WO2020013723A1

WO2020013723A1 - Method and system for authorizing a user on the basis of the user's digital key

Info

Publication number: WO2020013723A1
Application number: PCT/RU2018/000449
Authority: WO
Inventors: Владимир Игоревич ПОТАПОВ; Сергей Валерьевич РЫКОВ
Original assignee: Владимир Игоревич ПОТАПОВ
Priority date: 2018-07-09
Filing date: 2018-07-09
Publication date: 2020-01-16
Also published as: RU2709281C1

Abstract

The present technical solution relates, in general, to the field of computer technology, and in particular to methods and systems for monitoring and controlling access of a user to a site by use of a digital key. A method for authorizing a user on the basis of the user's digital key, in which at least one digital key of at least one user is generated in a subsystem for issuing and administering digital keys; the generated at least one digital key of at least one user is transferred from the subsystem for issuing and administering digital keys to a digital key carrier; the digital key carrier is authorized in a master controller as the user arrives at a prespecified area of action of a signal of the master controller, which is connected to an access monitoring device; if the authorization is successful, at least one command is directed from the digital key carrier to at least one master controller; the license for carrying out the at least one command received is checked by means of the master controller, wherein, if the license permits the command, the master controller carries out the command, but otherwise declines to carry out said command. The technical result is an increase in the security of authorizing a user to control distributed master controllers which are not connected to a data transmission network.

Description

METHOD AND SYSTEM OF USER AUTHORIZATION BASED ON

HIS DIGITAL KEY

FIELD OF TECHNOLOGY

[001] This technical solution, in General, relates to the field of computer technology, and in particular, to methods and systems for monitoring and controlling user access to the object by using a digital key

BACKGROUND

[002] Currently, one of the main trends in building modern access control and management systems is the use of a user’s mobile communication device, which is getting more and more used to assign and perform functions on its own smartphone. Moreover, the probability of forgetting an access card at home, a physical token, an office or car key is much higher than forgetting a mobile communication device.

[003] Prior art centralized access control systems consist typically of a control center in which access is controlled by software. In some implementations, the software includes means for creating digital keys, with which it is allowed to open various access points in accordance with the installed access control program, for which these points contain reading means that are connected to the control means of the access device so that when reading Digital key access is allowed or denied based on program code.

[004] The programmed key and user identification means may be embodied in the form of magnetic, electronic, contact or proximity cards or keys that are provided to each user so that they can open doors using readers. [005] These access control systems must support the exchange of data between readers, keys, and a control center. Depending on the type of system, they are divided into two basic types: wired and stand-alone.

[006] In wired systems, readers are connected to the control center via a communication network so that when an electronic key is found in the reader, the latter asked the control center if it can open the door, and if so, the control center registers the opening operation in its database and writes the key code, specific door, date and time of opening. Communication between the reader and the control center can be established periodically to exchange this data.

[007] In the case of autonomous systems, readers are not connected to a control center, which makes the systems cheaper and easier to install. For the possibility of functioning, readers remember a list of authorized keys, completed openings, the allowed opening times, and even a calendar. In this case, a small portable computing device is used to transfer data from the control center, where it was detected by the reader, as well as to collect data from readers and transfer this data to the control center. Therefore, communication requires a person to have physical access to all readers using a portable computing device. This method is not very effective in large and complex systems, in which very often there are changes in digital keys, a set of users and their credentials.

[008] Patent application US20050174214A1 “Access control system” is known from the prior art, Applicant: Salto Systems SL, published: 08/11/2005. This technical solution includes reading means for means encoding keys and user identification means, including means for storing the identification code of the reader itself, said reading means being connected to control means of opening means for opening an access device to a certain place, which opens or prohibits opening an access device while reading encoded keys and user identification means.

[009] The disadvantage of this technical solution is the interaction of authorization means (key carriers) with the access administration subsystem through an authorization means reader connected to a data network, since smart cards are supposed to be used. In the proposed solution, authorization tools (digital key carriers), which are smartphones, interact directly with the access administration subsystem, which speeds up the data transfer between the controllers and the access administration subsystem. In addition, the specified patent does not indicate a method for verifying the authenticity of information transmitted between subsystems, which significantly reduces the security of the system. SUMMARY OF THE INVENTION

[0010] This technical solution is aimed at eliminating the disadvantages inherent in solutions known from the prior art.

[0011] The technical task or problem to be solved in this technical solution is to provide control and management of user access to the object by using a digital key.

[0012] The technical result manifested in solving the above technical problem is to increase the security of user authorization for controlling distributed controllers that are not connected to a data network. Thus, a secure distributed access control system is formed in which the controllers are not connected to the data network, and the interaction between the controllers and the administration subsystem is through digital key carriers connected to the data network.

