WO2016202796A1 - Locating an electronic key - Google Patents

Locating an electronic key Download PDF

Info

Publication number
WO2016202796A1
WO2016202796A1 PCT/EP2016/063626 EP2016063626W WO2016202796A1 WO 2016202796 A1 WO2016202796 A1 WO 2016202796A1 EP 2016063626 W EP2016063626 W EP 2016063626W WO 2016202796 A1 WO2016202796 A1 WO 2016202796A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic key
locating device
locating
central server
computer program
Prior art date
Application number
PCT/EP2016/063626
Other languages
French (fr)
Inventor
Stefan STRÖMBERG
Johan Gärde
Original Assignee
Assa Abloy Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Assa Abloy Ab filed Critical Assa Abloy Ab
Publication of WO2016202796A1 publication Critical patent/WO2016202796A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/60Indexing scheme relating to groups G07C9/00174 - G07C9/00944
    • G07C2209/63Comprising locating means for detecting the position of the data carrier, i.e. within the vehicle or within a certain distance from the vehicle
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit

Definitions

  • the invention relates to a method, a locating device, a computer program and a computer program product for locating an electronic key, e.g. when the key has been reported lost.
  • Locks and keys are evolving from the traditional pure mechanical locks. These days, there are wireless interfaces for electronic locks, e.g. by interacting with an electronic key. In some installations, to save power and complexity, the electronic locks are offline without communication ability with a central access control system.
  • a method for locating an electronic key for access to a physical space comprising the steps of: receiving a location query from a central server, the location query comprising an identifier of an electronic key;
  • the locating device invalidates the electronic key when it is discovered by the mobile invalidation device.
  • This allows the central server to send corresponding location queries to many mobile invalidation devices (e.g. smart phones) to thereby greatly increase the chance of one of these devices discovering the electronic key.
  • the central server can transmit the location query to several locating devices to increase chances of finding the electronic key.
  • the location response may comprise an indicator of a position of the locating device.
  • the method may further comprise the step of: obtaining a distance indicator, indicating a distance between the locating device and the electronic key; and wherein the location response comprises the distance indicator.
  • the step of obtaining a distance indicator comprises using a received signal strength indicator.
  • the step of discovering may comprise discovering the presence of the electronic key using Bluetooth low energy, BLE.
  • the method may further comprise the steps of: receiving a central processing unit (CPU)
  • the method may further comprise the steps of: receiving a local confirmation message from the electronic key to be invalidated, the local confirmation message indicating a successful invalidation; and transmitting a central confirmation message to the central server, the central confirmation message indicating a successful invalidation.
  • a locating device for locating an electronic key for access to a physical space.
  • the locating device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the locating device to: receive a location query from a central server, the location query comprising an identifier of an electronic key;
  • the location response may comprise an indicator of a position of the locating device.
  • the locating device may further comprise instructions that, when executed by the processor, cause the locating device to: obtain a distance indicator, indicating a distance between the locating device and the electronic key; and wherein the location response comprises the distance indicator.
  • the instructions to obtain a distance indicator may comprise instructions that, when executed by the processor, cause the locating device to use a received signal strength indicator.
  • the locating device may form part of a mobile phone.
  • the locating device may be a device dedicated to the purpose of locating electronic keys.
  • a computer program for locating an electronic key for access to a physical space comprises computer program code which, when run on a locating device, causes the locating device to: receive a location query from a central server, the location query comprising an identifier of an electronic key; discover a presence of the electronic key over short range radio; and transmit a location response to the central server indicating that the electronic key has been located.
  • a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
  • Fig l is a schematic diagram showing an environment in which embodiments presented herein can be applied;
  • Fig 2 is a schematic diagram illustrating a situation where a lost electronic key is located using a locating device;
  • Fig 3 is a sequence diagram illustrating communication for locating an electronic key;
  • Fig 4 is a flow chart illustrating a method for locating an electronic key, performed in the locating device of Figs 2 and 3;
  • Fig 5 is a schematic diagram illustrating some components of a locating device according to Figs 2 and 3;
  • Fig 6 is a schematic diagram illustrating a locating device provided as part of a mobile phone.
  • Fig 7 shows one example of a computer program product comprising computer readable means.
  • Fig l is a schematic diagram showing an environment in which embodiments presented herein can be applied.
  • Access to a physical space 16 is restricted by a physical barrier 15 which is selectively unlockable.
  • the physical barrier 15 stands between the restricted physical space 16 and an accessible physical space 14.
  • the accessible physical space 14 can be a restricted physical space in itself, but in relation to this physical barrier 15, the accessible physical space 14 is accessible.
  • the barrier 15 can be a door, gate, hatch, window, drawer, etc.
  • an access control device 13 is provided in order to unlock the barrier 15, an access control device 13 is provided.
  • the access control device 13 is connected to a physical lock device 12, which is controllable by the access control device 13 to be set in an unlocked state or locked state. In this embodiment, the access control device 13 is mounted close to the physical lock device 12.
  • the barrier 15 is provided in a surrounding fixed structure, such as a wall or fence.
  • the access control device 13 is able to receive and send signals from/to an electronic key 2 over a communication channel 3 which may be a short range wireless interface or a conductive (i.e. galvanic/electric) connection.
