Nothing Special   »   [go: up one dir, main page]

EP3358534A1 - Delegation of access rights - Google Patents

Delegation of access rights Download PDF

Info

Publication number
EP3358534A1
EP3358534A1 EP17154714.4A EP17154714A EP3358534A1 EP 3358534 A1 EP3358534 A1 EP 3358534A1 EP 17154714 A EP17154714 A EP 17154714A EP 3358534 A1 EP3358534 A1 EP 3358534A1
Authority
EP
European Patent Office
Prior art keywords
access
data carrier
rights
access rights
based resource
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP17154714.4A
Other languages
German (de)
French (fr)
Inventor
Gero FIEGE
Alexander FANARJI
Martin Wolf
Dieter Schwarz
Ivan KRAVCHENKO
Stephan GIERNICH
Werner Hirtsiefer
Andreas Schmidt
Simone ESCH
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dormakaba Deutschland GmbH
Original Assignee
Dormakaba Deutschland GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dormakaba Deutschland GmbH filed Critical Dormakaba Deutschland GmbH
Priority to EP17154714.4A priority Critical patent/EP3358534A1/en
Publication of EP3358534A1 publication Critical patent/EP3358534A1/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/04Access control involving a hierarchy in access rights

Definitions

  • the present invention is related to the field of access control systems for controlling access to one or more specific areas in a building.
  • EAC systems electronic access control systems are often used to control access to certain areas or physical spaces within the building.
  • These electronic access control systems (which will be also referred to in the following as EAC systems) usually comprise a door lock that gives access to that specific physical space of the building; a user who wants to access this space is in possession of some sort of mobile data carrier with an identification code stored therein.
  • the identification code is read by the reader, and if the read identification code is valid, then access to the space secured by the door lock is given to the holder of the mobile data carrier.
  • the identification code stored in the mobile data carrier which upon being determined as valid gives access to the physical space is provided by a control access server.
  • this access control server is the element of the EAC system in charge of establishing these identification codes when setting up the EAC system; the access control server then provides these identification codes to the mobile data carrier and to the door lock.
  • Different identification codes are usually given to every user of the EAC system who requests access that specific space.
  • Each identification code may be valid to gain access to a single space within the building, or it may provide access to several spaces or areas within the building (their office or the cafeteria in a business building), but not to others (the servers area in the IT department or the safe deposit room in the account department).
  • the identification code may be valid any time, or its validity may be temporarily restricted (so that an employee has access on weekdays and at certain time slots, but not during the weekend).
  • the invention provides an access control system for delegating access rights to non-users of the system in a flexible and simple manner.
  • access control system of the present invention it is possible to provide access rights to a user so that this user can access specific spaces within the system.
  • These access rights can be provided so as to access one or more access-based resources within the access control system.
  • these access rights can be time-limited or not, depending on what the previously-registered user of the access control system decides to do.
  • an access control system for a physical space within a building comprising:
  • the access control server upon receiving a request of delegation of access rights from the first data carrier, is configured to define access rights for a second data carrier, so that access to the physical space can be granted to the second data carrier upon the access-based resource validating the access rights of the second data carrier, the request of delegation of access rights from the first data carrier comprising data related to the second data carrier or related to a user of the second data carrier.
  • the access control server is usually a remote access control server managing several access-based resources located within the same building or in different buildings.
  • the access control server is preferably cloud-based, and communication between the access control server with the other elements is carried out via a wireless communication network.
  • the access control server is not remotely located from the access-based resources it controls, and the communication network may be wired.
  • the access control system comprises an access-based resource, and in some embodiments it comprises several access-based resources managed by the same access control server or by several access control servers.
  • the access-based resource has communication capabilities to communicate with the access control server and with the first data carrier. The capability of the access-based resource to communicate with the data carrier(s) is ensured at the production process by adding a secret for decrypting the communication with the data carrier, including the encrypted access rights.
  • the access-based resource is an electronic or intelligent lock mounted in a door (or similar) which gives access to the physical space in the building.
  • the electronic lock usually comprises a reader which is able to read access rights stored in the first data carrier; it is also possible that the reader is implemented as an element physically separate of the electronic lock.
  • the access-based resource is configured to grant access to the physical space upon reading and validating access rights presented to it by the first data carrier.
  • the first data carrier (preferably a mobile data carrier) can be any mobile device or portable electronic device that has processing and communication capabilities, so as to process signals and exchange information with other elements, such as the access control server and the access-based resource.
  • Communication between the first data carrier and the access-based resource is preferably done via a short-range communication channel (infrared, NFC, Bluetooth® or BLE, WiFi, etc).
  • Communication between the first data carrier and the access control server is preferably done using any telecommunications network (3G, LTE, etc).
  • this first data carrier comprises memory means for storing access rights, which are readable by the access-based resource. These access rights include preferably encrypted data, more preferably in binary form.
  • the first data carrier may just serve as carrier and storing means for the access rights; the first data carrier does not need to be able to process or understand these access rights; the access-based resource is able to read and process these preferably encrypted access rights; obviously, the access control server is also able to process these access rights.
  • the memory means of the first data carrier also store user rights, which enable a user of the first data carrier to access the access control server; these user rights also enable the user of the first data carrier to delegate access rights to other users.
  • the user of the first data carrier may use their user rights to request of delegation of their access rights to a second data carrier;
  • the request of delegation of access rights comprises data related to the second data carrier (IMSI, MSISDN, or any other set of data that uniquely identifies a mobile device) or data related to a user of the second data carrier (such as an email address or a username or a social network identity of the user, reachable from the second data carrier).
  • the access control server is configured to define access rights for a second data carrier.
  • the access control server is configured to send the access rights of the second data carrier directly to the second data carrier, preferably via means of an encrypted data package. It could also be possible that the access control server is configured to send the access rights of the second data carrier to the first data carrier or another intermediate data carrier in the system, which in turn is configured to send them to the second data carrier.