[0013] An additional technical result manifested in solving the above problem is the implementation of verified guest access by users by sending temporary digital keys to the user's smartphone. [0014] This technical result is achieved by implementing a user authorization method based on his digital key, in which at least one digital key of at least one user is generated in the digital key issuing and administration subsystem; transmitting the generated at least one digital key of at least one user from the subsystem for issuing and administering digital keys to the digital key holder; carry out authorization of the digital key carrier on the control controller when the user approaches the predetermined signal range of the access control device to which the control controller is connected; in case of successful authorization, at least one command is sent from the digital key carrier to at least one control controller; check the right to execute the received at least one command through the control controller, and if the command is allowed by rights, the control controller executes it, otherwise it refuses to execute.

[0015] In some embodiments of the invention, a digital key of the user generates a hash function MD5 and / or SHA-1, and / or SHA-256, and / or RIPEMD128, and / or RIPEMD-160, and / or CRC-32.

[0016] In some embodiments of the invention, a digital user key is generated by combining the data blocks of the connection methods to the controller, the client's cryptographic key, and token.

[0017] In some embodiments of the invention, the digital key carrier is a mobile phone or smartphone, or tablet, or wearable device, or key fob.

[0018] Also, the specified technical result is achieved by implementing a user authorization system based on its digital key, which contains a subsystem for issuing and administering digital keys, configured to generate a digital user key and store the master key in its database; transmitting the generated at least one digital key to the at least one user to the digital key carrier; at least one digital key carrier, made with the possibility of sending at least one command to at least one control controller in case of successful authorization on this control controller; at least one control controller configured to authorize the digital key carrier when the user approaches the predetermined range of the signal of the control controller connected to the access control device; checking the rights to execute at least one command received from the digital key carrier, and if the command is authorized by rights, the control controller executes it, otherwise it refuses to execute.

BRIEF DESCRIPTION OF THE DRAWINGS

[0019] The features and advantages of this technical solution will become apparent from the following detailed description and the accompanying drawings, in which:

[0020] In FIG. 1 shows an example implementation of a user authorization system based on its digital key, where 100 is a digital key carrier (mobile user communication device), 110 is a subsystem for issuing and administering digital keys, 120 is a control controller,

step 201: transmitting digital keys from the subsystem 110 for issuing and administering digital keys to the digital key carrier 100; step 202: data transmission (records of user access) from the controller 120 to the control 110 subsystem of the issuance and administration of digital keys;

step 203: authorizing the digital key carrier 100 on the control controller 120 and transmitting commands, receiving data from the control controller 120 (user access records);

step 204: transmitting the digital keys from the control controller 120 to the digital key carrier 100;

step 205: transfer of digital keys between digital key carriers (permanent and temporary guest keys); step 206: devices controlled by the control controller, the commands for which the digital key carrier can transmit.

[0021] In FIG. 2 shows an example of the implementation of generating a digital user key for a control controller 120 in the form of a block diagram;

[0022] In FIG. 3 shows an example of the implementation of generating a HelloRequest greeting message on a digital key medium 100 for sending to the control controller 120;

[0023] In FIG. 4 shows an example implementation of a HelloRequest greeting message verification upon receipt by the controller 120 of the message from the digital key carrier 100.

[0024] In FIG. 5 shows an example implementation of a user authorization method based on his digital key in the form of a block diagram, where a digital key is generated in the subsystem for issuing and administering digital keys.

DETAILED DESCRIPTION OF THE INVENTION

[0025] This technical solution can be implemented on a computer or other data processing device in the form of an automated system or computer-readable medium containing instructions for performing the above method.

[0026] The technical solution can be implemented in the form of a distributed computer system, the components of which are cloud or local servers.

[0027] In this decision, a system means a computer system or an automated system (AS), a computer (electronic computer), CNC (numerical control), PLC (programmable logic controller), a computerized control system, and any other devices capable of performing a given, clearly defined sequence of computational operations (actions, instructions).

[0028] An instruction processing device is understood to mean an electronic unit or an integrated circuit (microprocessor) executing machine instructions (programs). [0029] The command processing device reads and executes machine instructions (programs) from one or more data storage devices. Storage devices may include, but are not limited to, hard disks (HDDs), flash memory, ROM (read only memory), solid state drives (SSDs), optical drives, and cloud storage.

[0030] A program is a sequence of instructions for execution by a computer control device or an instruction processing device.

[0031] A controller is a control device in electronics and computer engineering.

[0032] A digital signature key is a secret data element specific to a subject and used only by that subject in the process of generating a digital signature.

[0033] Cryptographic salt (salt) is a string of random data that is fed to the input of the hash function along with the original data. The main task of salt is to modify the message, which greatly complicates the selection of the signature key using pre-built rainbow tables.

[0034] Electronic signature (ES), Electronic digital signature (EDS), Digital signature (CPU) - the details of an electronic document obtained as a result of cryptographic conversion of information using a private signature key and allowing to verify the absence of distortion of information in an electronic document from the moment of signature generation (integrity), whether the signature belongs to the holder of the signature key certificate (authorship), and in case of successful verification, confirm the fact of signing the electronic document (non-repudiation).

[0035] This technical solution allows you to demonstrate to the user on his smartphone the information necessary for accessing the object (access to the object, contact numbers, etc.) transmitted to him in a digital key, the ability to condition the provision of access services received with a digital key by payment data of services made through a mobile application, with payment details transmitted in a digital key, an opportunity manage devices connected to control controllers using the commands specified in the digital key.

