EP1321901A2 - Méthode pour contrôler les droits d'accès à un objet - Google Patents

Méthode pour contrôler les droits d'accès à un objet Download PDF

Info

Publication number
EP1321901A2
EP1321901A2 EP02406101A EP02406101A EP1321901A2 EP 1321901 A2 EP1321901 A2 EP 1321901A2 EP 02406101 A EP02406101 A EP 02406101A EP 02406101 A EP02406101 A EP 02406101A EP 1321901 A2 EP1321901 A2 EP 1321901A2
Authority
EP
European Patent Office
Prior art keywords
unit
units
mobile
certificate
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP02406101A
Other languages
German (de)
English (en)
Other versions
EP1321901B1 (fr
EP1321901A3 (fr
Inventor
Urs Dütschler
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kaba AG
Original Assignee
Kaba AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kaba AG filed Critical Kaba AG
Publication of EP1321901A2 publication Critical patent/EP1321901A2/fr
Publication of EP1321901A3 publication Critical patent/EP1321901A3/fr
Application granted granted Critical
Publication of EP1321901B1 publication Critical patent/EP1321901B1/fr
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00904Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for hotels, motels, office buildings or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/21Individual registration on entry or exit involving the use of a pass having a variable access code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/215Individual registration on entry or exit involving the use of a pass the system having a variable access-code, e.g. varied as a function of time
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • G07C2009/00238Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks the transmittted data signal containing a code which is changed
    • G07C2009/00253Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks the transmittted data signal containing a code which is changed dynamically, e.g. variable code - rolling code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00634Power supply for the lock