  • access to the physical space secured by the access-based resource is granted upon validation of the access rights stored in the first data carrier or in the second data carrier.
  • Validation of the access rights is preferably done at the access-based resource; this validation is preferably carried out offline, without establishing any communication with the access control server at the time of validation, thereby saving resources from the access-based resource.
  • Validation of the access rights could also be done at the access control server.
  • the access control system further comprises one or more traffic point terminals, which are usually located close to the access-based resource(s), and validation is carried out by these terminals. Regardless of who carries out the validation of the access rights (the access-based resource, the access control server or the traffic point terminals), the access-based resource, upon validation of the access rights of the first data carrier or of the second data carrier, is configured to give access to the physical space in the building.
  • the user of the first data carrier who is a user previously registered in the system and has user rights, may decide to provide access rights to one or more access-based resources within the access control system.
  • the access rights provided to the second data carrier are equivalent to the access rights stored in the first data carrier That is, it is possible that the user of the second data carrier is provided with equivalent access rights as the user of the first data carrier has in the system (they are equivalent but not actually the same, since their encryption is not necessarily equal); this solution may prove helpful if the user of the first data carrier (the "delegating user”) completely trusts the user of the second data carrier (the “delegated user”) and wants to grant "total” access rights (timewise and regarding the access-based resources) to this delegated user in a simple and rapid fashion.
  • These access rights can be time-limited or not, depending on what the user of the first data carrier wishes to establish for the user of the second data carrier. In case the access rights are provided to the second data carrier for a predetermined period of time, these access rights will advantageously expire by themselves, offline; that is, there is no need for the user of the first data carrier to connect to the access control server to remove the delegated access rights.
  • Another aspect of the invention refers to a method for delegating access rights for accessing a physical space within a building, the method comprising:
  • Validation of the access rights of the second data carrier is preferably carried out by the access-based resource, not requiring communication with the access control server at the time of validation.
  • the method further comprises the access control server sending the defined access rights for the second data carrier directly to the second data carrier; since the access rights are generated and defined by the access control server, from a security point of view it is preferred are directly sent to the second data carrier in an encrypted data package.
  • the method Prior to sending the access rights of the second data carrier, either directly to the second data carrier, or via another element (such as the first data carrier), the method further comprises encrypting the access rights, preferably in binary form. Any access rights defined by the access control server are preferably encapsulated in an encrypted data package, and are then provided to the first data carrier, when the EAC system is set up, and to other data carriers upon request.
  • the method further comprises sending additional data to the second data carrier, the additional data being related to the access-based resource and/or being related to a user of the access-based resource.
  • additional data may comprise geographical and/or geolocation data to facilitate the user of the second data carrier to reach the access-based resource.
  • additional data may be sent to the second data carrier together with the access rights of the second data carrier using a same communications channel, preferably wirelessly.
  • the additional data need not be encrypted, just the access rights are preferably encrypted.
  • the method comprises further sending to the second data carrier a one-time access to the access control server, which may be in the form of a link to the access control server.
  • a one-time access to the access control server, which may be in the form of a link to the access control server.
  • this one-time access allows to the second data carrier to access the server and download the additional data.
  • the method prior to granting access to the physical space by the access-based resource, the method further comprises validating code provided by the first data carrier or by the second data carrier.
  • This code to be provided by the first or the second data carriers usually upon request to carry out some action with the data carrier, may be gesture-based code (such as a shaking gesture with the first or the second data carrier), or it may be a PIN code or similar, previously introduced in the first or the second data carrier.
  • This additional step of validating code at the user side, not just at the access control server side enhances the security in case the first and/or the second data carrier(s) are lost by their authentic user(s).
  • the access-based resource grants access to the physical space upon validation of the access rights preferably at the remote control server.
  • the method further comprises establishing a short-range communications channel between the access-based resource and the first data carrier, this short-range communications channel allowing the first data carrier to carry out one or more of the following actions:
  • this short-range communications channel preferably a Bluetooth Low Energy channel
  • this short-range communications channel provides numerous end-user oriented features, which were previously not possible for the user of the first data carrier.
  • the user of the first data carrier may block the access-based resource from their first data carrier, so that the access-based resource cannot be opened from any data carrier, regardless of the access control server. Also, it is possible to establish that the access-based resource is openable by certain data carriers, established by the user of the first data carrier.
  • Another aspect of the invention refers to an access control server for a physical space within a building, the access control server comprising:
  • the access control server of the invention may in some embodiments be in charge of validating the access rights, for which purpose it further comprises validation means.
  • the access control server comprises means for sending the access rights defined for the second data carrier directly to the second data carrier, preferably by means of an encrypted data package.
  • the access control server also preferably comprises encrypting means for encrypting the access rights defined for the second data carrier; in such case, the access-based resource is capable of reading the encrypted access rights.
  • This invention provides a flexible and simple solution to the problem previously posed in the background section with an access control system for delegating access rights to third party users.
  • the example described in the following corresponds to a parcel delivery service, where a customer of the service and owner of a house wishes to grant temporary access to this house to a parcel courier.
  • the access control system provided by the present disclosure is also applicable to and useful in other services such as nursing services or building management (for managing access to doors, locker facilities and IT communications cabinets), where a flexible and efficient key management systems is required.
  • data processing units are assumed to include standardized cryptography modules and algorithms.
  • Figure 1 shows the main elements of the access control system 100 of the invention, and how they are interrelated.
  • This electronic lock 10 is burglar-proof, for example, an XS-Pro cylinder with a Legic® reader, complemented with Bluetooth or BLE functionality.