[0036] The digital key contains user cryptographic key data, client rights, authenticated by the subsystem 110 for issuing and administering digital keys. In some implementations, a digital key defines possible ways to connect to an access control device that is connected to a control controller 120. In the case of setting the connection methods (for example, via the Bluetooth, Bluetooth LE, WIFI, NFC, etc. data transfer protocols) to the access control device, the identifier of the control controller 120, the network address of the controller 120 of the control, and the connection channel identifier (UUID) are obtained . The unique identifier of the controller 120 controls can be both numeric and symbolic, without limitation. The digital key data may include a user's cryptographic key and a random binary sequence, by which the client’s rights are generated, certified by the digital key issuing and administration subsystem 110, by generating a signed token.

[0037] Client rights may contain a digital key identifier, a user identifier in the system, a sign of user administrative rights, the time the rights began, the time the rights expired, a random binary sequence, digital signature. The start time of the rights and the end time of the rights allows you to generate temporary digital keys that are valid for a given period of time.

[0038] As an access control device in this technical solution, an electromagnetic lock, an electromechanical lock, a barrier, a gate, a turnstile, a barrier, a lock cabin can be used.

[0039] The compact design of the access control device allows it to be installed, for example, on a door frame, in parking lots, in residential complexes, in hotels, offices, gyms, conference rooms, at staff entrances, and night entrances for guests. [0040] The access control controller 120 is for controlling and controlling access, for example, an access control device using a smartphone and is a microprocessor-based electronic device. The control controller 120 can be used to control access through doors, barriers, turnstiles and other means of restricting access both independently and as part of an Access Control and Management System (ACS). In some embodiments, the term “controller” may mean a microcontroller, or simply some concept in the narrow sense of hardware in the form of a controller. The microcontroller can be placed in such a way that its functions will be separated, for example, the controller part (control) will be separated from the computing part located in another chip. The control controller 120 may be provided with an erasure-protected internal memory, preferably an EEPROM type. To achieve an acceptable level of security, the control controller 120 may also include a boot module (operating system loader) to control unauthorized interference in the downloadable application of the control controller 120. The bootloader of the operating system can be located in the protected part of the controller’s processor memory, which is read-only, and it starts after each reset of the device to its original (zero) state. The bootloader performs a monitoring function, monitoring whether the operating system or application programs have changed as a result of unauthorized interference. After each reset to zero, the bootloader calculates the hash function value (digital signature) based on the contents of the external flash memory of the program in which the operating system and application programs are stored. Then it compares the result with a value that is stored in external EEPROM memory. If the data matches, the bootloader transfers control to the operating system. If the data does not match, the loader reduces the number of failed attempts registered by the counter by one, and then stops the operation. In the event that the counter reaches a value of zero, the start of the controller 120 controls becomes impossible. IN The specified memory can store the operating system (as the beginning and end of the addressed area), despite the fact that the value of the hash function for the memory capacity (digital signature) is stored in the controller when the operating system and application (application program) are first saved. In the future, it will be impossible to change this data.

[0041] In some embodiments of the invention, a conventional microcontroller based on a microprocessor of 8 bits, 16 bits, 32 bits or 64 bits can be used as a control controller.

[0042] When installing the parking control controller 120, an external directional antenna is used. Users can open the control controller 120 in three ways:

• Automatically in approximation;

• With a gesture;

· By a button from the application.

[0043] In the case where the entry and exit are carried out through different barriers installed nearby, the antennas for both directions should be directed to the approaching cars and spaced as far as possible. By proximity or gesture, the control controller 120 will be triggered, the antenna of which will be closer to the smartphone.

[0044] When installing the control controller 120 at the entrance, users can also open the control controller 120 in three ways:

• Automatically in approximation;

• With a gesture;

· By a button from the application.

[0045] Typically, an antenna is installed outside the entrance, thereby opening the door automatically when entering the entrance from the street. To exit the staircase, use the exit button or a motion sensor connected to the control controller 120 as an external device.

[0046] When installing the control controller 120 in the office, variants of the control controller 120 in the housings may be used to mount a wall that uses a directional or omnidirectional antenna. A variant of the controller 120 controls in the housing on the wall is installed outside the room next to the door. [0047] In the case of using the housing on the wall, users can open the controller in the following ways:

• bring the smartphone to the controller at a distance of 5-10 cm;

• using a button or sensor on the wall;

· Using a gesture by a smartphone;

• by a button from a mobile application on a smartphone.

[0048] A method for authorizing a user based on his digital key, as shown in FIG. 5 may include the following steps.

[0049] Step 501: generating at least one digital key of at least one user in the digital key issuing and administration subsystem.

[0050] In the subsystem 110 for issuing and administering digital keys, pre-generation of digital keys of users is carried out, as shown in FIG. 2.