Definitions

  • the invention relates to a method for regulating the access regime to one Object, a locking system, a mobile unit, a stationary unit, a Computer program and a computer program product according to the independent Claims.
  • Complicated and variable train access authorizations also result for the Authorization to access chemical cabinets (in hospitals, laboratories, etc.). The same applies - at a different security level - to schools where the Authorization to access classrooms and preparatory rooms frequently is subject.
  • Variable assignments of access authorizations also increasingly refer to different systems. So there are applications where a few key owners Should have access to different objects, the different systems belong. For example, a supplier might need access to Have storage rooms of different companies, of course each company has its own Locking system.
  • the international publication WO 93/21712 shows an electronic one Security system for payphones and other coin operated machines. at Such systems have the problem that different people for the Collecting the accumulated money are responsible. There is a danger from abuse, and key management is laborious. Therefore, according to the mentioned publication a portable connected to the key Housing presented, which over the public telephone network and a A list of ID codes can be assigned to the modem connection; if one of the ID codes An ID code for a locking cylinder is released. The ID codes can be transmitted encrypted.
  • the Memory in the key can be allocated a time window during which the key authorized to operate the locking cylinder.
  • the key can be on the portable Housing are supplied with energy and also the locking cylinder with energy supply. This system solves the problem of complex key management.
  • the invention basically chooses one compared to the prior art different approach.
  • the mobile units (“keys") are variably programmable and equipped with means of communication and storage means. Is in them the information can be stored and reprogrammed, which contains valid, missing information or wrong authorization decides. They are as the active ones communicative components trained and have, for example Energy supply. To release through the fixed units too received, the mobile units can obtain a certificate from a central office to transfer. This includes, for example, a code that is sent to the stationary unit passed and verified by this on the basis of stored information becomes.
  • Key-specific is meant to mean that everyone is physically present is verified differently, for example by adding data with one in a non-rewritable Key identification number stored in the data memory as 'seed number' is encrypted). Access authorizations are therefore not allowed in assigned on the basis of electronic data with the key as a data carrier, but the key is also physically a security element, and that individually.
  • the stationary units (“locking cylinders"), however, are exempt from the task manage the information about access authorizations etc.
  • the handover of a Codes that decide on access authorization from the mobile unit to the Fixed unit is done offline. That it is not necessary that during the Verification of the fixed or the mobile unit with a central in Communication connection is established.
  • the invention thus includes security elements in three components involved: The control center that manages the access authorizations, the key that is provided with characteristic information and the lock cylinder, in which information is stored, based on which consistency is checked becomes. All of these three security elements are relevant. One cannot, for example, without proceed to the current authorization of the head office. You can't even do it once Manipulated certificate transferred to another key and gain access with it. After all, even a certificate cannot be in any way of gaining access for someone other than that Use the lock cylinder provided. It has to be coherent - not just from volatile codes, but the physical elements - all three Components prevail.
  • the invention combines maximum flexibility of systems with purely electronic keys - such as that of international ones Publication WO 93/21712 - with a high degree of certainty Manipulation attempts.
  • purely electronic keys such as that of international ones Publication WO 93/21712 -
  • a security element of traditional, mechanical locking systems In contrast to these is the security element but cannot be avoided by mechanical copying.
  • the offline regulation of the release has massive advantages.
  • a supply of the Fixed unit with current data is not absolutely necessary.
  • the whole System can be easily expanded with additional units.
  • the stationary Units also do not have to be connectable online to a central unit. Nevertheless, a dynamic, constantly adapted to the circumstances Access authorizations are managed. This is an advantage in terms to the application examples mentioned at the beginning, where access to possibly very many objects with possibly difficult accessibility must be regulated.
  • the condition that the verification is key-specific is an important one Prerequisite for ensuring the security of the system. For example, at the electronic security systems described at the outset on a The existing information is copied to another data carrier and the latter are then manipulated, for example, around the 'time window' condition overcome. A manipulator only has to access at some point have had a key to then possibly much later and undetected To be able to make manipulations. This is the case with an inventive No action possible. If the information available on a key to another data carrier - e.g. to another stolen key - copied, they are worthless. In addition, the key-specific allows Verification also a clear logging of the lock cylinder side Access.
  • the keys are the active units of the system according to the invention
