one key which is provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an
  • the key further comprises a memory, a processor and a near field communication (NFC) module
  • the key management system further comprises a configuration device with a further NFC module which is compatible with the NFC module of the key, wherein the NFC module of the key and the further NFC module of the configuration device are configured to launch a predetermined application when the NFC modules make connection, which predetermined application is provided so as to form a secure connection between configuration device and a central database, which central database manages the access conditions, to receive key-related access conditions on the configuration device via the secure connection and to store the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.
  • NFC near field communication
  • the key management system comprises an electronic physical key which is compatible with an electronic cylinder lock.
  • the electronic cylinder lock is passive here, i.e. the electronic cylinder lock does not comprise energy means. Because the lock is a cylinder lock, it can be applied in simple manner in many situations such as doors, windows, cabinets, gates and so on. Cylinder locks are standardized and it will therefore be easy to replace any conventional cylinder lock with an electronic cylinder lock. Because the cylinder lock is passive, periodic maintenance of the cylinder lock is not necessary, whereby the locks can be applied at locations which are remote and difficult to access. The invention is based here on the insight, among others, that the cylinder lock need only operate when the cylinder lock is connected to the key. Because the energy means are provided in the key the cylinder lock can be supplied with energy by the key after being connected to the key. Keys are typically carried and handled by persons, and maintenance of the electronic keys is therefore considerably simpler than maintenance of cylinder locks.
  • the electronic key is provided for the purpose of performing an authentication procedure with the electronic cylinder lock, wherein predetermined access conditions are stored in the memory of the key, and which access conditions influence the success of the authentication procedure and/or the subsequent opening of the cylinder lock.
  • predetermined access conditions are stored in the memory of the key, and which access conditions influence the success of the authentication procedure and/or the subsequent opening of the cylinder lock.
  • the skilled person will appreciate that different embodiments are known for performing an authentication procedure on the basis of access conditions.
  • the access conditions are managed according to the invention in a central database. Because the access conditions are managed in a central database, the access conditions can be implemented in highly dynamic manner. A highly flexible management of the keys is hereby possible.
  • the access conditions are stored in the memory of the key after being received via a configuration device.
  • the configuration device comprises a further NFC module which is compatible with an NFC module in the key.
  • NFC is known to be very safe and is used, among other purposes, to perform payments.
  • NFC allows a secure connection to be set up between two devices, in this case the key and the configuration device, when they come within a distance of several centimetres of each other.
  • the NFC modules are provided for the purpose of launching an application on the configuration device when the NFC modules make connection, which application sets up a secure connection to the central database. Because the connection is secure, access conditions for the key can be sent in secure manner from the central database to the key.
  • the configuration device can for instance be formed by a smart phone.
  • the application is launched when the NFC modules make connection. This results in the user of the key only having to hold the key in the proximity of the configuration device in order to configure the key.
  • the security of the key management system is further high, the key management system is easy to place and maintain, and dynamic assignment of access conditions is possible in secure manner.
  • the secure connection preferably extends between the central database and the further NFC module of the configuration device, more preferably between the central database and the NFC module of the key, most preferably between the central database and the processor of the key.
  • access conditions are not stored in a working memory of the configuration device. It is hereby not possible to intercept access conditions. If it were possible to intercept access conditions, the security of the key management system would be compromised.
  • Having the secure connection extend between central database, which is assumed to be secure, and NFC module, preferably the key, which is assumed to be safe enables access conditions to be sent in secure manner over a public network. This is because the connection between configuration device and central database is typically set up via a public network such as the internet.
  • the application is preferably provided for the purpose of sending an identifier of the key to the central database via the secure connection.
  • the key is hereby identified in the central database and the central database can select and manage access conditions on the basis of key ED.
  • the secure connection is preferably set up on the basis of a set of encryption keys, which are generated once-only during initialization of the key and then stored in the key and in the central database.
  • a key can communicate with the central database via a secure connection.
  • the encryption keys are only generated once, the processor use of the key is optimized. This is because repeated generation of encryption keys would impose an unnecessary load on the processor and the battery of the key.
  • a secure connection between central database and the key can be set up via the configuration device in rapid and efficient manner by once-only generation of a set of encryption keys.
  • a further advantage of storing the encryption keys on the key is that any configuration device can be used as link between the central database and the key for the purpose of exchanging access conditions.
  • the solution according to the preferred embodiment of the invention is that use is only made of the alternative method during the initialization of the key, and the keys of that session are then stored. They can then be used again for the subsequent sessions.
  • This combines the advantages of the two alternatives: on the one hand the supplier need not store a secret key in the memory, and for the communication with each key use is made of a different set of encryption keys, thus achieving a very high score in terms of security, and on the other hand relatively little processing power is required for operational use, so that this can take place more efficiently.
  • the key is preferably further provided with a logging module for logging connections to cylinder locks.
  • the logging module is preferably provided here for the purpose of sending log files to the central database when communication has been set up over the secure connection.
  • Successful and unsuccessful attempts at opening a cylinder lock can be tracked and communicated to the central database by logging connections to cylinder locks.
  • the access conditions are managed in the central database, and the use of the keys can also be monitored on the basis of information from the logging module. Because of the logging module the key management system is further optimized in that a key manager is also aware of any successful and unsuccessful attempt at opening a cylinder lock. Access conditions can be further optimized on the basis hereof.