  • Mr. Smith also has a mobile smartphone 20, where he can download an application (an Android or iOS App) associated with the access control system 100 and therefore become a user of the system by registering (with his mobile phone number and/or email address) and getting one or more administrator usernames and passwords.
  • an application an Android or iOS App
  • the house holder acquires user rights for accessing an access control server 30 and for setting access rights to the electronic lock 10. It is also possible to become a user of the system via the corresponding webpage.
  • the access control server 30 provides a web-based software that is in charge of generating the individual, time-related and lock-specific access rights, and of maintaining these access rights afterwards. These access rights generated by the access control server 30 were provided to Mr. Smith's mobile smartphone 20, once Mr. Smith registered himself in the system.
  • the corresponding validation rule which is necessary for the secure communication between the mobile smartphone and the electronic lock was included in the electronic lock 10 when the electronic lock 10 was manufactured (a secret for decrypting the communication with the data carrier was provided to the electronic lock): the electronic lock 10 checks if the access rights correspond to that specific lock 10 which is represented by a unique ID as part of the encrypted access rights, and also verifies if the access rights are valid at the specific date and time.
  • the downloaded application also enables Mr.
  • Mr. Smith wishes to temporarily give access rights to the parcel courier, so that the parcel courier can deliver a parcel at his house, where there is no one in at the estimated time the courier will deliver the parcel.
  • Mr. Smith can access the access control server 30, where a list associated to him as a user is stored; this list includes inter alia, the electronic locks he wishes to have controlled and managed by the system, the users he wants to give access to and to which electronic lock(s) each user has access to, and whether the access authorization is time restricted or not.
  • Mr. Smith accesses the access control server 30 with the application in his mobile smartphone or via the corresponding webpage, and indicates that he wishes to delegate access rights to the electronic lock 10 to the parcel courier for a time slot around the estimated delivery time. To do so, Mr. Smith includes the parcel courier's mobile phone number and/or email address in his list, associating the parcel courier's data with the electronic lock 10 and during the required time period.
  • the access control server defines encrypted access rights for the parcel courier's mobile phone which are readable by the electronic lock 10, and which will permit the parcel courier to open the electronic door 10 during the time period defined by Mr. Smith, by using his mobile phone 40.
  • These encrypted access rights are sent to the parcel courier's mobile phone 40, via an encrypted data package.
  • the parcel courier has already downloaded the application, as a frequent user of the system; and upon receiving the access rights delegated by Mr. Smith, he may open the electronic lock 10 with his mobile phone 40 and leave the parcel inside Mr. Smith's house.
  • a one-time access to a public application store (such as Google Play Store or Apple App Store) is sent to the mobile device via SMS or email so as to download the application and be able to open the electronic lock.
  • a public application store such as Google Play Store or Apple App Store
  • the owner of the mobile device may also register himself into the access control system; then the encrypted access rights for the electronic lock 10 are sent to the mobile device.
  • the access rights provided to the parcel courier are time restricted to the time interval chosen by Mr. Smith.
  • the access control server configures these access rights as valid for the specific time interval and then they expire by themselves offline. There is no need to synchronize with the access control server in order to terminate the validity of the access rights. So in case of losing the smartphone, a possible intruder that takes the smartphone will not be able to open the electronic door: since validation is carried out offline and the smartphone is used as an AoC ('access on card') to open the electronic lock 10, the 'AoC' access rights which are time restricted will not open the electronic lock after the time interval chosen by Mr. Smith, which can be made to a single day or even some hours.
  • the time period in which the access rights is valid is set by the access control server, typically to 1-3 days. This means that if the access rights are not time restricted the encrypted access rights file is not valid after this time period and must be refreshed (sent again) by the access control server.
  • the parcel courier may get in his mobile phone 40 data to locate Mr. Smith's house.
  • These data can be a picture of the front door, that Mr. Smith has previously uploaded in the access control server 30 making use of his user rights; if the picture of the front door is too heavy, instead of the picture itself, the parcel courier may receive a link to the URL direction where the picture is stored in the access control server 30.
  • These data can also include additional contact details of Mr. Smith, such as Mr. Smith's mobile phone number, so that the parcel courier may contact him if necessary. Or these data may include geolocalisation data or navigation directions to Mr. Smith's front door.
  • Mr. Smith may decide that the electronic lock 10 of his front door 11 is only openable if, in addition to presenting access rights validated by the access control server 30, a valid PIN code is entered by the user of the smartphone mobile phone. Or he may also establish that a specific action or gesture has be done with the smartphone. In such case, Mr. Smith with his user rights can do so by executing the application in his smartphone, accessing the access control server, and entering the should specific PIN code or gesture-based action that is needed to additionally input to open the electronic lock of his front door.
  • This two-step validation provides a security feature in case Mr. Smith loses his smartphone 20, since if the PIN or gesture-based action request is activated, the user must know the required PIN or gesture-based action, enter the PIN or do the gesture, and hold the device again in front of the electronic lock to open it.
  • third parties such as family and friends as well as to a number of pre-selected service providers
  • third parties are provided with a permanent and/or temporary electronic key (access rights) via a wireless network upon a request to do so by a user having such user rights.
  • the short-range communication channel established between the smartphone of Mr. Smith and the electronic lock 10 is implemented in the present invention with Bluetooth Low Energy technology.
  • This communications channel can be used inter alia for the following end-user oriented features:
  • the data organization within the communications channel is flexible and scalable.
  • the method for delegating access rights of the present invention includes sequences of messages and commands for reading the access rights, validating the access rights at the access control server, and granting access to the access-based resource.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The aplication refelates to a system (100) for controlling access to a physical space within a building. It comprises an access control server (30), an electronic lock (10) for granting access to the physical space upon validation of access rights and an administrator smartphone (20) capable of communicating with the electronic lock (10) and with the access control server (30). The administrator smartphone stores access rights readable by the electronic lock (10) and user rights for accessing the access control server (30) and for delegating access rights.
Upon receiving a request of delegation of access rights from the administrator smartphone (20), the access control server (30) defines access rights for another mobile phone (40), so that the electronic lock may be opened using the other mobile phone (40) upon validating its access rights. The request of delegation of access rights comprises data related to the other mobile phone (40) or to its user.