  • the security is not based solely on one Key transmitted code that must be correct and then by virtue of its coherence authorized to access, as is known from the prior art.
  • the locking cylinder must be based on Key characteristic data and based on a certificate determine whether there is an authorization.
  • the Security elements are either programmed on one side in the locking cylinder or one-sided in the key, the concept of 'networked' applies here 'entangled' security: there must be a coherence between key - as Physically existing entity - certificate and lock cylinder available: only then can be released.
  • the method according to the invention and the corresponding system bring advantages In terms of variability. As explained, the system as a whole can do without anything Restructuring continuously adapted to the circumstances. Access authorizations can also be easily assigned to mobile units which were not previously part of the system. It follows immediately another advantage: the scalability. The system enables the management of very few or very many fixed and mobile units without the System architecture needs to be changed.
  • the system also allows the Transmission and administration of very simple access certificates as well as of complex, hierarchical certificates.
  • the fixed Units designed very simply and always the same and on the basis of always be programmed using the same algorithms.
  • Fixed units of the system according to the invention can be designed such that they can be easily installed in existing doors or cupboards, which previously were provided with standard locking cylinders. This represents a major and decisive advantage in comparison to existing processes and systems, which introduce a variable, i.e. dynamic control of the access regime to attempt.
  • the invention thus offers an implementation and handling very simple solution for the task at hand.
  • the fixed units do not have up-to-date access authorization information upgradeable and therefore not networked at all.
  • the mobile units Energy supply means for example a battery.
  • the Power supply to the stationary units during access control can then done through the keys.
  • the mobile units don't even have to hang on the mains. Maintenance of the stationary units, for example Replacing batteries etc. is hardly necessary.
  • the certificates to be transmitted by a central unit can vary be designed. In a simple version of the invention, they only consist of the code which the stationary unit must recognize, as well as, for example Time window or an access quota.
  • a time window defines a certain time during which access is possible.
  • An access quota determines a certain one Number of accesses that are granted (for example, a single access ) Grants.
  • the code becomes bswp. transferred encrypted to the stationary unit, where a key-specific data (ID) for the decryption as, Seed Number 'can be used.
  • ID key-specific data
  • the certificate can also contain further information. Examples of such Data is an authorization hierarchy in more complex systems, but in the Contrast to conventional systems not through the key mechanism is implemented. For example, at the same time as an access authorization an access authorization for a certain object is automatically included associated objects of a lower hierarchical level.
  • the certificate can also include object identification and key identification.
  • An object identification can be used as an unchangeable and unique object identification symbol be formed, the object or the fixed unit can be clearly assigned. For example, it is set so that it doesn't even can be changed by a central unit.
  • the object identifier can serve to prevent tampering with the lock cylinders, e.g. cannot be monitored by a central unit.
  • a key identification mark is used to identify the keys and ensure that the certificates are transmitted to the desired mobile unit become.
  • the key identification sign does not have to be sent to the Lock cylinders are handed over.
  • no information has to flow from the locking cylinder to the key.
  • the key After receiving the certificate, the key then transmits an encrypted code, assigned to the locking cylinder and stored in it, together with the key-specific data (ID).
  • ID the key-specific data
  • the code to be transmitted can also be present instead of a fixed character as a function value f ID (A, t) of an essentially irreversible function of time and a function parameter A, where A characterizes the locking cylinder.
  • the key is only transmitted f ID (A, t), it has no possibility to determine A.
  • f ID (A, t) is also calculated for verification; if it is correct, it is released.
  • the Access regime in a two-step authorization process gets a certificate from the central unit, which gives him access to an object or a group of objects.
  • the certificate can also regulate that the key has only a limited access window or access quota is allocated. If the key comes into contact with a locking cylinder, in In a first step, a character identifying the locking cylinder from Lock cylinder transmitted to the key. This then checks against the in certificates available to him - he may have received more than one certificate and save - whether he has access to the object with this locking cylinder is justified. If this is not the case, the key remains passive and transmitted For example, no further information to the locking cylinder. If a certificate from If the key is in the affirmative, the key is transmitted as the second stage of the Proceed the code to the lock cylinder, whereupon the code is correct Approves access.
  • the central unit 1 is the control entity. For example, it can be identical to a control center of a monitoring company using the system according to the invention, a distribution company, etc. It can be operated by persons or implemented as software. It has means for communication with the mobile units 2 (hereinafter: keys).