  • the invention further relates to a method for managing a key system, comprising at least one key provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an authentication procedure between key and cylinder lock and to control an actuator in the cylinder lock on the basis thereof for the purpose of opening the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the method comprises of:
  • a key system according to the invention can be managed dynamically in efficient and safe manner via the method according to the invention.
  • the secure connection is preferably formed so as to extend between the central database and the further NFC module of the configuration device.
  • the communication over the configuration device will hereby be secured all the way into the further NFC module, whereby the access conditions do not make their way unsecured into the working memory of the configuration device.
  • the access conditions cannot hereby be obtained by hacking into the working memory of the configuration device, so further increasing security.
  • the application is preferably further provided for the purpose of sending an identifier of the key to the central database via the secure connection. Sending an identifier enables the central database to select or generate in simple manner specific access conditions related to the key.
  • the application is preferably provided for the purpose of setting up the secure connection on the basis of a set of encryption keys which are generated once-only during initialization of the key and then stored in the key and in the central database.
  • Once-only initializing of the keys with generating and storing of encryption keys optimizes the processor use and energy consumption of the keys, particularly during configuration thereof.
  • the key preferably further comprises a logging module and the method further comprises the step of sending log files to the central database when communication has been set up over the secure connection.
  • figure 1 shows a schematic representation of a key management system according to an embodiment of the invention
  • figure 2 shows an implemented representation of a key management system according to a further embodiment of the invention
  • figure 3 shows a diagram of storing access conditions in the memory of the key according to an embodiment of the invention.
  • figure 4 shows a diagram of opening an electronic cylinder lock according to an embodiment of the invention.
  • Figure 1 shows a schematic representation of a key management system according to an embodiment of the invention.
  • the different functions are shown as separate blocks here in figure 1. These different functions can be performed by different hardware components, although the skilled person will appreciate that these different functions can also be combined in one or more hardware components. The description is therefore not limitative in respect of how the different functions are implemented in the different components of the key management system.
  • Figure 1 shows an electronic cylinder lock 1 , also referred to below as cylinder lock 1.
  • a cylinder lock is defined in the context of the invention as a physical lock mechanism wherein the unique part of the lock mechanism is shaped as a cylindrical plug.
  • This plug comprises electronics and intelligence and also forms the access to the key.
  • This plug can be built into numerous housings, which the plug then drives mechanically.
  • Figure 2 shows different embodiments of cylinder locks 1 and shows how a cylinder can be placed in for instance padlocks, cabinet locks, handle locks, door locks and other types of lock. When the correct key is used, a drive element in the cylinder will here operate the further lock mechanism which lies outside the cylinder.
  • the correct key can be a key wherein the grooves and teeth correspond to the internal grooves and teeth in the cylinder.
  • the corresponding or 'correct' key is the key containing digital codes, also referred to as access conditions, which correspond to digital codes which are stored in a memory of the cylinder lock according to the invention such that a positive authentication procedure can be performed between the cylinder lock and a corresponding key.
  • digital codes also referred to as access conditions
  • access conditions which correspond to digital codes which are stored in a memory of the cylinder lock according to the invention such that a positive authentication procedure can be performed between the cylinder lock and a corresponding key.
  • Cylinder lock 1 comprises a mechanism 2 for physically opening the lock mechanism.
  • Mechanism 2 is provided here for performing a physical movement which corresponds to the rotation of a conventional cylinder such that the lock in which the cylinder is placed is opened.
  • the electronic cylinder lock further comprises a memory 3 and a processor 4.
  • the electronic cylinder lock according to the invention is passive, i.e. no energy means are available, which means that no battery is present in the cylinder lock.
  • Figure 2 shows different types of cylinder lock.
  • Cylinder 1 is provided so as to be incorporated as cylinder in standard locks.
  • Memory 3, processor 4 and mechanism 2 for opening the lock can only come into operation when a key 6 connects to cylinder 1 via connecting means 11 and 5.
  • key 6 does comprise energy means and key 6 can supply energy to the elements in cylinder 1, such as memory 3, processor 4 and mechanism 2 for physically opening the lock.
  • Processor 4 of cylinder lock 1 is provided for the purpose of reading memory 3, for at least partially performing an authentication procedure which will be further elucidated hereinbelow, and is provided for the purpose of at least partially controlling mechanism 2.
  • Connection part 5 of cylinder lock 1 is preferably a female part of a connecting mechanism which forms at least three contact points between key 6 and cylinder lock 1 such that digital signals and energy can be transferred between key 6 and cylinder lock 1 via connecting elements 5 and 11.
  • Preferably stored in memory 3 of cylinder lock 1 is a unique ID and a system code whereby the lock is recognized as part of the system when it makes connection to key 6.
  • Figure 1 further shows a key 6.
  • key 6 forms an electronic physical key comprising a near field communication module 7 (hereinbelow NFC module 7), a memory 8, a processor 9, energy means 10 and a connecting element 11 which is compatible with connecting element 5 of cylinder lock 1.
  • Connecting element 11 is preferably a male part of a connecting mechanism which allows connection of a key 6 to cylinder 1.
  • Key 6 is an active element, i.e. it is self-sufficient in respect of energy by means of energy means 10, which can for instance take the form of a battery.
  • Energy means 10 are further provided for the purpose of supplying energy to cylinder lock 1 when the lock and the cylinder lock are connected.
  • the memory of key 6 comprises at least two, preferably three segments.
  • a first segment is provided for the purpose of storing a unique ID of the key. This key ID is preferably fixed and is preferably determined during production of the key or during first configuration of the key.
  • Stored in a second segment of memory 8 are access conditions which are received from a central database in accordance with a method which will be further elucidated hereinbelow with reference to figure 3.
  • a third segment of memory 8 is provided for the purpose of tracking, or logging, the history of use of the key. Every connection to a cylinder lock, i.e. both successful and unsuccessful attempts to open the cylinder lock, is stored in this third part.
  • Figure 1 further shows a configuration device 12.
  • Configuration device 12 can be formed by for instance a gateway, a mobile phone or a laptop.
  • Configuration device 12 can alternatively be a fixedly disposed device such as a personal computer.
  • Configuration device 12 comprises NFC module 13 which is compatible with NFC module 7 of the key.
  • the configuration device further comprises an internet communication module 14 with which configuration device 12 can connect to the internet.