Description

    TECHNICAL FIELD
  • The present invention is related to the field of access control systems for controlling access to one or more specific areas in a building.
  • STATE OF THE ART
  • It is known that electronic access control systems are often used to control access to certain areas or physical spaces within the building. These electronic access control systems (which will be also referred to in the following as EAC systems) usually comprise a door lock that gives access to that specific physical space of the building; a user who wants to access this space is in possession of some sort of mobile data carrier with an identification code stored therein. When the user approaches that door lock and the mobile data carrier is in close proximity of a reader in the door, the identification code is read by the reader, and if the read identification code is valid, then access to the space secured by the door lock is given to the holder of the mobile data carrier.
  • As a general rule, the identification code stored in the mobile data carrier which upon being determined as valid gives access to the physical space, is provided by a control access server. Indeed, this access control server is the element of the EAC system in charge of establishing these identification codes when setting up the EAC system; the access control server then provides these identification codes to the mobile data carrier and to the door lock. Different identification codes are usually given to every user of the EAC system who requests access that specific space. Each identification code may be valid to gain access to a single space within the building, or it may provide access to several spaces or areas within the building (their office or the cafeteria in a business building), but not to others (the servers area in the IT department or the safe deposit room in the account department). Similarly, the identification code may be valid any time, or its validity may be temporarily restricted (so that an employee has access on weekdays and at certain time slots, but not during the weekend).
  • However, it may be the case that it is necessary to modify the temporal or physical limitation already provided to a user of the system, or that it is necessary to give temporarily give rights to a specific user, who is not a user of the EAC system and has not previously registered in the system. For example, it might be the case that a house holder is not at home and their son has forgotten the keys to the back door, where he usually accesses the house after school. The front door of the house is governed by an EAC system, of which the house holder is a registered user, but the son is not a user thereof, and therefore, cannot access the house via the front door. Or it can be the case where a parcel has to be delivered at the house by a messenger, and there is no one in to open the door.
  • It is therefore evident that current EAC systems do not provide the required flexibility in this respect, since these users (the son, the messenger, etc.) who are not previously registered in the system are unable to access the house, when it would be desirable that they did were able to do so, at least once and/or for a specific time period; the house holder, as user of the system, is bound hand and foot with respect to the possibility of him/her giving access to their house by third parties.
  • It would be highly convenient, from the point of view of the user of the system to have the possibility to give or remove access rights for specific persons to a determined access-based resource, which resource is only accessible upon presenting such access rights.
  • DESCRIPTION OF THE INVENTION
  • The invention provides an access control system for delegating access rights to non-users of the system in a flexible and simple manner.
  • According to the access control system of the present invention, it is possible to provide access rights to a user so that this user can access specific spaces within the system. These access rights can be provided so as to access one or more access-based resources within the access control system. Also these access rights can be time-limited or not, depending on what the previously-registered user of the access control system decides to do.
  • According to the present invention, an access control system for a physical space within a building is provided, the access control system comprising:
    • an access control server;
    • an access-based resource being configured to grant access to the physical space upon validation of access rights;
    • a first data carrier being able to communicate with the access-based resource and with the access control server, the first data carrier comprising memory means for storing:
      • access rights readable by the access-based resource; and
      • user rights for being able to access the access control server and for being able to delegate access rights.
  • According to the present invention, upon receiving a request of delegation of access rights from the first data carrier, the access control server is configured to define access rights for a second data carrier, so that access to the physical space can be granted to the second data carrier upon the access-based resource validating the access rights of the second data carrier, the request of delegation of access rights from the first data carrier comprising data related to the second data carrier or related to a user of the second data carrier.
  • In the present invention, the access control server is usually a remote access control server managing several access-based resources located within the same building or in different buildings. The access control server is preferably cloud-based, and communication between the access control server with the other elements is carried out via a wireless communication network. But it is also possible that in some EAC systems, the access control server is not remotely located from the access-based resources it controls, and the communication network may be wired.
  • As previously defined, the access control system comprises an access-based resource, and in some embodiments it comprises several access-based resources managed by the same access control server or by several access control servers. The access-based resource has communication capabilities to communicate with the access control server and with the first data carrier. The capability of the access-based resource to communicate with the data carrier(s) is ensured at the production process by adding a secret for decrypting the communication with the data carrier, including the encrypted access rights.
  • In some embodiments the access-based resource is an electronic or intelligent lock mounted in a door (or similar) which gives access to the physical space in the building. The electronic lock usually comprises a reader which is able to read access rights stored in the first data carrier; it is also possible that the reader is implemented as an element physically separate of the electronic lock. The access-based resource is configured to grant access to the physical space upon reading and validating access rights presented to it by the first data carrier.
  • In the context of the present invention, the first data carrier (preferably a mobile data carrier) can be any mobile device or portable electronic device that has processing and communication capabilities, so as to process signals and exchange information with other elements, such as the access control server and the access-based resource.
  • Communication between the first data carrier and the access-based resource is preferably done via a short-range communication channel (infrared, NFC, Bluetooth® or BLE, WiFi, etc). Communication between the first data carrier and the access control server is preferably done using any telecommunications network (3G, LTE, etc).
  • As previously defined, this first data carrier comprises memory means for storing access rights, which are readable by the access-based resource. These access rights include preferably encrypted data, more preferably in binary form. In this respect, the first data carrier may just serve as carrier and storing means for the access rights; the first data carrier does not need to be able to process or understand these access rights; the access-based resource is able to read and process these preferably encrypted access rights; obviously, the access control server is also able to process these access rights.
  • The memory means of the first data carrier also store user rights, which enable a user of the first data carrier to access the access control server; these user rights also enable the user of the first data carrier to delegate access rights to other users.
  • According to the present invention, the user of the first data carrier may use their user rights to request of delegation of their access rights to a second data carrier; the request of delegation of access rights comprises data related to the second data carrier (IMSI, MSISDN, or any other set of data that uniquely identifies a mobile device) or data related to a user of the second data carrier (such as an email address or a username or a social network identity of the user, reachable from the second data carrier). Upon receiving such request, the access control server is configured to define access rights for a second data carrier. Preferably, for security reasons, the access control server is configured to send the access rights of the second data carrier directly to the second data carrier, preferably via means of an encrypted data package. It could also be possible that the access control server is configured to send the access rights of the second data carrier to the first data carrier or another intermediate data carrier in the system, which in turn is configured to send them to the second data carrier.
  • Thus, according to the invention, access to the physical space secured by the access-based resource is granted upon validation of the access rights stored in the first data carrier or in the second data carrier.
  • Validation of the access rights is preferably done at the access-based resource; this validation is preferably carried out offline, without establishing any communication with the access control server at the time of validation, thereby saving resources from the access-based resource.
  • Validation of the access rights could also be done at the access control server. Or it is also possible that the access control system further comprises one or more traffic point terminals, which are usually located close to the access-based resource(s), and validation is carried out by these terminals. Regardless of who carries out the validation of the access rights (the access-based resource, the access control server or the traffic point terminals), the access-based resource, upon validation of the access rights of the first data carrier or of the second data carrier, is configured to give access to the physical space in the building.