[0051] The digital key issuing and administration subsystem 110 comprises at least one communication module, which may be a mobile communication modem, supporting such communication modes as GSM, GPRS, EDGE, CDMA, EVDO, UMTS, LTE, WiFi and satellite communications , or it can be a fixed line modem supporting fixed line networks such as an ADSL network or a cable network.

[0052] The various embodiments of the digital key issuing and administration subsystem 110 described herein can be implemented in any computer system or environment that has any number of memory blocks or memory devices and any number of applications and processes running on any number of memory devices. This environment includes, but is not limited to, an environment where the server computers and client computers are provided in a network environment or in a distributed computing environment having remote or local storage.

[0053] There are a number of systems, components, and network configurations that support distributed computing environments. For example, computing systems can be connected to each other by wire or wireless data channels, local networks or global networks. Currently, many networks are connected to the Internet, which provides an infrastructure for widely distributed computing and covers a large number of different networks, although any network infrastructure can be used for illustrative means of communication inherent in the methods described in various embodiments.

[0054] Thus, a variety of network topologies and network infrastructures can be used, for example, client-server, peer-to-peer or mixed architectures. In a client-server architecture, in particular in a network system, the client is typically a computer that accesses the shared network resources provided by another computer, such as a server.

[0055] In a network environment where the communication network / bus is the Internet, the servers can be web servers with which clients communicate via any of a variety of known protocols, for example, a hypertext transfer protocol (HTTP). Servers can also act as clients, etc., which can serve as a characteristic of a distributed computing environment.

[0056] In some embodiments, the generation of digital keys is carried out on the control controller 120.

[0057] In this technical solution, any hash functions satisfying the selected level of cryptographic strength can be used to generate digital keys, for example: MD5, SHA-1, SHA-256, RIPEMD128, RIPEMD-160, CRC-32, and others, not limited to . As encryption functions, any block and / or stream symmetric encryption algorithms known from the prior art can be used, for example: AES, DES, 3DES, RC4, etc.

[0058] Thus, a user digital key is generated for the control controller 120 according to the following algorithm.

[0059] In the subsystem 110 for issuing and administering digital keys for each control controller 120, a master key and possible ways to connect to the controller are stored. A master key is a binary sequence, the length of which depends on the selected hash function and encryption algorithm (for example, 64, 128, 256, 512, 1024, 2048 bits). Using any pseudorandom number generator known in the art, a client key modifier (also called the term “salt” in cryptography) is formed in the subsystem 110 for issuing and administering digital keys, which is a random binary sequence. As a pseudo-random generator, the RC4, ISAAC, SEAL, SNOW algorithm, the Blum – Blum – Shub algorithm, as well as counters with cryptographic hash functions or cryptographic block ciphers instead of an output function can be used.

[0060] In some embodiments of the invention, the following options for pseudo-random number generators can be used: generators with multiple shift registers, generators with non-linear transformations, A5 / x majority encryption generators.

[0061] In some embodiments of the invention, the pseudo random number generator may be implemented in hardware in the processor of the digital key issuing and administration subsystem 110.

[0062] Then, based on the master key of the control controller 120 and the client key modifier generated in the previous step, a hash function is used and the client key is determined.

[0063] From the set of parameters requiring digital signature verification (client message modifier (client salt), user identifier, user administrative rights sign, rights start time, rights expiration time, etc.), the client key token data is generated by combining ( or in other words concatenation) of the data blocks of the parameters included in it (recording sets of rows one after another). For this value, the Signature electronic digital signature is determined, which is a binary sequence obtained by calculating the hash function of the client key token data and the master key of the control controller 120. Next, the client’s rights (token) are generated, certified by the digital key issuing and administration subsystem 110, by combining the client key token data and its digital signature, which can subsequently be encrypted using the master key of the control controller 120.

[0064] As a result (client rights), the token may have the following form: [0065] token = "ZXIKaGJHY2IPaUpJVXpJMU5pSXNJbll1Y0NJNklrcFhWQ0o5LmV 5SjFhV1 FpT2IKaVlqSmpZVFE1 T 1 FGbU56STBNbU5tWVdReU9HRTJObU 13TU dObE5qVTFPQ0lzSW1OemJIUWIPaUpXTVZVd1YwVnpORTVIU1RWT01IUnNJ aXdpWTJGdp5STZJa2hOWVdOVGFHRXIOVFIpHENKdVltWWIPakUxTURFMk 56STJOalFzSW1WBGNDSTZNVFV3TWpnNE1qSTJOSDAud2RuSzhFZU9Nb25 YeEMxZ0VICnluYWtKdmRhQk4yY0pJMUw3UllfejlrYw".

[0066] A digital key is created as a combination of data blocks of the following parameters, each representing a numerical or symbolic sequence: connection methods to the controller, client cryptographic key, token.

[0067] Step 502: transmitting the generated at least one digital key to at least one user from the digital key issuing and administration subsystem to the digital key holder.

[0068] In an embodiment, when the digital key is generated on the control controller, at least one digital key of the at least one user is respectively generated from the control controller to the digital key carrier.