  • Configuration device 12 further comprises a processor 15 and a working memory 16.
  • the configuration device optionally further comprises a user interface 17, although this is not essential for application of the invention, whereby a gateway without user interface 17 can also function as configuration device.
  • Figure 1 further shows a central database 18 in which the access conditions for all keys 6 are stored and can be managed.
  • the central database can be configured and updated via a user interface (not shown).
  • Central database 18 can be formed by a Cloud system, a server or other internet application.
  • figure 3 relates to download of access data to the key
  • figure 4 relates to the opening of a cylinder lock by means of an electronic key.
  • FIG 3 and 4 show a sequence of steps, from top to bottom in the figure, wherein each step is represented as an interaction between at least two elements.
  • Figure 3 starts by making contact 20 between the NFC module of key 7 and the NFC module of configuration device 13.
  • NFC near field communication
  • This specific NFC technology is characterized by the relatively small range, typically less than 20 cm, preferably less than 15 cm, more preferably less than 10 cm. This means that two NFC modules have to be within a distance of each other which is smaller than the NFC range in order to be able to make contact and exchange data.
  • This step 20 therefore comprises of physically bringing key 6 and configuration device 12 into the proximity of each other so that their respective NFC modules 7 and 13 come into each other's range.
  • the NFC modules are configured here such that they can identify each other and can launch a predetermined application on the basis of this identification.
  • This functionality is embedded in the specific NFC technology, which is used, among other purposes, to perform payments with for instance a mobile telephone comprising an NFC module.
  • An application which triggers internet communication 14 is launched on configuration device 12 by the NFC modules 20 making contact. This is shown in figure 3 with arrow 21. Arrow 21 is shown in figure 3 between NFC module 13 and internet communication module 14.
  • launching an application on configuration device 12 can imply in practice that processor 15 and working memory 16 of configuration device 12 are also switched on, which then in turn instruct the internet communication module 14.
  • Arrow 21 in figure 3 indicates that the trigger for instructing internet communication module 14 comes from NFC module 13, since the NFC module launches the application.
  • the application can hereby launch without the user having to undertake action via the user interface of the configuration device.
  • the internet communication module can in practice also receive its instructions from processor 5 of configuration device 12.
  • Internet communication module 14 makes contact with central database 18, this being indicated with arrow 22.
  • a secure standard SSL (TSL) communication is preferably set up in step
  • the configuration device can register itself here, for instance by means of a public key.
  • An authentication procedure will further be performed, wherein the server sends a challenge to the configuration device and wherein the configuration device digitally signs this challenge with its private key. The server can then check whether this private key corresponds to the public key of the configuration device.
  • Session keys are further exchanged by means of a session key exchange procedure. This procedure can be based on the Diffie-Hellman algorithm.
  • a secure connection to central database 18 can be set up by means of the session keys.
  • the session keys are stored at the location of central database 18 so that these session keys can be reused during a subsequent contact with key 6, so that the session key exchange procedure need only be performed during initialization. At the location of the configuration device the session keys are stored on key 6.
  • the use of the session keys results in a secure connection, designated in figure 3 with reference numeral 23, between central database 18 on the one hand and NFC module 13 of the configuration device on the other. Secure connection
  • Access conditions are sent via secure connection 24 from central database 18 to the NFC module of the key, see step 24, and then to memory 8 of the key, see step 25.
  • central database 18 sends the access conditions to the key on the basis of an identification of the key which has been communicated to the central database in previous steps 21 and 22.
  • the identification of the key is alternatively sent only after secure connection 23 has been set up, such that the identification of the key is also sent encrypted.
  • Steps 26, 27 and 28 relate to the sending of log data, stored on memory 8 of the key, via NFC modules 7 and 13 to central database 18 over secure connection 28.
  • secure connection 23 and secure connection 28 can be the same connection, and that this secure connection is shown twice in the figure because in the example of the figure it is used twice within a period of time to send data.
  • access conditions can be placed on a key 6 in a secure manner and without any great knowledge on the part of a user.
  • a user of a key 6 has only to hold the key in the proximity of configuration device 12, after which the key and the configuration device will automatically perform all steps for configuring the key and updating central database 18 with log data from the key. All sensitive data, i.e. the access conditions, the log data and optionally also the ID of the key, preferably flow over an encrypted connection here such that the security of the key management system can be guaranteed.
  • Figure 4 shows how the opening of an electronic cylinder lock 1 by means of an electronic key 6 begins by contact being made between connecting means 5 of cylinder 1 and connecting means 11 of key 6, this being shown in figure 4 with arrow 30.
  • energy means 10 of the key will not only supply processor 9 and memory 8 of the key with energy but will also supply processor 4 and memory 3 of the cylinder with energy, this being illustrated in the figure with arrows 31.
  • An authentication procedure can hereby be performed wherein processor 9 of the key retrieves access conditions from memory 8 of the key, and optionally identification and/or authentication data related to the key. This is illustrated in figure 4 with arrow 32.
  • Processor 4 of cylinder 1 will likewise retrieve authentication and/or identification data from a memory 3 of the cylinder.
  • the respective processors 9 and 4 can perform an authentication procedure on the basis of these retrieved data, this being illustrated with arrow 34. It is possible on the basis of this authentication procedure to determine whether the key has permission to open the cylinder lock.
  • the conditions for this permission are defined in the access conditions. The access conditions are used to obtain a positive authentication between key and cylinder.
  • Mechanism 2 for opening the lock is set into operation in step 35.
  • the mechanism 2 receives energy from energy means 10 of the key.
  • the mechanism for physical opening preferably comprises an electric actuator which, by performing a movement, physically opens the cylinder lock or at least brings the cylinder lock into a situation in which it can be opened.
  • step 37 will be performed wherein key 6, which is connected via connecting means 11 and 5 to the cylinder, is rotated so as to open the cylinder lock by means of the rotation. This is illustrated in figure 4 with arrow 37.
  • Figure 4 further shows arrow 38, which indicates that processor 9 of the key stores data relating to the attempt to open the cylinder lock, irrespective of whether the attempt has been successful or not, on memory 8 of the key in order to thus update a log file on activities with key 6.