  • Thus, with the access control system of the present invention it is possible to delegate access rights to a non-authorised user (by non-authorised it is meant that this user does not have access rights required to access a specific physical space in the building), so that this user can access that space within the system, with a very simple and flexible process.
  • The user of the first data carrier, who is a user previously registered in the system and has user rights, may decide to provide access rights to one or more access-based resources within the access control system.
  • In some embodiments the access rights provided to the second data carrier are equivalent to the access rights stored in the first data carrier That is, it is possible that the user of the second data carrier is provided with equivalent access rights as the user of the first data carrier has in the system (they are equivalent but not actually the same, since their encryption is not necessarily equal); this solution may prove helpful if the user of the first data carrier (the "delegating user") completely trusts the user of the second data carrier (the "delegated user") and wants to grant "total" access rights (timewise and regarding the access-based resources) to this delegated user in a simple and rapid fashion.
  • These access rights can be time-limited or not, depending on what the user of the first data carrier wishes to establish for the user of the second data carrier. In case the access rights are provided to the second data carrier for a predetermined period of time, these access rights will advantageously expire by themselves, offline; that is, there is no need for the user of the first data carrier to connect to the access control server to remove the delegated access rights.
  • Another aspect of the invention refers to a method for delegating access rights for accessing a physical space within a building, the method comprising:
    • receiving at an access control server a request of delegation of access rights from a first data carrier to a second data carrier, the first data carrier comprising memory means for storing:
      • access rights readable by an access-based resource, the access-based resource being configured to grant access to the physical space upon validation of the access rights; and
      • user rights for being able to access the access control server and for being able to delegate access rights;
    • the access control server defining access rights for the second data carrier, so that access to the physical space can be granted to the second data carrier upon validating the access rights of the second data carrier.
  • Validation of the access rights of the second data carrier is preferably carried out by the access-based resource, not requiring communication with the access control server at the time of validation.
  • In some embodiments, the method further comprises the access control server sending the defined access rights for the second data carrier directly to the second data carrier; since the access rights are generated and defined by the access control server, from a security point of view it is preferred are directly sent to the second data carrier in an encrypted data package.
  • Prior to sending the access rights of the second data carrier, either directly to the second data carrier, or via another element (such as the first data carrier), the method further comprises encrypting the access rights, preferably in binary form. Any access rights defined by the access control server are preferably encapsulated in an encrypted data package, and are then provided to the first data carrier, when the EAC system is set up, and to other data carriers upon request.
  • In some embodiments, the method further comprises sending additional data to the second data carrier, the additional data being related to the access-based resource and/or being related to a user of the access-based resource. These additional data may comprise geographical and/or geolocation data to facilitate the user of the second data carrier to reach the access-based resource.
  • These additional data may be sent to the second data carrier together with the access rights of the second data carrier using a same communications channel, preferably wirelessly. In this case, the additional data need not be encrypted, just the access rights are preferably encrypted.
  • In some embodiments, the method comprises further sending to the second data carrier a one-time access to the access control server, which may be in the form of a link to the access control server. In such case, if it is desired to send data to the second data carrier which is too heavy (such as a picture of the front door of the house which the user of the first data carrier has previously uploaded in the access control server), then this one-time access allows to the second data carrier to access the server and download the additional data.
  • In some embodiments, prior to granting access to the physical space by the access-based resource, the method further comprises validating code provided by the first data carrier or by the second data carrier. This code to be provided by the first or the second data carriers, usually upon request to carry out some action with the data carrier, may be gesture-based code (such as a shaking gesture with the first or the second data carrier), or it may be a PIN code or similar, previously introduced in the first or the second data carrier. This additional step of validating code at the user side, not just at the access control server side, enhances the security in case the first and/or the second data carrier(s) are lost by their authentic user(s).
  • As previously defined, the access-based resource grants access to the physical space upon validation of the access rights preferably at the remote control server.
  • In some embodiments of the invention, the method further comprises establishing a short-range communications channel between the access-based resource and the first data carrier, this short-range communications channel allowing the first data carrier to carry out one or more of the following actions:
    • reading history data of the access-based resource; and/or,
    • setting date and/or time of the access-based resource; and/or,
    • setting the access-based resource to a specific state under which the access-based resource cannot be opened from any data carrier; and/or,
    • setting the access-based resource to a specific state under which the access-based resource can be opened from the first data carrier.
  • That is, this short-range communications channel, preferably a Bluetooth Low Energy channel, provides numerous end-user oriented features, which were previously not possible for the user of the first data carrier. In this respect, via this BLE channel, the user of the first data carrier may block the access-based resource from their first data carrier, so that the access-based resource cannot be opened from any data carrier, regardless of the access control server. Also, it is possible to establish that the access-based resource is openable by certain data carriers, established by the user of the first data carrier.
  • Another aspect of the invention refers to an access control server for a physical space within a building, the access control server comprising:
    • means for communicating with an access-based resource, the access-based resource being configured to grant access to the physical space upon validation of access rights;
    • means for communicating with a first data carrier, the first data carrier comprising access rights readable by the access-based resource and user rights for being able to access the access control server and for being able to delegate access rights;
    • means for receiving a request from the first data carrier for delegation of access rights to a second data carrier, the request of delegation of access rights from the first data carrier comprising data related to the second data carrier; and
    • means for defining access rights for the second data carrier, so that the access to the physical space can be granted to the second data carrier upon validation of the access rights.
  • The access control server of the invention may in some embodiments be in charge of validating the access rights, for which purpose it further comprises validation means.
  • Also preferably and conveniently, the access control server comprises means for sending the access rights defined for the second data carrier directly to the second data carrier, preferably by means of an encrypted data package. In fact, the access control server also preferably comprises encrypting means for encrypting the access rights defined for the second data carrier; in such case, the access-based resource is capable of reading the encrypted access rights.
  • The different aspects and embodiments of the invention defined in the foregoing can be combined with one another, as long as they are compatible with each other.
  • Additional advantages and features of the invention will become apparent from the detailed description that follows and will be particularly pointed out in the appended claims.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • To complete the description and in order to provide for a better understanding of the invention, a set of drawings is provided. Said drawings form an integral part of the description and illustrate an embodiment of the invention, which should not be interpreted as restricting the scope of the invention, but just as an example of how the invention can be carried out. The drawings comprise the following figures:
    • Figure 1 is a schematic block representation of the access control system of the present invention.
    DESCRIPTION OF A WAY OF CARRYING OUT THE INVENTION
  • The following description is not to be taken in a limiting sense but is given solely for the purpose of describing the broad principles of the invention. Embodiments of the invention will be now described by way of example, with reference to the above-mentioned drawings showing elements and results according to the invention.
  • This invention provides a flexible and simple solution to the problem previously posed in the background section with an access control system for delegating access rights to third party users.
  • The example described in the following corresponds to a parcel delivery service, where a customer of the service and owner of a house wishes to grant temporary access to this house to a parcel courier. But the access control system provided by the present disclosure is also applicable to and useful in other services such as nursing services or building management (for managing access to doors, locker facilities and IT communications cabinets), where a flexible and efficient key management systems is required.
  • In the context of the present invention, data processing units are assumed to include standardized cryptography modules and algorithms.
  • Figure 1 shows the main elements of the access control system 100 of the invention, and how they are interrelated.
  • A house holder, Mr. Smith, as a customer of the parcel delivery service, has an electronic lock 10 installed at the front door 11 of his home 12. This electronic lock 10 is burglar-proof, for example, an XS-Pro cylinder with a Legic® reader, complemented with Bluetooth or BLE functionality.