  • the electronic key 2 is any suitable device portable by a user and which can be used for authentication over the communication channel 3.
  • the electronic key 2 is typically carried or worn by the user and may be implemented asa physical key, a key fob, wearable device, etc.
  • the short range wireless interface is a radio frequency wireless interface and could e.g. be using Bluetooth, Bluetooth Low Energy (BLE), ZigBee, any of the IEEE 802. 11 standards, any of the IEEE 802.15 standards, wireless USB, etc.
  • the authenticity of the electronic key 2 can be checked, e.g. using a challenge and response scheme, after which the access control device 13 grants or denies access.
  • the access control device 13 sends an unlock signal to the lock device 12, whereby the lock device 12 is set in an unlocked state.
  • this can e.g. imply a signal over a wire-based
  • USB Universal Serial Bus
  • Ethernet a serial connection (e.g. RS-485 or RS-232) or even a simple electric
  • the lock device 12 When the lock device 12 is in an unlocked state, the barrier 15 can be opened and when the lock device 12 is in a locked state, the barrier 15 cannot be opened. In this way, access to a closed space 16 is controlled by the access control device 13.
  • the access control device 13 and/or the lock device 12 can be mounted in the fixed structure 16 by the physical barrier 15 (as shown) or in the physical barrier 15 itself (not shown).
  • the lock device 12 and access control device 13 are combined in one unit.
  • the lock device (optionally combined with the access control device) is in the form of a padlock or any other suitable implementation.
  • the access control device 13 can be implemented as an offline device, without the ability to directly communicate with a central server of an access control system. In this way, the access control device 13 is easier to implement and uses less power. This allows the access control device 13 to be powered for a long time using a battery or by the electronic key. Optionally, energy harvesting of mechanical user actions and/or environmental power (solar power, wind, etc.) can be utilised to prolong the life span of the battery or event to allow the battery to be omitted.
  • Fig 2 is a schematic diagram illustrating a situation where an electronic key is located using a locating device.
  • a central server 10 of the access control system is responsible for managing keys and locks. The central server 10 can be accessed by an operator to thereby perform management tasks in the access control system.
  • first locating device la there is a first locating device la and a second locating device lb.
  • Each one of the first and second locating devices are described in more detail below, and can e.g. be implemented as part of a mobile phone or as a dedicated locating device.
  • the locating devices la-b can communicate with an electronic key for locating purposes, as explained below, and optionally also for other purposes.
  • a user has lost an electronic key 2' or has had the electronic key 2' stolen.
  • the electronic key 2' then needs to be located to prevent an attacker from gaining access to closed physical spaces, otherwise accessible using the lost electronic key 2'.
  • the central server 10 is made aware of the lost electronic key 2', e.g. by an operator indicating that the electronic key 2' is lost.
  • the central server 10 then sends a location query to all relevant locating devices la-b as explained more below.
  • the second locating device lb is within range 7 to communicate over a short range radio interface 5 with the lost electronic key 2'. This allows the second locating device lb to communicate with the lost electronic key 2'. In this way, the second locating device lb can discover the electronic key 2'.
  • the range 7 depends on the type of short range radio which can be used and radio conditions in the vicinity of the electronic key 2'.
  • the short range radio interface 5 may be the same as the communication channel 3. However, when the communication channel 3 of Fig 1 is based on a conductive connection, the short range radio interface 5 is not the same as the communication channel 3.
  • the short range radio interface 5 may optionally be used for other purposes, e.g. other maintenance purposes for the electronic key 2'.
  • the first locating device la is outside the range 7 of the lost electronic key 2', whereby it is unable to discover and locate the lost electronic key 2'
  • Fig 3 is a sequence diagram illustrating communication for locating an electronic key, e.g. in the environment shown in Fig 2.
  • the sequence is performed to locate of an electronic key.
  • the electronic key to be located is referred to as a lost electronic key.
  • there may be other reasons for locating the electronic key e.g. the electronic key being stolen or that an employee has ended employment and whose electronic key needs to be located.
  • the central server 10 sends a location query 20 to all relevant locating devices 1. This can e.g. be all possible locating devices or only locating devices in a specific area, e.g. within a specific range from a last known location of the lost electronic key 2'.
  • the locating query 20 comprises an identifier of the lost electronic key 2'.
  • a locating device 1 detects the presence 21 of the lost electronic key 2' (e.g. as shown for the second locating device lb of Fig 2). The locating device 1 detects that the identity of the electronic key 2' matches the identity of the location query 20. It is to be noted that when an electronic key is detected which does not have an identity matching any location query, the locating device 1 does not need to proceed further in the sequence diagram.
  • the locating device 1 transmits a location response 22 to the central server 10 indicating that lost electronic key 2' has been located.
  • the location response 22 can comprise an indicator of a position of the locating device and optionally a distance indicator indicating a distance between the locating device 1 and the lost electronic key 2'.
  • the subsequent part of the sequence diagram relates to such optional invalidation.
  • the central server 10 transmits a central invalidation command 30 to the locating device.
  • the locating device 1 transmits a local invalidation command 32 to the lost electronic key 2'.
  • the content of the central invalidation command 30 and the local invalidation command 32 is the same.
  • both can contain an invalidation package which can be encrypted and/or signed for the lost electronic key 2'. This allows the lost electronic key 2' to validate authenticity of the local invalidation command.
  • the locating device 1 routes the invalidation package to the lost key 2' and does not (or cannot) examine the contents of the invalidation package.