Abstract

Key management system comprising at least one key which is provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for controlling the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the key management system further comprises a configuration device with a further NFC module, wherein the NFC module and the further NFC module are configured to launch a predetermined application when the NFC modules make connection, which predetermined application is provided so as to form a secure connection between configuration device and a central database, which central database manages the access conditions, to receive key-related access conditions on the configuration device via the secure connection and to store the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.

Description

Key management system
The present invention relates to a key management system for dynamic management of keys in efficient and secure manner.
Different types of key management system are known in the prior art. Most conventional key management systems comprise cylinder locks and corresponding physical keys, wherein the grooves in the keys are adapted to the cylinder lock such that the cylinder lock can be opened with the keys. Keys can be managed here by making physical copies of the key and giving these physical copies to relevant persons. The advantage of such a key management system is that standard cylinders and standard keys can be used, wherein both the cylinder locks and the keys are passive, i.e. no energy means need be provided and/or replaced, whereby the technical setup and maintenance of such a key management system is inexpensive and simple. Distribution of the keys among a plurality of persons must however take place physically, whereby the key management system is not very dynamic.
Alternative key management systems, for instance used in hotels, operate with digital keys, for instance with a numerical code, which are compatible with digital locks. A door can for instance be provided here with a numeric keypad and a logic and mechanism which unlocks the door when a correct code is entered via the numeric keypad. The code can change periodically here. The digital key can be sent to persons who are authorized to open the lock. The advantage of such a system is that the keys can be managed extremely dynamically. Because the keys can be sent digitally and because time restrictions can also be set for the keys, distribution and
management of keys is quick and easy. The drawback of such a system is that the physical management of the key system, i.e. placing and maintenance of the digital locks and forwarding keys in a secure manner, is difficult and complex. This is because the locks are considerably less standard than generally known and standardized cylinder locks. Digital locks are further provided with energy means such as batteries or connection to the mains electricity. These batteries and/or connection to the mains require periodical maintenance in order to ensure proper operation of the lock. The digital keys are also preferably supplied in encrypted form to the relevant persons, and an encryption system must therefore be provided in order to deliver the key in secure manner to the relevant person. All this makes the existing digital key management systems expensive and complex.
It is an object to provide a key management system which is simple and inexpensive to maintain and with which keys can be assigned dynamically and wherein keys can be exchanged in a secure manner.
The invention provides for this purpose a key management system with at least one key which is provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an
authentication procedure between key and cylinder lock and to control an actuator in the cylinder lock on the basis thereof for the purpose of opening the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the key management system further comprises a configuration device with a further NFC module which is compatible with the NFC module of the key, wherein the NFC module of the key and the further NFC module of the configuration device are configured to launch a predetermined application when the NFC modules make connection, which predetermined application is provided so as to form a secure connection between configuration device and a central database, which central database manages the access conditions, to receive key-related access conditions on the configuration device via the secure connection and to store the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.
The key management system according to the invention comprises an electronic physical key which is compatible with an electronic cylinder lock. The electronic cylinder lock is passive here, i.e. the electronic cylinder lock does not comprise energy means. Because the lock is a cylinder lock, it can be applied in simple manner in many situations such as doors, windows, cabinets, gates and so on. Cylinder locks are standardized and it will therefore be easy to replace any conventional cylinder lock with an electronic cylinder lock. Because the cylinder lock is passive, periodic maintenance of the cylinder lock is not necessary, whereby the locks can be applied at locations which are remote and difficult to access. The invention is based here on the insight, among others, that the cylinder lock need only operate when the cylinder lock is connected to the key. Because the energy means are provided in the key the cylinder lock can be supplied with energy by the key after being connected to the key. Keys are typically carried and handled by persons, and maintenance of the electronic keys is therefore considerably simpler than maintenance of cylinder locks.
The electronic key is provided for the purpose of performing an authentication procedure with the electronic cylinder lock, wherein predetermined access conditions are stored in the memory of the key, and which access conditions influence the success of the authentication procedure and/or the subsequent opening of the cylinder lock. The skilled person will appreciate that different embodiments are known for performing an authentication procedure on the basis of access conditions. The access conditions are managed according to the invention in a central database. Because the access conditions are managed in a central database, the access conditions can be implemented in highly dynamic manner. A highly flexible management of the keys is hereby possible. The access conditions are stored in the memory of the key after being received via a configuration device. The configuration device comprises a further NFC module which is compatible with an NFC module in the key. NFC is known to be very safe and is used, among other purposes, to perform payments. NFC allows a secure connection to be set up between two devices, in this case the key and the configuration device, when they come within a distance of several centimetres of each other. The NFC modules are provided for the purpose of launching an application on the configuration device when the NFC modules make connection, which application sets up a secure connection to the central database. Because the connection is secure, access conditions for the key can be sent in secure manner from the central database to the key. The configuration device can for instance be formed by a smart phone. The application is launched when the NFC modules make connection. This results in the user of the key only having to hold the key in the proximity of the configuration device in order to configure the key. Holding the key and configuration device close to each other triggers launch of the application, which application automatically begins to set up the secure connection, receive the access conditions for the key and store them in the memory of the key. This means that a user of the key need not have any great knowledge of the working of the key in order to be able to use the key. This considerably simplifies use of the key management system according to the invention. The security of the key management system is further high, the key management system is easy to place and maintain, and dynamic assignment of access conditions is possible in secure manner.
The secure connection preferably extends between the central database and the further NFC module of the configuration device, more preferably between the central database and the NFC module of the key, most preferably between the central database and the processor of the key. When the secure connection extends between NFC module and the central database, access conditions are not stored in a working memory of the configuration device. It is hereby not possible to intercept access conditions. If it were possible to intercept access conditions, the security of the key management system would be compromised. Having the secure connection extend between central database, which is assumed to be secure, and NFC module, preferably the key, which is assumed to be safe, enables access conditions to be sent in secure manner over a public network. This is because the connection between configuration device and central database is typically set up via a public network such as the internet.
The application is preferably provided for the purpose of sending an identifier of the key to the central database via the secure connection. The key is hereby identified in the central database and the central database can select and manage access conditions on the basis of key ED.
The secure connection is preferably set up on the basis of a set of encryption keys, which are generated once-only during initialization of the key and then stored in the key and in the central database. By setting up the secure connection on the basis of a set of encryption keys a key can communicate with the central database via a secure connection. When the encryption keys are only generated once, the processor use of the key is optimized. This is because repeated generation of encryption keys would impose an unnecessary load on the processor and the battery of the key. A secure connection between central database and the key can be set up via the configuration device in rapid and efficient manner by once-only generation of a set of encryption keys. A further advantage of storing the encryption keys on the key is that any configuration device can be used as link between the central database and the key for the purpose of exchanging access conditions.