  • Mr. Smith also has a mobile smartphone 20, where he can download an application (an Android or iOS App) associated with the access control system 100 and therefore become a user of the system by registering (with his mobile phone number and/or email address) and getting one or more administrator usernames and passwords. As a registered user the house holder acquires user rights for accessing an access control server 30 and for setting access rights to the electronic lock 10. It is also possible to become a user of the system via the corresponding webpage.
  • The access control server 30 provides a web-based software that is in charge of generating the individual, time-related and lock-specific access rights, and of maintaining these access rights afterwards. These access rights generated by the access control server 30 were provided to Mr. Smith's mobile smartphone 20, once Mr. Smith registered himself in the system. The corresponding validation rule which is necessary for the secure communication between the mobile smartphone and the electronic lock was included in the electronic lock 10 when the electronic lock 10 was manufactured (a secret for decrypting the communication with the data carrier was provided to the electronic lock): the electronic lock 10 checks if the access rights correspond to that specific lock 10 which is represented by a unique ID as part of the encrypted access rights, and also verifies if the access rights are valid at the specific date and time. The downloaded application also enables Mr. Smith to open the electronic lock 10 installed at the front door 11 of his house using his smartphone 20, via a Bluetooth communication interface that is established between the electronic lock 10 and the smartphone 20. In order to open the electronic lock 1, the application should be executed and kept on running as a background process. It is then necessary to activate the application and to unlock the screen of the smartphone and activate the door unlocking in the application to open the door. Mr. Smith needs to hold his smartphone in front of the reader in the cylinder and the electronic lock will open upon validation Mr. Smith's access rights at the access control server 30.
  • The downloaded application provides other features and capabilities, which will be explained afterwards.
  • In the present example Mr. Smith wishes to temporarily give access rights to the parcel courier, so that the parcel courier can deliver a parcel at his house, where there is no one in at the estimated time the courier will deliver the parcel.
  • As a user of the system having user rights, Mr. Smith can access the access control server 30, where a list associated to him as a user is stored; this list includes inter alia, the electronic locks he wishes to have controlled and managed by the system, the users he wants to give access to and to which electronic lock(s) each user has access to, and whether the access authorization is time restricted or not. In this specific example Mr. Smith accesses the access control server 30 with the application in his mobile smartphone or via the corresponding webpage, and indicates that he wishes to delegate access rights to the electronic lock 10 to the parcel courier for a time slot around the estimated delivery time. To do so, Mr. Smith includes the parcel courier's mobile phone number and/or email address in his list, associating the parcel courier's data with the electronic lock 10 and during the required time period.
  • Upon doing this, the access control server defines encrypted access rights for the parcel courier's mobile phone which are readable by the electronic lock 10, and which will permit the parcel courier to open the electronic door 10 during the time period defined by Mr. Smith, by using his mobile phone 40.
  • These encrypted access rights are sent to the parcel courier's mobile phone 40, via an encrypted data package. The parcel courier has already downloaded the application, as a frequent user of the system; and upon receiving the access rights delegated by Mr. Smith, he may open the electronic lock 10 with his mobile phone 40 and leave the parcel inside Mr. Smith's house.
  • If the owner of the mobile device who has been delegated access rights is not yet registered in the system, a one-time access to a public application store (such as Google Play Store or Apple App Store) is sent to the mobile device via SMS or email so as to download the application and be able to open the electronic lock. This way, the owner of the mobile device may also register himself into the access control system; then the encrypted access rights for the electronic lock 10 are sent to the mobile device.
  • In the present example, the access rights provided to the parcel courier are time restricted to the time interval chosen by Mr. Smith. The access control server configures these access rights as valid for the specific time interval and then they expire by themselves offline. There is no need to synchronize with the access control server in order to terminate the validity of the access rights. So in case of losing the smartphone, a possible intruder that takes the smartphone will not be able to open the electronic door: since validation is carried out offline and the smartphone is used as an AoC ('access on card') to open the electronic lock 10, the 'AoC' access rights which are time restricted will not open the electronic lock after the time interval chosen by Mr. Smith, which can be made to a single day or even some hours. Furthermore, the time period in which the access rights is valid is set by the access control server, typically to 1-3 days. This means that if the access rights are not time restricted the encrypted access rights file is not valid after this time period and must be refreshed (sent again) by the access control server.
  • In case the validation of the access rights is done online at the access control server, the access rights presented with the "lost" smartphone will not be validated, since Mr. Smith when detecting the smartphone loss deletes those access rights from the list in the server.
  • In order to make it easier for the parcel courier to reach Mr. Smith's house, in addition to the access rights the parcel courier may get in his mobile phone 40 data to locate Mr. Smith's house. These data can be a picture of the front door, that Mr. Smith has previously uploaded in the access control server 30 making use of his user rights; if the picture of the front door is too heavy, instead of the picture itself, the parcel courier may receive a link to the URL direction where the picture is stored in the access control server 30. These data can also include additional contact details of Mr. Smith, such as Mr. Smith's mobile phone number, so that the parcel courier may contact him if necessary. Or these data may include geolocalisation data or navigation directions to Mr. Smith's front door.
  • To provide these additional data may be very helpful to the parcel courier in certain situations, for example, when the parcel courier is unable to find Mr. Smith's house, because Mr. Smith's address is not very precise or fully detailed; for example, Mr. Smith's lives in a group of similar houses, all having the same postal address; by getting the picture of the front door the courier can identify the correct house.
  • These additional data need not be encrypted, and can be sent to the parcel courier's mobile phone 40 together with the access rights using the same channel; there is no need to establish a separate channel.
  • Mr. Smith may decide that the electronic lock 10 of his front door 11 is only openable if, in addition to presenting access rights validated by the access control server 30, a valid PIN code is entered by the user of the smartphone mobile phone. Or he may also establish that a specific action or gesture has be done with the smartphone. In such case, Mr. Smith with his user rights can do so by executing the application in his smartphone, accessing the access control server, and entering the should specific PIN code or gesture-based action that is needed to additionally input to open the electronic lock of his front door. This two-step validation provides a security feature in case Mr. Smith loses his smartphone 20, since if the PIN or gesture-based action request is activated, the user must know the required PIN or gesture-based action, enter the PIN or do the gesture, and hold the device again in front of the electronic lock to open it.
  • By means of the present invention it is possible to provide access rights to third parties (such as family and friends as well as to a number of pre-selected service providers) via a cloud-based management system. These third parties are provided with a permanent and/or temporary electronic key (access rights) via a wireless network upon a request to do so by a user having such user rights.
  • The short-range communication channel established between the smartphone of Mr. Smith and the electronic lock 10 is implemented in the present invention with Bluetooth Low Energy technology. This communications channel can be used inter alia for the following end-user oriented features:
    • For reading data from the reader of the electronic lock in order to present these data to the user the history data: Mr. Smith can see on the application any log entries to the electronic lock, checking the times at which the electronic lock has been opened, or when an attempt to open the electronic lock has failed.
    • For setting the reader's date and time: Mr. Smith may use the application on his smartphone to set the current date and time on the door reader.
    • For setting a blocking state on the electronic lock, so that it may not be opened, even if upon presentation of valid access. And for reversing this situation to an open state, where the electronic lock can be again opened. Mr. Smith may decide to block his house during the summer time to anyone, even to authorized users, as an additional security measure.
  • As shown, with the established communication channel is it possible to transfer multiple data chunks from the electronic lock to the smartphone and vice versa. The data organization within the communications channel is flexible and scalable.
  • Though not detailed, the method for delegating access rights of the present invention includes sequences of messages and commands for reading the access rights, validating the access rights at the access control server, and granting access to the access-based resource.
  • In this text, the term "comprises" and its derivations (such as "comprising", etc.) should not be understood in an excluding sense, that is, these terms should not be interpreted as excluding the possibility that what is described and defined may include further elements, steps, etc.
  • The invention is obviously not limited to the specific embodiment(s) described herein, but also encompasses any variations that may be considered by any person skilled in the art (for example, as regards the choice of materials, dimensions, components, configuration, etc.), within the general scope of the invention as defined in the claims.