  • the lost electronic key 2' Upon receipt of the local invalidation command 32, the lost electronic key 2' makes itself invalid.
  • the electronic key 2' verifies the integrity of the invalidation command (as explained below) prior to performing its invalidation procedure.
  • the electronic key 2' sends a local confirmation message 33 to the locating device 1.
  • the locating device 1 can then send a central confirmation message 34 to the central server 10.
  • the central server 10 can locate and optionally initiate an invalidation using all relevant locating devices and can optionally be informed of when the invalidation has been successful.
  • the lost electronic key 2' can be located and optionally invalidated even though it has no direct communication link with the central server 10.
  • Fig 4 is a flow chart illustrating a method for locating an electronic key for access to a physical space. The method is performed in the locating device of Figs 2 and 3. The method corresponds to the actions of the locating device 1 in Fig 3.
  • a receive location query step 40 a location query is received from the central server.
  • the location query comprises an identifier of an electronic key which is to be located.
  • the location query can e.g. be received over a wide area network, such as the Internet.
  • a presence of the electronic key to be located is discovered over short range radio. This can e.g. be performed by discovering the presence of the electronic key using BLE. Any other short range radio technology is equally applicable.
  • a distance indicator is obtained.
  • the distance indicator indicates a distance between the locating device and the electronic key.
  • the distance can be estimated using any suitable method. For instance, the distance can be estimated by measuring received signal strength and comparing this to transmission power. More specifically, an indicator of the transmission power which is used can be transmitted as part of the message. The receiver can then compare the received signal strength with the power used to transmit it and can thus estimate the distance based on the attenuation of the signal. Alternatively, two-way ranging can be used, measuring the time it takes to transmit a signal and receive its response, which gives a distance indication when divided by two multiplied by the speed of light. In a transmit location response step 44, a location response is transmitted to the central server indicating that the electronic key has been located.
  • the location response comprises an indicator of a position (e.g. in form of a longitude and a latitude) of the locating device, e.g. obtained using GPS (Global Positioning System) or any other suitable location technology.
  • the location response can comprise an estimated distance (e.g. in metres) to the electronic key from the position of the locating device.
  • the position and optional estimated distance simplifies the retrieval of the electronic key to be able to reprogram and reuse the lost electronic key.
  • a receive central invalidation command step 46 a central invalidation command is received from the central server.
  • the central invalidation command comprises a way to identify the electronic key to be invalidated, e.g. by an explicit identifier of an electronic key or by a reference to a session comprising the location query.
  • the central invalidation command can e.g. be received over a wide area network, such as the Internet.
  • the central invalidation command can comprise a main command and an integrity indicator.
  • the integrity can e.g. be derived using the main command and a private electronic key, e.g. using a cryptographic hash function such as SHA-2 (Secure Hash Algorithm 2) or MD-5 (Message Digest algorithm 5).
  • SHA-2 Secure Hash Algorithm 2
  • MD-5 Message Digest algorithm 5
  • a transmit local invalidation command step 48 a local invalidation command is transmitted to the electronic key to be invalidated.
  • the main command and the integrity indicator of the central invalidation command can form part of the local invalidation command. This allows the electronic key to verify the source of the invalidation, i.e. from the central server. In this way, third parties are prevented from invalidating keys.
  • a local confirmation message is received from the electronic key to be invalidated.
  • the local confirmation message indicates a successful invalidation.
  • a transmit central confirmation message step 52 a central confirmation message is transmitted to the central server. The central confirmation message indicates a successful invalidation.
  • Fig 5 is a schematic diagram showing some components of the locating device of Figs 2 and 3.
  • a processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor,
  • microcontroller capable of executing software instructions 66 stored in a memory 64, which can thus be a computer program product.
  • the processor 60 can be configured to execute the method described with reference to Fig 4 above.
  • the memory 64 can be any combination of read and write memory (RAM) and read only memory (ROM).
  • the memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
  • a data memory 66 is also provided for reading and/or storing data during execution of software instructions in the processor 60.
  • the data memory 66 can be any combination of read and write memory (RAM) and read only memory (ROM).
  • the locating device l further comprises an I/O interface 67 for
  • the I/O interface 67 also includes a user interface.
  • Fig 6 is a schematic diagram illustrating a locating device 1 provided as part of a mobile phone 4. In such a case, components of the mobile phone 4 can be utilised also by the locating device 1.
  • the locating device 1 is a device dedicated to the purpose of locating electronic keys.
  • the dedicated locating device 1 can be placed in a location where there is a large chance of
  • the dedicated locating device can be placed by the entrance of a building or by a public transport gateway (e.g. underground turnstiles).
  • the dedicated locating device 1 does not need to be portable and can thus be connected to a power socket and wireless and/or wire based communication links for communication with the central server. In this way, the dedicated locating device 1 can be continuously active.
  • Fig 7 shows one example of a computer program product comprising computer readable means.
  • a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein.
  • the computer program product is an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc.
  • the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5.
  • the computer program 91 is here schematically shown as a track on the depicted optical disk, the computer program can be stored in any way which is suitable for the computer program product, such as a removable solid state memory, e.g.
  • USB Universal Serial Bus