Use is made in many cases of a symmetrical encryption: two identical keys are stored securely here on the two sides, central database on one side and key on the other. Specifically for this solution this would conventionally result in the supplier of the keys already having to store the secret key on the key when it is supplied. This would of course be a weak point in the security. A second weak point would be that it would then be almost inevitably necessary in operation to choose the same secret key for all keys. If a key is then hacked, the security of the whole system would be compromised.
An alternative method would be for a key to be generated at random on both sides during each communication session, which is then only used for that one session (for instance Diffie- Hellman). The problem specifically for this solution would be that this uses too much processing power, which significantly slows down communication. This therefore results in operational problems.
The solution according to the preferred embodiment of the invention is that use is only made of the alternative method during the initialization of the key, and the keys of that session are then stored. They can then be used again for the subsequent sessions. This combines the advantages of the two alternatives: on the one hand the supplier need not store a secret key in the memory, and for the communication with each key use is made of a different set of encryption keys, thus achieving a very high score in terms of security, and on the other hand relatively little processing power is required for operational use, so that this can take place more efficiently.
The key is preferably further provided with a logging module for logging connections to cylinder locks. The logging module is preferably provided here for the purpose of sending log files to the central database when communication has been set up over the secure connection.
Successful and unsuccessful attempts at opening a cylinder lock can be tracked and communicated to the central database by logging connections to cylinder locks. The access conditions are managed in the central database, and the use of the keys can also be monitored on the basis of information from the logging module. Because of the logging module the key management system is further optimized in that a key manager is also aware of any successful and unsuccessful attempt at opening a cylinder lock. Access conditions can be further optimized on the basis hereof.
The invention further relates to a method for managing a key system, comprising at least one key provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an authentication procedure between key and cylinder lock and to control an actuator in the cylinder lock on the basis thereof for the purpose of opening the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the method comprises of:
- making a connection between the NFC module of the key and a further NFC module of the configuration device which is compatible with the NFC module of the key;
- launching a predetermined application when the NFC modules make connection, this application being provided for the purpose of performing subsequent steps of the method of:
- forming a secure connection between configuration device and a central database, which central database manages the access conditions;
- receiving key-related access conditions;
- storing the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.
A key system according to the invention can be managed dynamically in efficient and safe manner via the method according to the invention.
The secure connection is preferably formed so as to extend between the central database and the further NFC module of the configuration device. The communication over the configuration device will hereby be secured all the way into the further NFC module, whereby the access conditions do not make their way unsecured into the working memory of the configuration device. The access conditions cannot hereby be obtained by hacking into the working memory of the configuration device, so further increasing security.
The application is preferably further provided for the purpose of sending an identifier of the key to the central database via the secure connection. Sending an identifier enables the central database to select or generate in simple manner specific access conditions related to the key.
The application is preferably provided for the purpose of setting up the secure connection on the basis of a set of encryption keys which are generated once-only during initialization of the key and then stored in the key and in the central database. Once-only initializing of the keys with generating and storing of encryption keys optimizes the processor use and energy consumption of the keys, particularly during configuration thereof.
The key preferably further comprises a logging module and the method further comprises the step of sending log files to the central database when communication has been set up over the secure connection.
The invention will now be further described on the basis of an exemplary embodiment shown in the drawing.
In the drawing: figure 1 shows a schematic representation of a key management system according to an embodiment of the invention;
figure 2 shows an implemented representation of a key management system according to a further embodiment of the invention;
figure 3 shows a diagram of storing access conditions in the memory of the key according to an embodiment of the invention; and
figure 4 shows a diagram of opening an electronic cylinder lock according to an embodiment of the invention.
The same or similar elements are designated in the drawing with the same reference numerals.
Figure 1 shows a schematic representation of a key management system according to an embodiment of the invention. The different functions are shown as separate blocks here in figure 1. These different functions can be performed by different hardware components, although the skilled person will appreciate that these different functions can also be combined in one or more hardware components. The description is therefore not limitative in respect of how the different functions are implemented in the different components of the key management system.
Figure 1 shows an electronic cylinder lock 1 , also referred to below as cylinder lock 1. A cylinder lock is defined in the context of the invention as a physical lock mechanism wherein the unique part of the lock mechanism is shaped as a cylindrical plug. This plug comprises electronics and intelligence and also forms the access to the key. This plug can be built into numerous housings, which the plug then drives mechanically. Figure 2 shows different embodiments of cylinder locks 1 and shows how a cylinder can be placed in for instance padlocks, cabinet locks, handle locks, door locks and other types of lock. When the correct key is used, a drive element in the cylinder will here operate the further lock mechanism which lies outside the cylinder. In a conventional cylinder lock the correct key can be a key wherein the grooves and teeth correspond to the internal grooves and teeth in the cylinder. In the cylinder lock according to the invention the corresponding or 'correct' key is the key containing digital codes, also referred to as access conditions, which correspond to digital codes which are stored in a memory of the cylinder lock according to the invention such that a positive authentication procedure can be performed between the cylinder lock and a corresponding key. It will be apparent to the skilled person that a cylinder lock according to the invention can have different sub-types, such as Europrofile, Scandinavian oval and the like.
Cylinder lock 1 comprises a mechanism 2 for physically opening the lock mechanism. Mechanism 2 is provided here for performing a physical movement which corresponds to the rotation of a conventional cylinder such that the lock in which the cylinder is placed is opened. The electronic cylinder lock further comprises a memory 3 and a processor 4. The electronic cylinder lock according to the invention is passive, i.e. no energy means are available, which means that no battery is present in the cylinder lock. Figure 2 shows different types of cylinder lock. Cylinder 1 is provided so as to be incorporated as cylinder in standard locks. Memory 3, processor 4 and mechanism 2 for opening the lock can only come into operation when a key 6 connects to cylinder 1 via connecting means 11 and 5. In contrast to cylinder 1, key 6 does comprise energy means and key 6 can supply energy to the elements in cylinder 1, such as memory 3, processor 4 and mechanism 2 for physically opening the lock.
Processor 4 of cylinder lock 1 is provided for the purpose of reading memory 3, for at least partially performing an authentication procedure which will be further elucidated hereinbelow, and is provided for the purpose of at least partially controlling mechanism 2. Connection part 5 of cylinder lock 1 is preferably a female part of a connecting mechanism which forms at least three contact points between key 6 and cylinder lock 1 such that digital signals and energy can be transferred between key 6 and cylinder lock 1 via connecting elements 5 and 11. Preferably stored in memory 3 of cylinder lock 1 is a unique ID and a system code whereby the lock is recognized as part of the system when it makes connection to key 6.
Figure 1 further shows a key 6. As also shown in figure 2, key 6 forms an electronic physical key comprising a near field communication module 7 (hereinbelow NFC module 7), a memory 8, a processor 9, energy means 10 and a connecting element 11 which is compatible with connecting element 5 of cylinder lock 1. Connecting element 11 is preferably a male part of a connecting mechanism which allows connection of a key 6 to cylinder 1. Key 6 is an active element, i.e. it is self-sufficient in respect of energy by means of energy means 10, which can for instance take the form of a battery. Energy means 10 are further provided for the purpose of supplying energy to cylinder lock 1 when the lock and the cylinder lock are connected.
The memory of key 6 comprises at least two, preferably three segments. A first segment is provided for the purpose of storing a unique ID of the key. This key ID is preferably fixed and is preferably determined during production of the key or during first configuration of the key. Stored in a second segment of memory 8 are access conditions which are received from a central database in accordance with a method which will be further elucidated hereinbelow with reference to figure 3. A third segment of memory 8 is provided for the purpose of tracking, or logging, the history of use of the key. Every connection to a cylinder lock, i.e. both successful and unsuccessful attempts to open the cylinder lock, is stored in this third part.