Claims (15)

  1. An access control system for a physical space within a building, the access control system comprising:
    - an access control server (30);
    - an access-based resource (10) being configured to grant access to the physical space upon validation of access rights;
    - a first data carrier (20) being able to communicate with the access-based resource (10) and with the access control server (30), the first data carrier comprising memory means for storing:
    - access rights readable by the access-based resource (10); and
    - user rights for being able to access the access control server (30) and for being able to delegate access rights;
    wherein:
    - upon receiving a request of delegation of access rights from the first data carrier (20), the access control server (30) is configured to define access rights for a second data carrier (40), so that access to the physical space can be granted to the second data carrier (40) upon validating the access rights of the second data carrier (40), the request of delegation of access rights from the first data carrier (20) comprising data related to the second data carrier (40) or related to a user of the second data carrier (40).
  2. The access control system of claim 1, wherein the access-based resource is configured to validate the access rights of the first data carrier (20) or of the second data carrier (40)..
  3. The access control system of any of claims 1-2, wherein the access rights provided to the second data carrier (40) are equivalent to the access rights stored in the first data carrier (20).
  4. The access control system of any of claims 1-2, wherein access rights are provided to the second data carrier (40) for a predetermined period of time.
  5. Method for delegating access rights for accessing a physical space within a building, the method comprising:
    - receiving at an access control server (30) a request of delegation of access rights from a first data carrier (20) to a second data carrier (40), the first data carrier (20) comprising memory means for storing:
    - access rights readable by an access-based resource (10), the access-based resource being configured to grant access to the physical space upon validation of the access rights; and
    - user rights for being able to access the access control server (30) and for being able to delegate access rights;
    - the access control server (30) defining access rights for the second data carrier (40), so that access to the physical space can be granted to the second data carrier (40) upon validating the access rights of the second data carrier (40).
  6. The method of claim 5, which further comprises the access control server sending the defined access rights for the second data carrier to the second data carrier (40).
  7. The method of any of claims 5-6, which further comprises encrypting the access rights of the second data carrier.
  8. The method of any of claims 5-7, which further comprises sending additional data to the second data carrier, the additional data being related to the access-based resource and/or being related to a user of the access-based resource.
  9. The method of claim 8, wherein the additional data is sent to the second data carrier together with the access rights of the second data carrier using a same channel.
  10. The method of any of claims 5-9, which further comprises sending to the second data carrier (40) a one-time access to the access control server.
  11. The method of any of claims 5-10, wherein, prior to granting access to the physical space by the access-based resource, the method further comprises validating code provided by the first data carrier or by the second data carrier.
  12. The method of any of claims 5-11, which further comprises establishing a short-range communications channel between the access-based resource and the first data carrier the short-range communications channel allowing the first data carrier to carry out one or more of the following actions:
    ∘ reading history data of the access-based resource (10); and/or,
    ∘ setting date and/or time of the access-based resource (10); and/or,
    ∘ setting the access-based resource to a state under which the access-based resource (10) cannot be opened from any data carrier; and/or,
    ∘ setting the access-based resource to a state under which the access-based resource can be opened from certain data carriers.
  13. An access control server for a physical space within a building, the access control server comprising:
    - means for communicating with an access-based resource (10), the access-based resource being configured to grant access to the physical space upon validation of access rights;
    - means for communicating with a first data carrier (20), the first data carrier comprising access rights readable by the access-based resource (10) and user rights for being able to access the access control server (30) and for being able to delegate access rights;- means for receiving a request from the first data carrier (20) for delegation of access rights to a second data carrier (40), the request of delegation of access rights from the first data carrier (20) comprising data related to the second data carrier (20); and
    - means for defining access rights for the second data carrier, so that the access to the physical space can be granted to the second data carrier upon validation of the access rights.
  14. The access control server of claim 13, which further comprises means for sending the access rights to the second data carrier.
  15. Method of any of claims 5-12 performed by an access control system of any of claims 1-4.
EP17154714.4A 2017-02-03 2017-02-03 Delegation of access rights Withdrawn EP3358534A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP17154714.4A EP3358534A1 (en) 2017-02-03 2017-02-03 Delegation of access rights

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP17154714.4A EP3358534A1 (en) 2017-02-03 2017-02-03 Delegation of access rights

Publications (1)

Publication Number Publication Date
EP3358534A1 true EP3358534A1 (en) 2018-08-08

Family

ID=58158772

Family Applications (1)