[0069] After the formation of the digital cryptographic key, the digital key carrier 100 is authorized, which may be a user’s mobile communication device (mobile phone, smartphone, tablet, and so on) on the control controller 120.

[0070] For this, a HelloRequest message is sent from the digital key medium 100 to the control controller 120. In some embodiments of the invention, the control controller 120 may be installed adjacent to a user access point, which may be a door, a barrier, a turnstile, a gate, or the like, without being limited.

[0071] A HelloRequest greeting message is generated on the digital key medium 100 for sending to the control controller 120 as follows, as shown in FIG. 3.

[0072] Using any pseudo-random number generator in the digital key medium 100, the helloSalt parameter is generated — a random binary sequence that is also called a welcome message salt. [0073] Then, the greeting message data is generated (as part of the “handshake” process) as a concatenation of data blocks of the following parameters: message identifier from the beginning of the session (the session opens with the first HelloRequest message sent), client rights authenticated by the digital key issuing and administration subsystem 110, current system time, carrier name 100 digital keys.

[0074] Based on the cryptographic client key and the generated salt, a binary sequence is created, which is obtained by calculating the hash function of these two values.

[0075] In some embodiments of the invention, a transport packet is formed as a concatenation of the greeting message data blocks and the packet header (Header). Header contains an indication of the type of message, for example, a greeting message, or a command to execute, or settings, etc., not limited to.

[0076] Next, an electronic digital signature is generated for a given transport packet by using the hash function of the network packet data and the hash function of the client key and salt as previously defined. Digital signature is also a binary sequence.

[0077] The final HelloRequest message is generated as the sum of the data blocks of the transport packet header (Header), greeting message data, and digital signature. Message example:

[0078] {type = 1}.

[0079] {id = 1

token = “ZXIKaGJHY2IPaUpJVXpJ U5pSXNJbll1Y0NJNklrcFhWQ0o5LmV5SjFh V1 FpT2IKaVlqSmpZVFE 1 T1 FGbU56STBNbU5tWVdReUUUHUTUOUUHTJOJUTUOUUHTJOJUTUOU

5qVTFPQ0lzSW1OemJIUWIPaUpXTVZVd1 YwVnpORTVIUI RWT01 lUnNJaXdp WTJGc1p5STZJa2hOWVdOVGFHRXIOVFIpHENKdVltWWIPakUxTURFMk56ST JOalFzSW1WBGNDSTZNVFV3TWpnNE1qSTJOSDAud2RuSzhFZU9Nb25YeE MxZ0VICnluYWtKdmRhQk4yY0pJMUw3UllfejlrYw ", where

[0080] the salt is “V1U0WEs4NGI5N0tl”;

[0081] the current time is 98876623775;

[0082] the name of the digital key carrier is “smart1234”;

[0083] the digital signature is equal to the following value “BwoEYfmkX1kdl19GD7kPwMUJ5nNtFUZ5VklyAXohnuA". [0084] Thus, the generated HelloRequest message is sent by the digital key medium 100 to the control controller 120.

[0085] Step 503: the digital key carrier is authorized on the control controller as the user approaches the predetermined range of the signal of the control controller.

[0086] When the controller 120 receives the HelloRequest message, it first checks the rights of the client (token), as shown in FIG. 4 as follows. Calculates the digital signature value by determining the hash function from the master key and token data. If the calculated Signature digital signature value matches the one received in the token, then the controller trusts the client’s rights, otherwise HelloRequest is rejected. In an exemplary embodiment, this step is as follows.

[0087] The client rights received in HelloRequest, verified by the digital key issuing and administration subsystem 110, are as follows.

[0088] The client key consists of a token

“D11xY0sSJLzFFe02KznZwDTjEeS1ZR2cJQGfeklANw0 =” and the token modifier “MGp2RIJEOTFFdWpU!”.

[0089] The client key salt has a value of “ZhbVC8vnmOaOTSd”.

[0090] The unique client identifier in the system is “8dAIHdWTBk2jwKfDAOuWJQ”.

[0091] The user is not a system administrator, therefore IsAdmin = false. The start time of the right is 1418122051, and the end time of the right is 1428122051. The digital signature has the value “JBVq5USVODP87pfMrON4ExRP8m9rYXfvRzGim378XFY =".

[0092] The digital signature value determined by the controller 120

HASH (“U0FNUENjc4OTAxFLVRPS0VOLTFNUExFLEyMzQ1 Njc40TA”, accessTokenPayload) = “JBVq5USVODP87pfMrON4ExRP8m9rYXfvRzGim378XF is the same as the control received from the client in the HelloReest control. [0093] In some embodiments of the invention, additional parameters are checked, such as a salt, a unique identifier of the user, whether the user is an administrator, the start time of the rights, the end time of the rights. If the current time is outside this period, then the user does not have the necessary rights to control the controller 120 controls. If the user has additional administrator rights, then he is allowed an extended list of operations with the controller 120 management, including configuration and updating.

[0094] The HelloRequest value is checked in the same way, as shown above.

[0095] The response of the control controller 120 to the medium 100 of the digital keys HelloResponce is generated as follows.