Figure 1 further shows a configuration device 12. Configuration device 12 can be formed by for instance a gateway, a mobile phone or a laptop. Configuration device 12 can alternatively be a fixedly disposed device such as a personal computer. Configuration device 12 comprises NFC module 13 which is compatible with NFC module 7 of the key. The configuration device further comprises an internet communication module 14 with which configuration device 12 can connect to the internet. Configuration device 12 further comprises a processor 15 and a working memory 16. The configuration device optionally further comprises a user interface 17, although this is not essential for application of the invention, whereby a gateway without user interface 17 can also function as configuration device.
Figure 1 further shows a central database 18 in which the access conditions for all keys 6 are stored and can be managed. The central database can be configured and updated via a user interface (not shown). Central database 18 can be formed by a Cloud system, a server or other internet application.
The use of the key management system as shown in figure 1 will be explained with reference to figures 3 and 4. In figures 3 and 4 different functional elements of the key
management system are shown as vertical lines and the interaction between the different modules is indicated with horizontal arrows extending between the elements. While figure 3 relates to download of access data to the key, figure 4 relates to the opening of a cylinder lock by means of an electronic key. Each of the figures 3 and 4 show a sequence of steps, from top to bottom in the figure, wherein each step is represented as an interaction between at least two elements.
Figure 3 starts by making contact 20 between the NFC module of key 7 and the NFC module of configuration device 13. NFC, near field communication, is preferably defined here as the specific technology wherein data are transferred between devices at a frequency of 13.56 Mhz. This specific NFC technology is characterized by the relatively small range, typically less than 20 cm, preferably less than 15 cm, more preferably less than 10 cm. This means that two NFC modules have to be within a distance of each other which is smaller than the NFC range in order to be able to make contact and exchange data. This step 20 therefore comprises of physically bringing key 6 and configuration device 12 into the proximity of each other so that their respective NFC modules 7 and 13 come into each other's range. The NFC modules are configured here such that they can identify each other and can launch a predetermined application on the basis of this identification. This functionality is embedded in the specific NFC technology, which is used, among other purposes, to perform payments with for instance a mobile telephone comprising an NFC module.
An application which triggers internet communication 14 is launched on configuration device 12 by the NFC modules 20 making contact. This is shown in figure 3 with arrow 21. Arrow 21 is shown in figure 3 between NFC module 13 and internet communication module 14. The skilled person will appreciate that launching an application on configuration device 12 can imply in practice that processor 15 and working memory 16 of configuration device 12 are also switched on, which then in turn instruct the internet communication module 14. Arrow 21 in figure 3 indicates that the trigger for instructing internet communication module 14 comes from NFC module 13, since the NFC module launches the application. The application can hereby launch without the user having to undertake action via the user interface of the configuration device. The internet communication module can in practice also receive its instructions from processor 5 of configuration device 12.
Internet communication module 14 makes contact with central database 18, this being indicated with arrow 22. A secure standard SSL (TSL) communication is preferably set up in step
22 using tried and tested PKIs. The configuration device can register itself here, for instance by means of a public key. An authentication procedure will further be performed, wherein the server sends a challenge to the configuration device and wherein the configuration device digitally signs this challenge with its private key. The server can then check whether this private key corresponds to the public key of the configuration device. Session keys are further exchanged by means of a session key exchange procedure. This procedure can be based on the Diffie-Hellman algorithm. Once the session keys have been exchanged, a secure connection to central database 18 can be set up by means of the session keys. The session keys are stored at the location of central database 18 so that these session keys can be reused during a subsequent contact with key 6, so that the session key exchange procedure need only be performed during initialization. At the location of the configuration device the session keys are stored on key 6. The use of the session keys results in a secure connection, designated in figure 3 with reference numeral 23, between central database 18 on the one hand and NFC module 13 of the configuration device on the other. Secure connection
23 is alternatively set up between the NFC module of key 7 and central database 18. The advantage hereof is that the data which are sent from the central database to the key and the data which are sent from the key to the central database only finds their way onto configuration device 12 in encrypted form. It will hereby be impossible, for instance by breaking into the memory of the configuration device, to obtain keys or access conditions for keys 6.
Access conditions are sent via secure connection 24 from central database 18 to the NFC module of the key, see step 24, and then to memory 8 of the key, see step 25. It will be apparent here that central database 18 sends the access conditions to the key on the basis of an identification of the key which has been communicated to the central database in previous steps 21 and 22. The identification of the key is alternatively sent only after secure connection 23 has been set up, such that the identification of the key is also sent encrypted. Steps 26, 27 and 28 relate to the sending of log data, stored on memory 8 of the key, via NFC modules 7 and 13 to central database 18 over secure connection 28. It will be apparent here to the skilled person that secure connection 23 and secure connection 28 can be the same connection, and that this secure connection is shown twice in the figure because in the example of the figure it is used twice within a period of time to send data.
Via the method shown in figure 3 access conditions can be placed on a key 6 in a secure manner and without any great knowledge on the part of a user. A user of a key 6 has only to hold the key in the proximity of configuration device 12, after which the key and the configuration device will automatically perform all steps for configuring the key and updating central database 18 with log data from the key. All sensitive data, i.e. the access conditions, the log data and optionally also the ID of the key, preferably flow over an encrypted connection here such that the security of the key management system can be guaranteed.
Figure 4 shows how the opening of an electronic cylinder lock 1 by means of an electronic key 6 begins by contact being made between connecting means 5 of cylinder 1 and connecting means 11 of key 6, this being shown in figure 4 with arrow 30. When these connecting means make contact, energy means 10 of the key will not only supply processor 9 and memory 8 of the key with energy but will also supply processor 4 and memory 3 of the cylinder with energy, this being illustrated in the figure with arrows 31. An authentication procedure can hereby be performed wherein processor 9 of the key retrieves access conditions from memory 8 of the key, and optionally identification and/or authentication data related to the key. This is illustrated in figure 4 with arrow 32. Processor 4 of cylinder 1 will likewise retrieve authentication and/or identification data from a memory 3 of the cylinder. This is illustrated in figure 4 with arrow 33. The respective processors 9 and 4 can perform an authentication procedure on the basis of these retrieved data, this being illustrated with arrow 34. It is possible on the basis of this authentication procedure to determine whether the key has permission to open the cylinder lock. The conditions for this permission are defined in the access conditions. The access conditions are used to obtain a positive authentication between key and cylinder.
When no positive authentication is obtained between key and cylinder, the communication between key and cylinder stops and the cylinder will not open. Only when a positive authentication is obtained between key and cylinder will the steps 35, 36 and 37 of figure 4 be performed.
Mechanism 2 for opening the lock is set into operation in step 35. In order to open the cylinder lock the mechanism 2 receives energy from energy means 10 of the key. This is illustrated in the figure with arrow 36. The mechanism for physical opening preferably comprises an electric actuator which, by performing a movement, physically opens the cylinder lock or at least brings the cylinder lock into a situation in which it can be opened. In the latter case step 37 will be performed wherein key 6, which is connected via connecting means 11 and 5 to the cylinder, is rotated so as to open the cylinder lock by means of the rotation. This is illustrated in figure 4 with arrow 37.
Figure 4 further shows arrow 38, which indicates that processor 9 of the key stores data relating to the attempt to open the cylinder lock, irrespective of whether the attempt has been successful or not, on memory 8 of the key in order to thus update a log file on activities with key 6.
It will be apparent on the basis of the above description that different ways of embodying and optimizing the method according to the invention in practice can be envisaged. The invention is therefore not limited to the described embodiments, and will be defined solely in the claims.