Application Number Title Priority Date Filing Date
EP17154714.4A Withdrawn EP3358534A1 (en) 2017-02-03 2017-02-03 Delegation of access rights

Country Status (1)

Country Link
EP (1) EP3358534A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3671663A1 (en) * 2018-12-20 2020-06-24 Assa Abloy AB Co-signing delegations
USD891901S1 (en) 2019-04-05 2020-08-04 Dormakaba Usa Inc. Knob
WO2021063811A1 (en) * 2019-09-30 2021-04-08 Assa Abloy Ab Enabling remote unlock of a lock
WO2021214134A1 (en) 2020-04-23 2021-10-28 Dormakaba Schweiz Ag Method and devices for configuring electronic locks
US11339589B2 (en) 2018-04-13 2022-05-24 Dormakaba Usa Inc. Electro-mechanical lock core
SE2051379A1 (en) * 2020-11-26 2022-05-27 Assa Abloy Ab Configuring access rights for an electronic key
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
EP4148693A1 (en) 2021-09-09 2023-03-15 Axis AB An access control system and a method therein for handling access to an access-restricted physical resource
US11913254B2 (en) 2017-09-08 2024-02-27 dormakaba USA, Inc. Electro-mechanical lock core
US11933076B2 (en) 2016-10-19 2024-03-19 Dormakaba Usa Inc. Electro-mechanical lock core

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140239647A1 (en) * 2013-02-28 2014-08-28 Tyto Life LLC Door lock assembly for a dwelling
US20140266573A1 (en) * 2013-03-15 2014-09-18 The Chamberlain Group, Inc. Control Device Access Method and Apparatus
EP2819103A1 (en) * 2013-06-25 2014-12-31 Evva Sicherheitstechnologie GmbH Method for access control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140239647A1 (en) * 2013-02-28 2014-08-28 Tyto Life LLC Door lock assembly for a dwelling
US20140266573A1 (en) * 2013-03-15 2014-09-18 The Chamberlain Group, Inc. Control Device Access Method and Apparatus
EP2819103A1 (en) * 2013-06-25 2014-12-31 Evva Sicherheitstechnologie GmbH Method for access control

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11933076B2 (en) 2016-10-19 2024-03-19 Dormakaba Usa Inc. Electro-mechanical lock core
US11913254B2 (en) 2017-09-08 2024-02-27 dormakaba USA, Inc. Electro-mechanical lock core
US11339589B2 (en) 2018-04-13 2022-05-24 Dormakaba Usa Inc. Electro-mechanical lock core
US12071788B2 (en) 2018-04-13 2024-08-27 Dormakaba Usa Inc. Electro-mechanical lock core
US12031357B2 (en) 2018-04-13 2024-07-09 Dormakaba Usa Inc. Electro-mechanical lock core
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
US11447980B2 (en) 2018-04-13 2022-09-20 Dormakaba Usa Inc. Puller tool
CN113228120A (en) * 2018-12-20 2021-08-06 亚萨合莱有限公司 Common signature delegation
US11580806B2 (en) 2018-12-20 2023-02-14 Assa Abloy Ab Co-signing delegations
WO2020127475A1 (en) * 2018-12-20 2020-06-25 Assa Abloy Ab Co-signing delegations
US11869292B2 (en) 2018-12-20 2024-01-09 Assa Abloy Ab Co-signing delegations
CN113228120B (en) * 2018-12-20 2023-08-22 亚萨合莱有限公司 Common signature delegation
EP3671663A1 (en) * 2018-12-20 2020-06-24 Assa Abloy AB Co-signing delegations
USD926018S1 (en) 2019-04-05 2021-07-27 Dormakaba Usa Inc. Knob
USD965407S1 (en) 2019-04-05 2022-10-04 Dormakaba Usa Inc Knob
USD937655S1 (en) 2019-04-05 2021-12-07 Dormakaba Usa Inc. Knob
USD891901S1 (en) 2019-04-05 2020-08-04 Dormakaba Usa Inc. Knob
WO2021063811A1 (en) * 2019-09-30 2021-04-08 Assa Abloy Ab Enabling remote unlock of a lock
US12039814B2 (en) 2019-09-30 2024-07-16 Assa Abloy Ab Enabling remote unlock of a lock
WO2021214134A1 (en) 2020-04-23 2021-10-28 Dormakaba Schweiz Ag Method and devices for configuring electronic locks
SE2051379A1 (en) * 2020-11-26 2022-05-27 Assa Abloy Ab Configuring access rights for an electronic key
EP4148693A1 (en) 2021-09-09 2023-03-15 Axis AB An access control system and a method therein for handling access to an access-restricted physical resource

Similar Documents

Publication Publication Date Title
EP3358534A1 (en) Delegation of access rights
US10755507B2 (en) Systems and methods for multifactor physical authentication
US11657128B2 (en) Temporary password usage control method and system
KR102308846B1 (en) System for accessing data from multiple devices
US9741186B1 (en) Providing wireless access to a secure lock based on various security data
US10437977B2 (en) System and method for digital key sharing for access control
KR101296863B1 (en) Entry authentication system using nfc door lock
US9437063B2 (en) Methods and systems for multi-unit real estate management
EP2888855B1 (en) Systems and methods for lock access management using wireless signals
EP2383955B1 (en) Assignment and distribution of access credentials to mobile communication devices
US9384613B2 (en) Near field communication based key sharing techniques
US11570623B2 (en) Secure communication platform
US20190268169A1 (en) A physical key for provisioning a communication device with data allowing it to access a vehicle resource
US20170236350A1 (en) Electronic door lock system
CN110178160B (en) Access control system with trusted third party
KR20160047500A (en) Owner access point to control the unlocking of an entry
US10776474B2 (en) Token execution system for access control
CN104584521A (en) Mobile communication device
US20180367307A1 (en) Secure access to resources
US11348392B2 (en) Method for access control
KR20220072657A (en) SECURITY CONSTRUCTION METHOD FOR IoT DEVICES PLATFORM AND SECURITY CONSTRUCTION SYSTEM FOR IoT DEVICES PLATFORM BASED ON DUAL BLOCKCHAIN COUPLED WITH VIRTUAL BLOCKCHAIN
JP2005032241A (en) Grant of permission to access resource
KR102017337B1 (en) Smart safe based on bluetooth processed with smartphone and method for providing lock or unlocking service of door of safe
KR102142906B1 (en) Digital key based service system thereof in mobile trusted environment
EP3358535A1 (en) Method for localising an electronic lock

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20190209