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

It is presented a method for locating an electronic key for access to a physical space. The method is performed in a locating device and comprises the steps of: receiving a location query from a central server, the location query comprising an identifier of an electronic key; discovering a presence of the electronic key over short range radio; and transmitting a location response to the central server indicating that the electronic key has been located. A corresponding locating device, computer program and computer program product are also presented.

Description

LOCATING AN ELECTRONIC KEY
TECHNICAL FIELD
The invention relates to a method, a locating device, a computer program and a computer program product for locating an electronic key, e.g. when the key has been reported lost.
BACKGROUND
Locks and keys are evolving from the traditional pure mechanical locks. These days, there are wireless interfaces for electronic locks, e.g. by interacting with an electronic key. In some installations, to save power and complexity, the electronic locks are offline without communication ability with a central access control system.
One issue is when an electronic key is lost. With locks being offline, these can not be used to locate any lost electronic keys. Moreover, when the electronic key lacks ability to directly communicate with a central server, this further complicates any ability to locate a lost electronic key.
SUMMARY
It is an object to provide a way to locate an electronic key which lacks ability to directly communicate with a central server.
According to a first aspect, it is presented a method for locating an electronic key for access to a physical space. The method is performed in a locating device and comprises the steps of: receiving a location query from a central server, the location query comprising an identifier of an electronic key;
discovering a presence of the electronic key over short range radio; and transmitting a location response to the central server indicating that the electronic key has been located.
In this way, the locating device invalidates the electronic key when it is discovered by the mobile invalidation device. This allows the central server to send corresponding location queries to many mobile invalidation devices (e.g. smart phones) to thereby greatly increase the chance of one of these devices discovering the electronic key. Hence, by separating the locating to be performed using the central server, the locating device and the electronic key to be found, the central server can transmit the location query to several locating devices to increase chances of finding the electronic key.
Furthermore, only the locating device needs to be able to communicate with the central server; it is sufficient that the electronic key is communicable over short range radio (which is also the interface which can be used for communication between the electronic key and a corresponding electronic lock. The location response may comprise an indicator of a position of the locating device.
The method may further comprise the step of: obtaining a distance indicator, indicating a distance between the locating device and the electronic key; and wherein the location response comprises the distance indicator. The step of obtaining a distance indicator comprises using a received signal strength indicator.
The step of discovering may comprise discovering the presence of the electronic key using Bluetooth low energy, BLE.
The method may further comprise the steps of: receiving a central
invalidation command from a central server; and transmitting a local invalidation command to the electronic key.
The method may further comprise the steps of: receiving a local confirmation message from the electronic key to be invalidated, the local confirmation message indicating a successful invalidation; and transmitting a central confirmation message to the central server, the central confirmation message indicating a successful invalidation.
According to a second aspect, it is presented a locating device for locating an electronic key for access to a physical space. The locating device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the locating device to: receive a location query from a central server, the location query comprising an identifier of an electronic key;
discover a presence of the electronic key over short range radio; and transmit a location response to the central server indicating that the electronic key has been located.
The location response may comprise an indicator of a position of the locating device.
The locating device may further comprise instructions that, when executed by the processor, cause the locating device to: obtain a distance indicator, indicating a distance between the locating device and the electronic key; and wherein the location response comprises the distance indicator.
The instructions to obtain a distance indicator may comprise instructions that, when executed by the processor, cause the locating device to use a received signal strength indicator. The locating device may form part of a mobile phone.
The locating device may be a device dedicated to the purpose of locating electronic keys.
According to a third aspect, it is presented a computer program for locating an electronic key for access to a physical space. The computer program comprises computer program code which, when run on a locating device, causes the locating device to: receive a location query from a central server, the location query comprising an identifier of an electronic key; discover a presence of the electronic key over short range radio; and transmit a location response to the central server indicating that the electronic key has been located.
According to a fourth aspect, it is presented a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored. Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the element, apparatus, component, means, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention is now described, by way of example, with reference to the accompanying drawings, in which:
Fig l is a schematic diagram showing an environment in which embodiments presented herein can be applied;
Fig 2 is a schematic diagram illustrating a situation where a lost electronic key is located using a locating device; Fig 3 is a sequence diagram illustrating communication for locating an electronic key;
Fig 4 is a flow chart illustrating a method for locating an electronic key, performed in the locating device of Figs 2 and 3;
Fig 5 is a schematic diagram illustrating some components of a locating device according to Figs 2 and 3;
Fig 6 is a schematic diagram illustrating a locating device provided as part of a mobile phone; and
Fig 7 shows one example of a computer program product comprising computer readable means. DETAILED DESCRIPTION
The invention will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like numbers refer to like elements throughout the description.