Claims

Claims
1. Key management system comprising at least one key which is provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an authentication procedure between key and cylinder lock and to control an actuator in the cylinder lock on the basis thereof for the purpose of opening the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the key management system further comprises a configuration device with a further NFC module which is compatible with the NFC module of the key, wherein the NFC module of the key and the further NFC module of the configuration device are configured to launch a predetermined application when the NFC modules make connection, which predetermined application is provided so as to form a secure connection between configuration device and a central database, which central database manages the access conditions, to receive key-related access conditions on the configuration device via the secure connection and to store the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.
2. Key management system as claimed in claim 1 , wherein the secure connection extends between the central database and the further NFC module of the configuration device.
3. Key management system as claimed in any of the foregoing claims, wherein the application is provided for the purpose of sending an identifier of the key to the central database via the secure connection.
4. Key management system as claimed in any of the foregoing claims, wherein the secure connection is set up on the basis of a set of encryption keys, which are generated once-only during initialization of the key and then stored in the key and in the central database.
5. Key management system as claimed in any of the foregoing claims, wherein the key is further provided with a logging module for logging connections to cylinder locks.
6. Key management system as claimed in claim 5, wherein the logging module is provided for the purpose of sending log files to the central database when communication has been set up over the secure connection.
7. Method for managing a key system, comprising at least one key provided for physical connection to a passive cylinder lock, wherein the key comprises energy means for supplying energy to the passive cylinder lock in order to perform an authentication procedure between key and cylinder lock and to control an actuator in the cylinder lock on the basis thereof for the purpose of opening the cylinder lock, wherein the key further comprises a memory, a processor and a near field communication (NFC) module, wherein the method comprises of: - making a connection between the NFC module of the key and a further NFC module of the configuration device which is compatible with the NFC module of the key;
- launching a predetermined application when the NFC modules make connection, this application being provided for the purpose of performing subsequent steps of the method of:
- forming a secure connection between configuration device and a central database, which central database manages the access conditions;
- receiving key-related access conditions;
- storing the received access conditions in the memory of the key via the connection between the NFC modules, on the basis of which access conditions the authentication procedure can be performed.
8. Method as claimed in claim 7, wherein the secure connection is formed so as to extend between the central database and the further NFC module of the configuration device.
9. Method as claimed in claim 7 or 8, wherein the application is further provided for the purpose of sending an identifier of the key to the central database via the secure connection.
10. Method as claimed in any of the claims 7-9, wherein the application is provided for the purpose of setting up the secure connection on the basis of a set of encryption keys which are generated once-only during initialization of the key and then stored in the key and in the central database.
11. Method as claimed in any of the claims 7-10, wherein the key further comprises a logging module and wherein the method further comprises the step of sending log files to the central database when communication has been set up over the secure connection.
PCT/IB2015/059325 2014-12-10 2015-12-03 Key management system WO2016092432A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
BE2014/5111A BE1022614B1 (en) 2014-12-10 2014-12-10 Key management system
BE2014/5111 2014-12-10