[0096] A salt (modifier) is generated for the session as a random binary sequence. Then, a response message is formed as a concatenation of the blocks of the unique identifier of the message from the beginning of the session, the state of the executive devices (for the access control device, these are the states “Open” and “Closed”) and salt of the session.

[0097] Then, the network packet is formed as a concatenation of the response message and the header of the network packet (Header), after which a digital signature is generated for the network packet by obtaining the hash value from the network packet of the response message and the hash value from the client key and salt.

[0098] The final HelloResponce response message is sent by the control controller 120 to the digital key carrier 100. The digital key carrier 100 verifies the HelloResponce response message by determining a digital signature and computing a hash function from the network response message packet and a hash value from the client key and salt, which is a binary sequence. If a certain digital signature value matches the one received in HelloResponce, then the digital key holder 100 trusts HelloResponce, otherwise the message is rejected. [0099] Step 504: in case of successful authorization, at least one command is sent from the digital key carrier to at least one control controller.

[00100] After authorization, the digital key medium 100 may send commands to the controller 120. Commands for the controller 120 controls can be formed as follows. The session key is calculated as a hash from the session salt and hash values from the client key and salt, which is a binary sequence. Then, from a given set of fields, a command is created that contains the field T, which stores the time elapsed from the moment of connecting the digital key carrier 100 to the control controller 120 (or any other moment shifted by a predetermined time) until the command is sent. This time protects against attacks by intercepting a message and sending it later. For each team, the set of required fields may vary. A network packet is created containing the command and the packet header (Header), for which a digital signature is generated by determining the hash value from the session key and network packet. The final command is sent by the digital key carrier 100 to the control controller 120.

[00101] Step 505: the rights to execute the received at least one command are checked by the control controller.

[00102] Upon receipt of a command, the command is checked on the control controller 120. The controller verifies the digital signature of the command as follows. Determine the hash value from the session key and network packet. If the calculated digital signature value matches the one received in the command, then the control controller 120 trusts the command, otherwise the execution of the command is rejected. Also, the controller 120 controls checks the time of sending the command. The time T received in the command from the digital key carrier 100 is compared with the time T2 calculated in the controller 120. If the difference between T2 and T is greater than the set value, the command is rejected.

[00103] In some implementations, the controller 120 controls checks the rights to execute the command. The controller compares the command with the rights allowed in the client’s rights, certified by the subsystem 110 for issuing and administering digital keys. If the team allowed by rights, the controller 120 controls it, otherwise it refuses to execute.

[00104] Teams, without limitation, may be the following:

• a message to initiate a session between the mobile client and the controller;

• open / close the controller;

• requesting information about the controller firmware version;

• transit message from the server to the controller;

• a list of transit messages that a mobile client has and a request for a list of transit messages that are not on the controller.

• request for controller configuration;

• request for updating the controller configuration;

• command to automatically open the controller when the mobile client

is closer than the threshold value;

• request logs of the controller for transmission to the server;

• command to reboot to the controller;

• request the current status of the controller;

• arbitrary message.

[00105] In other embodiments of the present invention, authorization and verification of the digital key medium 100 is carried out using message encryption, which consists of several stages: authorization, sending a command and verifying a command.

[00106] The HelloRequest message is generated by the digital key medium 100 as follows.

[00107] The digital key carrier 100 receives from the control controller 120 a salt, a random binary sequence. The controller 120 changes the salt every t seconds and stores the last n salts. Digital key carrier 100 uses these salts to form a greeting message. When receiving a message from the client, it is not known which salt he used and iterates through everything. Moreover, if the client used salt older than 10 s - it is rejected, which provides protection from interception and sending messages later. [00108] Then, the greeting message data is generated (as part of the handshake process) as the concatenation of the data blocks of the following parameters: time from the moment of connection, client key identifier, client rights authenticated by the digital key issuing and administration subsystem 110, current system time, media name 100 digital keys, command to the controller 120 controls.

[00109] Based on the unique client key and the salt received from the salt control controller 120, a binary sequence is created that is obtained by computing the hash function of these two values.

[00110] In some embodiments, the transport layer network packet is formed as a concatenation of the greeting message data blocks and the packet header. Header contains a message type flag.

[00111] Next, a digital signature is generated for a given network packet by using the hash function of the network packet data and the hash function of the client key and salt as previously defined. Digital signature is also a binary sequence.

[00112] Then, the data of the greeting message on helloKey is encrypted with any block or stream symmetric cipher with a sufficient level of cryptographic strength (for example, AES, DES, 3DES, RC4, etc.), an encrypted HelloRequest message is received, to which salt is added before sending via concatenation .

[00113] As a result, the generated HelloRequest message is sent by the digital key medium 100 to the control controller 120, where it is checked.

[00114] When the controller 120 receives the HelloRequest message, it first checks to determine the value of the client key by determining the hash function from the master key and client salt. Next, the helloKey value is determined by determining the hash function of the client key and the salt stored previously on the controller, which is determined by enumerating the values. [00115] Then, the helloKey value is used to decode the HelloRequest message. For a network packet, a digital signature is determined by defining a hash function from helloKey and this network packet.