Fig l is a schematic diagram showing an environment in which embodiments presented herein can be applied. Access to a physical space 16 is restricted by a physical barrier 15 which is selectively unlockable. The physical barrier 15 stands between the restricted physical space 16 and an accessible physical space 14. Note that the accessible physical space 14 can be a restricted physical space in itself, but in relation to this physical barrier 15, the accessible physical space 14 is accessible. The barrier 15 can be a door, gate, hatch, window, drawer, etc. In order to unlock the barrier 15, an access control device 13 is provided. The access control device 13 is connected to a physical lock device 12, which is controllable by the access control device 13 to be set in an unlocked state or locked state. In this embodiment, the access control device 13 is mounted close to the physical lock device 12. The barrier 15 is provided in a surrounding fixed structure, such as a wall or fence. The access control device 13 is able to receive and send signals from/to an electronic key 2 over a communication channel 3 which may be a short range wireless interface or a conductive (i.e. galvanic/electric) connection. The electronic key 2 is any suitable device portable by a user and which can be used for authentication over the communication channel 3. The electronic key 2 is typically carried or worn by the user and may be implemented asa physical key, a key fob, wearable device, etc. The short range wireless interface is a radio frequency wireless interface and could e.g. be using Bluetooth, Bluetooth Low Energy (BLE), ZigBee, any of the IEEE 802. 11 standards, any of the IEEE 802.15 standards, wireless USB, etc. Using the communication channel 3, the authenticity of the electronic key 2 can be checked, e.g. using a challenge and response scheme, after which the access control device 13 grants or denies access. When access is granted, the access control device 13 sends an unlock signal to the lock device 12, whereby the lock device 12 is set in an unlocked state. In this embodiment, this can e.g. imply a signal over a wire-based
communication interface, e.g. using Universal Serial Bus (USB), Ethernet, a serial connection (e.g. RS-485 or RS-232) or even a simple electric
connection (e.g. to the lock device 12), or alternatively signal over a wireless communication interface. When the lock device 12 is in an unlocked state, the barrier 15 can be opened and when the lock device 12 is in a locked state, the barrier 15 cannot be opened. In this way, access to a closed space 16 is controlled by the access control device 13. It is to be noted that the access control device 13 and/or the lock device 12 can be mounted in the fixed structure 16 by the physical barrier 15 (as shown) or in the physical barrier 15 itself (not shown). Optionally, the lock device 12 and access control device 13 are combined in one unit. In one embodiment, the lock device (optionally combined with the access control device) is in the form of a padlock or any other suitable implementation.
The access control device 13 can be implemented as an offline device, without the ability to directly communicate with a central server of an access control system. In this way, the access control device 13 is easier to implement and uses less power. This allows the access control device 13 to be powered for a long time using a battery or by the electronic key. Optionally, energy harvesting of mechanical user actions and/or environmental power (solar power, wind, etc.) can be utilised to prolong the life span of the battery or event to allow the battery to be omitted. Fig 2 is a schematic diagram illustrating a situation where an electronic key is located using a locating device. A central server 10 of the access control system is responsible for managing keys and locks. The central server 10 can be accessed by an operator to thereby perform management tasks in the access control system. There is a first locating device la and a second locating device lb. Each one of the first and second locating devices are described in more detail below, and can e.g. be implemented as part of a mobile phone or as a dedicated locating device. The locating devices la-b can communicate with an electronic key for locating purposes, as explained below, and optionally also for other purposes.
In this example, a user has lost an electronic key 2' or has had the electronic key 2' stolen. The electronic key 2' then needs to be located to prevent an attacker from gaining access to closed physical spaces, otherwise accessible using the lost electronic key 2'. The central server 10 is made aware of the lost electronic key 2', e.g. by an operator indicating that the electronic key 2' is lost. The central server 10 then sends a location query to all relevant locating devices la-b as explained more below.
The second locating device lb is within range 7 to communicate over a short range radio interface 5 with the lost electronic key 2'. This allows the second locating device lb to communicate with the lost electronic key 2'. In this way, the second locating device lb can discover the electronic key 2'. The range 7 depends on the type of short range radio which can be used and radio conditions in the vicinity of the electronic key 2'. When communication channel 3 of Fig 1 is wireless, the short range radio interface 5 may be the same as the communication channel 3. However, when the communication channel 3 of Fig 1 is based on a conductive connection, the short range radio interface 5 is not the same as the communication channel 3. The short range radio interface 5 may optionally be used for other purposes, e.g. other maintenance purposes for the electronic key 2'.
It is to be noted that the first locating device la is outside the range 7 of the lost electronic key 2', whereby it is unable to discover and locate the lost electronic key 2'
Fig 3 is a sequence diagram illustrating communication for locating an electronic key, e.g. in the environment shown in Fig 2. The sequence is performed to locate of an electronic key. Hereinafter, the electronic key to be located is referred to as a lost electronic key. However, there may be other reasons for locating the electronic key, e.g. the electronic key being stolen or that an employee has ended employment and whose electronic key needs to be located.
Once the central server 10 is made aware of the lost key, the central server 10 sends a location query 20 to all relevant locating devices 1. This can e.g. be all possible locating devices or only locating devices in a specific area, e.g. within a specific range from a last known location of the lost electronic key 2'. The locating query 20 comprises an identifier of the lost electronic key 2'.
A locating device 1 detects the presence 21 of the lost electronic key 2' (e.g. as shown for the second locating device lb of Fig 2). The locating device 1 detects that the identity of the electronic key 2' matches the identity of the location query 20. It is to be noted that when an electronic key is detected which does not have an identity matching any location query, the locating device 1 does not need to proceed further in the sequence diagram.
Once the match is confirmed between the lost electronic key 2' and the location query 20, the locating device 1 transmits a location response 22 to the central server 10 indicating that lost electronic key 2' has been located. The location response 22 can comprise an indicator of a position of the locating device and optionally a distance indicator indicating a distance between the locating device 1 and the lost electronic key 2'. This allows the central server 10 to decide on any further action. For instance, the central server 10 may decide that the lost electronic key 2' is to be invalidated to prevent an attacker from illegitimately using the lost electronic key 2' to gain access to otherwise access controlled physical spaces.