Publications (1)

Publication Number Publication Date
WO2016092432A1 true WO2016092432A1 (en) 2016-06-16

Family

ID=52745852

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/059325 WO2016092432A1 (en) 2014-12-10 2015-12-03 Key management system

Country Status (2)

Country Link
BE (1) BE1022614B1 (en)
WO (1) WO2016092432A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106355716A (en) * 2016-08-31 2017-01-25 中山达华智能科技股份有限公司 Passive electronic lock
AT520170A1 (en) * 2017-02-14 2019-01-15 Domakaba Schweiz Ag Method for the secure administration of a lock, in particular for a safe, by means of a computer
EP3874474A4 (en) * 2018-10-31 2022-08-17 Swedlock AB A system to provide access to premises that comprise entrances locked by means of electromechanical key locks

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5140317A (en) * 1990-05-11 1992-08-18 Medeco Security Locks, Inc. Electronic security system
US5552777A (en) * 1992-02-14 1996-09-03 Security People, Inc. Mechanical/electronic lock and key
EP2348490A1 (en) * 2009-12-22 2011-07-27 9Solutions Oy Access control system
US20120280789A1 (en) * 2011-05-02 2012-11-08 Apigy Inc. Systems and methods for controlling a locking mechanism using a portable electronic device
WO2014044832A1 (en) * 2012-09-21 2014-03-27 Simonsvoss Technologies Gmbh Method and system for the configuration of small locking systems

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5140317A (en) * 1990-05-11 1992-08-18 Medeco Security Locks, Inc. Electronic security system
US5552777A (en) * 1992-02-14 1996-09-03 Security People, Inc. Mechanical/electronic lock and key
EP2348490A1 (en) * 2009-12-22 2011-07-27 9Solutions Oy Access control system
US20120280789A1 (en) * 2011-05-02 2012-11-08 Apigy Inc. Systems and methods for controlling a locking mechanism using a portable electronic device
WO2014044832A1 (en) * 2012-09-21 2014-03-27 Simonsvoss Technologies Gmbh Method and system for the configuration of small locking systems

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106355716A (en) * 2016-08-31 2017-01-25 中山达华智能科技股份有限公司 Passive electronic lock
AT520170A1 (en) * 2017-02-14 2019-01-15 Domakaba Schweiz Ag Method for the secure administration of a lock, in particular for a safe, by means of a computer
AT520170B1 (en) * 2017-02-14 2019-07-15 Dormakaba Schweiz Ag Method for the secure administration of a lock, in particular for a safe, by means of a computer
EP3874474A4 (en) * 2018-10-31 2022-08-17 Swedlock AB A system to provide access to premises that comprise entrances locked by means of electromechanical key locks
US11893845B2 (en) 2018-10-31 2024-02-06 Swedlock Ab System to provide access to premises that comprise entrances locked by means of electromechanical key locks

Also Published As

Publication number Publication date
BE1022614B1 (en) 2016-06-16
BE1022614A1 (en) 2016-06-16

Similar Documents

Publication Publication Date Title
US11799671B2 (en) Secure locking of physical resources using asymmetric cryptography
US10574655B2 (en) Networked access control system
CN104167029B (en) A kind of intelligent lock and its operating method
US11657128B2 (en) Temporary password usage control method and system
TWI491790B (en) A smart lock structure and an operating method thereof
JP5879388B2 (en) Electronic lock, electronic locking system, electronic lock operating method, and computer program
WO2016185013A1 (en) Reader setup/rekeying with dedicated card
US20170230365A1 (en) Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device
ES2902769T3 (en) Cryptographic activation procedure and system of a plurality of equipment
CN104123768B (en) A kind of safe and intelligent lock system and unlocking, shut control method
US9137659B2 (en) Method and system for decoupling user authentication and data encryption on mobile devices
US20150169860A1 (en) Security key using multi-otp, security service apparatus, security system
CN106027475B (en) The transmission method and system of a kind of key acquisition method, ID card information
CN104065485A (en) Power grid dispatching mobile platform safety guaranteeing and controlling method
WO2016092432A1 (en) Key management system
EP3819878B1 (en) Mobile digital locking technology
CN109035515A (en) The control method and door-locking system of smart lock
WO2021089907A1 (en) Mobile digital locking technology
EP2356637A1 (en) Card credential method and system
CN104054315A (en) Secure information access over network
US20160050066A1 (en) Management of an encryption key for a secure data storage device on a trusted device paired to the secure device over a personal area network
KR101958189B1 (en) Smart locking device and locking service method thereof
CN107920097B (en) Unlocking method and device
WO2014172773A1 (en) Method and system for decoupling user authentication and data encryption on mobile devices
US11616655B2 (en) Asymmetric cryptography assisted authentication and access protocols

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15828519

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 021017)

122 Ep: pct application non-entry in european phase

Ref document number: 15828519

Country of ref document: EP

Kind code of ref document: A1