  • the mobile units each have an energy source or an energy store as well as data processing and data storage means. In addition, they are equipped with communication means for transmitting data to the fixed units 3 (locking cylinders).
  • the term "stationary" means in the context of this application that the units are essentially stationary in operation in relation to an object to be secured. The term does not exclude that the locking cylinders are attached to a mobile object (vehicle, ship, etc.) nor that they can be transported from one object to another for assembly.
  • the object in which the stationary units are integrated is shown in the drawing symbolizes a box 4.
  • the stationary units 3 can, for example, externally as conventional lock cylinders should be designed and replace them. she have storage means and a data processing and transmission unit for Communication with the keys. However, both the integration of Energy sources or storage as well as the writeability of the storage optional and only available depending on the design of the system.
  • Each key 2 has, for example, an identification character K.
  • This Identification character K can also be used as a key-specific data record (ID) in of the type described above are used; but he can also from this to be different.
  • ID key-specific data record
  • the Key transmitted from this identifier.
  • the head office it is on determined or determined whether the holder of the key is authorized for has or should have access to the property. If access is to take place, then a certificate Z with the authorization code A (hereinafter mostly briefly called code) to the key.
  • code A in the certificate is always contained in a fixed package with the key identification character K included. (Then this is preferred not identical to the key-specific data record (ID)). This ensures that the code A only if the key identification for access is correct can justify. Code A is passed to the locking cylinder and there Verified. Then, if necessary, an approval is given.
  • the code is always accompanied by a Object identification O transmitted.
  • This serves as a clear and unchangeable Object identification mark and the lock cylinder together with the Pass code A for verification.
  • it is in the object implements that it cannot be changed by reprogramming.
  • the means of communication, via which data are transmitted between the central unit and the key, can be designed differently.
  • 2 shows a mobile communication apparatus 5 is shown schematically in addition to the components of FIG. 1
  • This has a modem or another means of communication for communication over a data network, for example the Internet. It can be designed, for example, as a battery-operated, portable device or installed in a vehicle or the like. It can exchange information with the key without contact via a radio frequency connection. Alternatively, there can also be a direct (cable, etc.) connection between the key 2 and the transmission device 5.
  • the transmission device can also be integrated in key 2.
  • FIG. 2 also shows how the above-mentioned object identification symbol O is handled, the transmission device of course not being able to be used only in systems that use the object identification symbol.
  • the key has a key blade 2.1, which can be worked out like conventional keys and has, for example, the mechanical coding of a passkey. It can also be configured differently and, for example, have no mechanical coding at all. Depending on the design of the locking cylinder, the locking system could also function without contact and the key therefore could have no key blade at all.
  • the key has a circuit board 2.2 on which processor means 2.3 and conductor tracks 2.4 and possibly additional electronic components are attached.
  • energy supply means 2.5 ie a battery, are arranged in the key. The battery, printed circuit board and conductor tracks are arranged so that the battery can supply the processor means with electrical energy.
  • the key also has a contact path 2.6 for communication, with a locking cylinder and / or for its energy supply. Furthermore, communication means 2.7 are also available, with which data can be exchanged without contact with a transmission device or cylinder.
  • FIG. 4 shows a diagram which shows some elements of a system according to the invention and their interaction.
  • a central unit 1, a transmission device 5, a key 2 and a locking cylinder 3 are shown in the figure.
  • the data transmission device, the key and the locking cylinder each have a processor unit 5.3, 2.3 or. 3.3. and a data storage and encryption unit 5.9, 2.9 respectively. 3.3.
  • the processor unit and / or the data storage and encryption unit can, for example, be manufactured in a manner known per se. For example, you can include a LEGIC® security module, which is only mentioned here as an example.
  • 3.3 are connected means 5.7, 2.7 respectively. 3.7 for contactless communication.
  • the key has energy supply means 2.5.
  • the energy supply means supply the microprocessor unit 2.3 and a timer 2.8 connected to it.
  • the transmission of data from the central unit to the transmission device takes place, for example, with known and common data transmission lines, Interface protocols, etc. with the help of the Internet.
  • the data transmission is preferably encrypted.
  • the channel for that Transfer of data between the software 1.1 of the central unit 1 and the Transmission device 5 is symbolized in the figure by a double arrow 11.
  • the microprocessor interface 12 is used for synchronization the microprocessors 5.3, 2.3 of the transmission device and the key.
  • the time is an important parameter in regulating the access regime, for example if only a time window for access is available. It can also be significant with regard to data and manipulation security, like that with examples will be explained.
  • the program interface 13 is used to exchange the mentioned data.