The subsequent part of the sequence diagram relates to such optional invalidation. The central server 10 transmits a central invalidation command 30 to the locating device. Once the central invalidation command 30 has been received, the locating device 1 transmits a local invalidation command 32 to the lost electronic key 2'. Optionally, the content of the central invalidation command 30 and the local invalidation command 32 is the same. For instance, both can contain an invalidation package which can be encrypted and/or signed for the lost electronic key 2'. This allows the lost electronic key 2' to validate authenticity of the local invalidation command. In such a case, the locating device 1 routes the invalidation package to the lost key 2' and does not (or cannot) examine the contents of the invalidation package. Upon receipt of the local invalidation command 32, the lost electronic key 2' makes itself invalid. Optionally, the electronic key 2' verifies the integrity of the invalidation command (as explained below) prior to performing its invalidation procedure. Optionally, the electronic key 2' sends a local confirmation message 33 to the locating device 1. The locating device 1 can then send a central confirmation message 34 to the central server 10.
In this way, the central server 10 can locate and optionally initiate an invalidation using all relevant locating devices and can optionally be informed of when the invalidation has been successful. Using this method, the lost electronic key 2' can be located and optionally invalidated even though it has no direct communication link with the central server 10.
Fig 4 is a flow chart illustrating a method for locating an electronic key for access to a physical space. The method is performed in the locating device of Figs 2 and 3. The method corresponds to the actions of the locating device 1 in Fig 3. In a receive location query step 40, a location query is received from the central server. The location query comprises an identifier of an electronic key which is to be located. The location query can e.g. be received over a wide area network, such as the Internet.
In a discover presence step 42, a presence of the electronic key to be located is discovered over short range radio. This can e.g. be performed by discovering the presence of the electronic key using BLE. Any other short range radio technology is equally applicable.
In an optional obtain distance indicator step 43, a distance indicator is obtained. The distance indicator indicates a distance between the locating device and the electronic key. The distance can be estimated using any suitable method. For instance, the distance can be estimated by measuring received signal strength and comparing this to transmission power. More specifically, an indicator of the transmission power which is used can be transmitted as part of the message. The receiver can then compare the received signal strength with the power used to transmit it and can thus estimate the distance based on the attenuation of the signal. Alternatively, two-way ranging can be used, measuring the time it takes to transmit a signal and receive its response, which gives a distance indication when divided by two multiplied by the speed of light. In a transmit location response step 44, a location response is transmitted to the central server indicating that the electronic key has been located.
Optionally, the location response comprises an indicator of a position (e.g. in form of a longitude and a latitude) of the locating device, e.g. obtained using GPS (Global Positioning System) or any other suitable location technology. Also, when the obtain distance indicator step 43 is performed, the location response can comprise an estimated distance (e.g. in metres) to the electronic key from the position of the locating device. The position and optional estimated distance simplifies the retrieval of the electronic key to be able to reprogram and reuse the lost electronic key. In a receive central invalidation command step 46, a central invalidation command is received from the central server. The central invalidation command comprises a way to identify the electronic key to be invalidated, e.g. by an explicit identifier of an electronic key or by a reference to a session comprising the location query. The central invalidation command can e.g. be received over a wide area network, such as the Internet.
Furthermore, the central invalidation command can comprise a main command and an integrity indicator. The integrity can e.g. be derived using the main command and a private electronic key, e.g. using a cryptographic hash function such as SHA-2 (Secure Hash Algorithm 2) or MD-5 (Message Digest algorithm 5). In a transmit local invalidation command step 48, a local invalidation command is transmitted to the electronic key to be invalidated. The main command and the integrity indicator of the central invalidation command can form part of the local invalidation command. This allows the electronic key to verify the source of the invalidation, i.e. from the central server. In this way, third parties are prevented from invalidating keys.
In a receive local confirmation message step 50, a local confirmation message is received from the electronic key to be invalidated. The local confirmation message indicates a successful invalidation. In a transmit central confirmation message step 52, a central confirmation message is transmitted to the central server. The central confirmation message indicates a successful invalidation.
Fig 5 is a schematic diagram showing some components of the locating device of Figs 2 and 3. A processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor,
microcontroller, digital signal processor (DSP), application specific integrated circuit etc., capable of executing software instructions 66 stored in a memory 64, which can thus be a computer program product. The processor 60 can be configured to execute the method described with reference to Fig 4 above.
The memory 64 can be any combination of read and write memory (RAM) and read only memory (ROM). The memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
A data memory 66 is also provided for reading and/or storing data during execution of software instructions in the processor 60. The data memory 66 can be any combination of read and write memory (RAM) and read only memory (ROM). The locating device l further comprises an I/O interface 67 for
communicating with other external entities. Optionally, the I/O interface 67 also includes a user interface.
Other components of the locating device 1 are omitted in order not to obscure the concepts presented herein.
Fig 6 is a schematic diagram illustrating a locating device 1 provided as part of a mobile phone 4. In such a case, components of the mobile phone 4 can be utilised also by the locating device 1.
In another embodiment, the locating device 1 is a device dedicated to the purpose of locating electronic keys. In such a case, the dedicated locating device 1 can be placed in a location where there is a large chance of
discovering a lost electronic key. For instance, the dedicated locating device can be placed by the entrance of a building or by a public transport gateway (e.g. underground turnstiles). The dedicated locating device 1 does not need to be portable and can thus be connected to a power socket and wireless and/or wire based communication links for communication with the central server. In this way, the dedicated locating device 1 can be continuously active.
Fig 7 shows one example of a computer program product comprising computer readable means. On this computer readable means a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein. In this example, the computer program product is an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc. As explained above, the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5. While the computer program 91 is here schematically shown as a track on the depicted optical disk, the computer program can be stored in any way which is suitable for the computer program product, such as a removable solid state memory, e.g. a Universal Serial Bus (USB) drive. The invention has mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims

Claims

1. A method for locating an electronic key (2') for access to a physical space (16), the method being performed in a locating device (1, la, lb) and comprising the steps of:
receiving (40) a location query (20) from a central server (10), the location query (20) comprising an identifier of an electronic key (2');
discovering (42) a presence of the electronic key (2') over short range radio; and
transmitting (44) a location response (22) to the central server indicating that the electronic key (2') has been located.
2. The method according to claim 1, wherein the location response (22) comprises an indicator of a position of the locating device (1, la, lb).
3. The method according to claim 1 or 2, further comprising the step of: obtaining (43) a distance indicator, indicating a distance between the locating device (1, la, lb) and the electronic key (2'); and
wherein the location response (22) comprises the distance indicator.
4. The method according to claim 3, wherein the step of obtaining (43) a distance indicator comprises using a received signal strength indicator.
5. The method according to any one of the preceding claims, wherein the step of discovering (42) comprises discovering the presence of the electronic key (2') using Bluetooth low energy, BLE.
6. The method according to any one of the preceding claims, further comprising the steps of:
receiving (46) a central invalidation command (30) from a central server (10); and
transmitting (48) a local invalidation command (32) to the electronic key.
7. The method according to claim 6, further comprising the steps of:
receiving (50) a local confirmation message (33) from the electronic key (2') to be invalidated, the local confirmation message (33) indicating a successful invalidation; and
transmitting (52) a central confirmation message (34) to the central server, the central confirmation message (34) indicating a successful invalidation.
8. A locating device (1, la, ib) for locating an electronic key (2') for access to a physical space (16), the locating device (1, la, lb) comprising:
a processor (60); and
a memory (64) storing instructions (66) that, when executed by the processor, cause the locating device (1, la, ib) to:
receive a location query (20) from a central server (10), the location query (20) comprising an identifier of an electronic key (2');
discover a presence of the electronic key (2') over short range radio; and transmit a location response (22) to the central server indicating that the electronic key (2') has been located.
9. The locating device (1, la, ib) according to claim 8, wherein the location response (22) comprises an indicator of a position of the locating device (1, la, ib).
10. The locating device (1, la, ib) according to claim 8 or 9, further comprising instructions (66) that, when executed by the processor, cause the locating device (1, la, ib) to: obtain a distance indicator, indicating a distance between the locating device (1, la, ib) and the electronic key (2'); and wherein the location response (22) comprises the distance indicator.
11. The locating device (1, la, ib) according to claim 10, wherein the instructions to obtain a distance indicator comprise instructions (66) that, when executed by the processor, cause the locating device (1, la, ib) to use a received signal strength indicator.
12. The locating device (1, la, ib) according to any one of claims 9 to 11, wherein the locating device forms part of a mobile phone.
13. The locating device (1, la, lb) according to any one of claims 9 to 11, wherein the locating device is a device dedicated to the purpose of locating electronic keys.
14. A computer program (90) for locating an electronic key (2') for access to a physical space (16), the computer program comprising computer program code which, when run on a locating device (1, la, lb), causes the locating device (1, la, lb) to:
receive a location query (20) from a central server (10), the location query (20) comprising an identifier of an electronic key (2');
discover a presence of the electronic key (2') over short range radio; and transmit a location response (22) to the central server indicating that the electronic key (2') has been located.
15. A computer program product (91) comprising a computer program according to claim 14 and a computer readable means on which the computer program is stored.
PCT/EP2016/063626 2015-06-15 2016-06-14 Locating an electronic key WO2016202796A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP15172113.1 2015-06-15
EP15172113.1A EP3107072B1 (en) 2015-06-15 2015-06-15 Locating an electronic key

Publications (1)

Publication Number Publication Date
WO2016202796A1 true WO2016202796A1 (en) 2016-12-22