[00116] If the determined digital signature value matches the one received in the HelloRequest greeting message, then the control controller 120 trusts the digital key carrier 100 and removes the used salt from the stored values, otherwise HelloRequest is rejected.

[00117] This HelloRequest message verification procedure is provided below as an example implementation.

[00118] The message received at the control controller 120 is as follows:

[001 19] type = 1;

[00120] id message = 1; token = "ZXIKaGJHY2IPaUpJVXpJMU5pSXNJbll1Y0NJNklrcFhWQ0o5LmV5SjFh V1 FpT2IKaVlqSmpZVFE1T1 FGbU56STBNbU5tWVdReU9HRTJObU13TUdObE 5qVTFPQ0lzSW 10em J I U WIPaUpXTVZVd 1 YwVnpORTVI U 1 RWT01 UnNJaXdp WTJGc1 p5STZJa2hOWVdOVGFHRXIOVFIpHENKdVltWWIPakUxTURFMk56ST JOalFzSW1WBGNDSTZNVFV3TWpnNE1qSTJOSDAud2RuSzhFZU9Nb25YeE MxZ0VICnluYWtKdmRhQk4yY0pJMUw3UllfejlrYw!";

[00121] the value of salt = “V1 U0WEs4NGI5N0tl”;

[00122] current time = 98876623775;

[00123] media name = “smart1234”.

[00124] An electronic digital signature has the meaning of:

[00125] {signature - “BwoEYfmkX1 kdl19GD7kPwMUJ5nNtFUZ5VklyAXohnuA ="}

[00126] The calculated value of the client key takes the following value NAEN (master key, client salt) = HASH ( "U0FNUENjc4OTAxFLVRPS0VOLTFNUExFLEyMzQ1 Njc4OTA", "MGp2RIJEOTFFdWpU!") = "D11 xY0sSJLzFFe02KznZwDTjEeS1ZR2cJQGfeklA Nw =".

[00127] The calculated helloKey value takes the following HA8H value (client key, salt) =

HASH (“D11xY0sSJLzFFe02KznZwDTjEeS1ZR2cJQGfeklANw0 =”, “V1 U0WEs4NGI5N0tl”)

"96wAG4Lkf / oJV63J4JBWoptFuX0aedw + 2uglqKg / lrc =".

[00128] The network packet is as follows:

[00129] (type = 1}.

[00130] {id = 1

[00131] token = "ZXIKaGJHY2IPaUpJVXpJMU5pSXNJbll1Y0NJNklrcFhWQ0o5LmV 5SjFhV1 FpT2IKaVlqSmpZVFE1T1 FGbU56STBNbU5tWVdReU9HRTJObU13TU dObE5qVTFPQOIzSW1 Oem J IU WIPaUpXTVZVd 1 YwVnpORTVIU 1 RWT011 UnN J aXdpWTJGc1p5STZJa2hOWVdOVGFHRXIOVFIpHENKdVltWWIPakUxTURFMk 56STJOalFzSW1WBGNDSTZNVFV3TWpnNE1qSTJOSDAud2RuSzhFZU9Nb25 YeEMxZ0VICnluYWtKdmRhQk4yY0pJMUw3UllfejlrYw"

salt = “V1U0WEs4NGI5N0tr

[00132] current time = 98876623775;

[00133] media name = “smart1234”.

[00134] The calculated digital signature value takes the following HASH value (helloKey, network packet) HASH ("96wAG4Lkf / oJV63J4JBWoptFuX0aedw + 2uglqKg / lrc =",

transportEnvelope) =

“JBVq5USVODP87pfMrON4ExRP8m9rYXfvRzGim378XFY =”

[00135] It coincides with the electronic digital signature value obtained in HelloRequest, which means that the control controller 120 trusts the obtained rights of the digital key carrier 100.

[00136] Sending the command to the control controller 120 by the same procedure above, only the command itself is pre-encrypted with helloKey and then decrypted in the same way upon receipt.

[00137] In some embodiments of the invention, composite digital keys are used that are designed to aggregate the digital keys needed to access a given perimeter. The composite key is stored on the digital key carrier 100.

[00138] Composite keys for a given access perimeter are generated as follows:

- the composite key includes digital keys from all control controllers assigned to this perimeter. - the composite key includes digital keys from all control controllers assigned to higher perimeters, which include a given perimeter.

[00139] A composite digital key may include the following data:

- List of digital keys;

- User ID;

- Name;

- Image;

- Validity;

- The coordinates of the access object;

- Information on the cost of access services;

- Contact administrator access and technical support.

[00140] Elements of the claimed technical solution are in a functional and constructive relationship, and their joint use leads to the creation of a new and unique technical solution.

[00141] All components used in the system can be implemented using electronic components used to create digital integrated circuits, which is obvious to a person skilled in the art. Not limited to, microcircuits can be used, the logic of which is determined during manufacture, or programmable logic integrated circuits (FPGA), the logic of which is set by programming. For programming, programmers and debugging environments are used that allow you to specify the desired structure of a digital device in the form of a circuit diagram or programs in special equipment description languages: Verilog, VHDL, AHDL, etc. Alternative FPGAs can be programmable logic controllers (PLCs), base matrix crystals ( BMK) requiring a factory production process for programming; ASIC - specialized custom large integrated circuits (LSI), which are much more expensive in small-scale and single-unit production.

[00142] Typically, the FPGA chip itself consists of the following components: • configurable logic blocks that implement the required logical function;

• programmable electronic communications between configurable logic blocks;

· Programmable I / O blocks, providing the connection of the external output of the microcircuit with internal logic.

[00143] Thus, the implementation of all used components is achieved by standard means based on the classical principles of implementation of the foundations of computer technology.

[00144] Some parts of the description of preferred embodiments of the present invention are presented in the form of algorithms and a symbolic representation of operations with data bits in computer memory. Such descriptions and representations of algorithms represent the means used by specialists in the field of data processing in order to most effectively transfer the essence of their work to other specialists in this field. In this document, and in general, an algorithm is a sequence of computational operations leading to the required technical result. Operations require physical manipulations with physical quantities. Usually, although not necessarily, these quantities take the form of electrical or magnetic signals that can be stored, transmitted, combined, compared and subjected to other manipulations. For use, it is convenient to describe these signals in the form of bits, values, elements, symbols, members, numbers, etc.

[00145] However, it should be borne in mind that all these and similar terms should be associated with the corresponding physical quantities, and that they are simply convenient labels that apply to these quantities. Unless otherwise specifically and explicitly indicated in the following description, it should be assumed that throughout the text such terms as “definition”, “calculation”, “calculation”, “receipt”, “establishment”, “change”, etc., relate to the actions and processes of a computing device or similar electronic computing device that works with data and converts data presented in the form of physical (e.g. electronic) values in the registers and memory of the computing device, into other data similarly represented as physical quantities in the memory or registers of the computing device, or other similar devices for storing, transmitting or displaying information.

[00146] The invention may be embodied in other forms within the framework of the constructions, methods, or other essential characteristics of the invention in accordance with the detailed description given in this document and the following claims. The described embodiments of the invention should be considered in all respects only as illustrative and not restrictive. Thus, the scope of legal protection of the invention is defined in the independent paragraphs of the attached claims, and not the previous description. All changes within the meaning and range of equivalence of the claims fall within the scope of legal protection defined by these paragraphs.

Claims

FORMULA

1. A method of authorizing a user based on his digital key, including the following steps:

• form at least one digital key of at least one user in the subsystem for issuing and administering digital keys;

• transmit the generated at least one digital key of at least one user from the subsystem for issuing and administering digital keys to the digital key holder;

• carry out authorization of the digital key carrier on the control controller when the user approaches the predetermined signal range of the access control device to which the control controller is connected;

• in case of successful authorization, at least one command is sent from the digital key carrier to at least one control controller;

• check the rights to execute at least one command received by the control controller, and if the command is authorized by rights, the control controller executes it,

otherwise refuses to comply.

2. The method according to claim 1, characterized in that when forming a digital key, the following steps are performed:

• receive the master key of the control controller;

• salt is formed using a pseudo-random number generator;

• based on the master key of the control controller and the salts formed in the previous step, the client key is determined as a hash value;

• form an electronic digital signature of user rights based on the master key.

3. The method according to claim 1, characterized in that they generate a digital key of the user using the hash functions MD5 and / or SHA-1, and / or SHA-2, and / or RIPEMD128, and / or RIPEMD-160, and / or CRC-32.

4. The method according to claim 1, characterized in that the digital key carrier is authorized using message encryption.

5. The method according to claim 1, characterized in that they form a digital key of the user by combining the data blocks of the methods of connecting to the controller, the cryptographic key of the client, token.

6. The method according to claim 1, characterized in that the digital key carrier is a mobile phone or smartphone, or tablet, or wearable device, or key fob.

7. A method of authorizing a user based on his digital key, including the following steps:

• form at least one digital key of at least one user in the control controller;

• transmitting the generated at least one digital key of at least one user from the control controller to the digital key carrier;

otherwise refuses to comply.

8. A user authorization system based on his digital key, comprising: • a subsystem for issuing and administering digital keys, configured to

on the formation of a digital user key and storing a master key in its database;

about transferring the generated at least one digital key to at least one user to the digital key carrier;

• at least one digital key carrier configured to

about sending at least one command to at least one control controller in case of successful authorization on this control controller;

• at least one control controller configured to

on authorization of the digital key carrier when the user approaches the predetermined range of the controller signal;

about controlling at least one access control device;

on verification of rights to execute at least one command received from the digital key carrier,

• if the command is allowed by rights, the control controller executes it,

I otherwise refuse to execute.

9. The system according to claim 8, characterized in that the control controller is a microcontroller.

10. The system according to claim 8, characterized in that the digital key carrier is a mobile user communication device.