Family

ID=53404400

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/063626 WO2016202796A1 (en) 2015-06-15 2016-06-14 Locating an electronic key

Country Status (2)

Country Link
EP (1) EP3107072B1 (en)
WO (1) WO2016202796A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11339589B2 (en) 2018-04-13 2022-05-24 Dormakaba Usa Inc. Electro-mechanical lock core
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
CN115226201A (en) * 2022-03-15 2022-10-21 广州汽车集团股份有限公司 Method and device for calibrating digital key, vehicle and storage medium
WO2023001035A1 (en) * 2021-07-20 2023-01-26 华为技术有限公司 Positioning method and related device
US11913254B2 (en) 2017-09-08 2024-02-27 dormakaba USA, Inc. Electro-mechanical lock core
US11933076B2 (en) 2016-10-19 2024-03-19 Dormakaba Usa Inc. Electro-mechanical lock core
US12031357B2 (en) 2019-10-09 2024-07-09 Dormakaba Usa Inc. Electro-mechanical lock core

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020081265A1 (en) * 2018-10-18 2020-04-23 Carrier Corporation Communications system for locating a key
US10796519B2 (en) 2018-03-26 2020-10-06 Carrier Corporation System and method for monitoring an access key from a key box
US11384565B2 (en) 2018-03-26 2022-07-12 Carrier Corporation System and method for monitoring an access key from a key box

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050122216A1 (en) * 2003-12-08 2005-06-09 Matz William R. Key for lock
EP1564691A2 (en) * 2004-02-16 2005-08-17 Kabushiki Kaisha Tokai Rika Denki Seisakusho Security control system
US20060028339A1 (en) * 2004-08-06 2006-02-09 Denso Corporation Portable device for electronic key system and portable device search system
WO2007128011A1 (en) * 2006-05-04 2007-11-15 Event- Und Sportmanagement Leeb Gmbh Key, locking system, and key security system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8188837B2 (en) * 2008-08-08 2012-05-29 General Motors Llc Method of finding a key to a mobile vehicle
US8402134B1 (en) * 2011-12-12 2013-03-19 Kaspersky Lab Zao System and method for locating lost electronic devices
CN102685256B (en) * 2012-06-07 2014-10-15 卡巴斯基实验室封闭式股份公司 System and method for positioning lost electronic devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050122216A1 (en) * 2003-12-08 2005-06-09 Matz William R. Key for lock
EP1564691A2 (en) * 2004-02-16 2005-08-17 Kabushiki Kaisha Tokai Rika Denki Seisakusho Security control system
US20060028339A1 (en) * 2004-08-06 2006-02-09 Denso Corporation Portable device for electronic key system and portable device search system
WO2007128011A1 (en) * 2006-05-04 2007-11-15 Event- Und Sportmanagement Leeb Gmbh Key, locking system, and key security system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11933076B2 (en) 2016-10-19 2024-03-19 Dormakaba Usa Inc. Electro-mechanical lock core
US11913254B2 (en) 2017-09-08 2024-02-27 dormakaba USA, Inc. Electro-mechanical lock core
US11339589B2 (en) 2018-04-13 2022-05-24 Dormakaba Usa Inc. Electro-mechanical lock core
US11447980B2 (en) 2018-04-13 2022-09-20 Dormakaba Usa Inc. Puller tool
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
US12031357B2 (en) 2019-10-09 2024-07-09 Dormakaba Usa Inc. Electro-mechanical lock core
WO2023001035A1 (en) * 2021-07-20 2023-01-26 华为技术有限公司 Positioning method and related device
CN115226201A (en) * 2022-03-15 2022-10-21 广州汽车集团股份有限公司 Method and device for calibrating digital key, vehicle and storage medium
CN115226201B (en) * 2022-03-15 2024-02-13 广州汽车集团股份有限公司 Digital key calibration method, device, vehicle and storage medium

Also Published As

Publication number Publication date
EP3107072B1 (en) 2023-01-11
EP3107072A1 (en) 2016-12-21

Similar Documents

Publication Publication Date Title
EP3107072B1 (en) Locating an electronic key
US9378598B2 (en) Wireless access control system and related methods
AU2015367766B2 (en) Authentication of a user for access to a physical space
JP2022526155A (en) Physical access control system with intent detection based on position estimation
AU2014370055B2 (en) Method for utilizing a wireless connection to unlock an opening
AU2016280664B2 (en) Credential cache
EP2941844A1 (en) Wireless access control system and related methods
US10984620B2 (en) Access control device, access control system and access control method using the same
Divya et al. Survey on various door lock access control mechanisms
EP3107073B1 (en) Invalidation of an electronic key
US11776336B2 (en) Automobile with a lock for providing contactless secure access to the automobile
EP3951727A1 (en) Mobile digital locking technology
WO2021089907A1 (en) Mobile digital locking technology
JP4665649B2 (en) Lock control device and program
EP3987133B1 (en) Bolt identity
Aluri Smart lock systems: An overview
JP2010191552A (en) Authentication object device and key, and wireless authentication system
WO2021052943A1 (en) Evaluating access to a physical space
WO2023138758A1 (en) Proximity communication triggered wireless powered lock

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16732983

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16732983

Country of ref document: EP

Kind code of ref document: A1