  • the program interface and the microprocessor interface need not to use physically different data transmission channels.
  • the data interface 14 is used to transfer data from the key to the Lock cylinder and possibly also in the opposite direction from Lock cylinder on the key. Via the power interface 15 Lock cylinder with the during the handover of the certificate to the Lock cylinder and electrical energy required during verification provided. This can be done continuously or at the beginning of the action in a short-term energy store of the locking cylinder.
  • FIG. 5 shows a central unit 1, some keys 2 and some objects 4 with locking cylinders 3.
  • the central unit 1 has information that is used to control the whole Enable the system.
  • two databases 1.1 and 1.2 are symbolic shown.
  • the first database contains updated information about the Objects, the second database 1.2 about the keys.
  • Each key and each lock cylinder can be identified using a corresponding identification symbol K i or P i .
  • the data about the objects can have a data structure which reflects the relationships between the objects.
  • a very simple example is shown in the figure:
  • the objects with the identification P 3 , P 4 and P 9 are, for example, parts of a superordinate structure.
  • the object P 9 is arranged in a simple model in an inner circle (superordinate), the objects P 3 and P 4 in an outer circle (subordinate).
  • the object P 9 can be a safe, which is in a room to be reached through doors P 3 and P 4 .
  • Access to the object in the inner circle requires access to an object in the outer circle, but not the other way around. This hierarchical relationship is reflected in the data in the central unit.
  • the key holders perform different functions and are therefore also equipped with different certificates: one security guard may only get access to subordinate objects, but in many different structures, a branch manager has access to all objects of a single Structure.
  • the object database 1.1 contains hierarchy archetypes B ;.
  • the hierarchy archetypes can, for example, directly contain the code A of the hierarchically subordinate objects.
  • Hierarchies corresponding to the hierarchy archetypes are adopted in the certificates.
  • the key database 1.2 contains certificate archetypes C i .
  • a security guard always has access to the same objects, but only once a night.
  • the certificates Z are produced on the basis of the archetypes and possibly current data.
  • the certificate archetypes contain, for example, references to hierarchy archetypes and not the entire content of the certificate archetypes.
  • individual elements of the archetypes can even be created in the key itself. But you definitely have to go through one of the central unit transmitted certificate can be activated.
  • Steps a, cf, i and j are the same as in example 1, but the certificate does not contain the actual code A but a value f ID (A, t 0 ), where t 0 is a point in time at which the key holder is authorized to access is.
  • the processor means of the locking cylinder are supplied with the current time t by a timer 2.8 in the key.
  • the comparison then takes place between f ID (A, t 0 ) and f ID (A, t).
  • the condition to be fulfilled for an approval can be that the difference between the values f ID (A, t 0 ) and f ID (A, t) does not exceed a certain threshold value, the function f then having to be continuous and standardized.
  • the authorization is given not only at a time t 0 (or in a time window surrounding it) but also periodically, for example daily at a certain time.
  • a value f ID (A, t 0 ) is transmitted, where n represents the number of times the key holder has had access so far.
  • this example works analogously to a strike list principle.
  • the certificate is issued by the central unit transmitted without a previous request signal. For example, be useful if the key holder is a security guard or a Suppliers heard and at the same time with the authorization from the headquarters Unit an order is issued.
  • the holder of the key goes to the object to which he has access would like to.
  • a first step he puts the key in the lock cylinder Object.
  • the key will not have a certificate that it authorized to access the property, and there is no release.
  • the locking cylinder passes on information that characterizes it - for example Object identification symbol O - to the key. This transmits the Characteristic information to the head office, for what if necessary Communication module as the mobile transmission device 5 is used.
  • the head office decides whether the key holder is at a time one-time access. This can be done in an unmanned headquarters based on table values or other characteristics.
  • the control center can provide additional security - possibly automated - to the suspected Call the holder of the key, e.g. on his cell phone, and his identity and Check intentions.
  • An unmanned control center can check the identity, by it and a certain statement - for example an agreed code word - from him polls and the voice of the called party with saved voice recordings compares. Then the head office sends a certificate to the key, and it is as in one of the examples discussed above.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Lock And Its Accessories (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
EP02406101A 2001-12-21 2002-12-16 Méthode pour contrôler les droits d'accès à un objet Expired - Lifetime EP1321901B1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CH234701 2001-12-21
CH23472001 2001-12-21

Publications (3)

Publication Number Publication Date
EP1321901A2 true EP1321901A2 (fr) 2003-06-25
EP1321901A3 EP1321901A3 (fr) 2005-09-07
EP1321901B1 EP1321901B1 (fr) 2010-04-07

Family

ID=4568704

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02406101A Expired - Lifetime EP1321901B1 (fr) 2001-12-21 2002-12-16 Méthode pour contrôler les droits d'accès à un objet

Country Status (3)

Country Link
EP (1) EP1321901B1 (fr)
AT (1) ATE463810T1 (fr)
DE (1) DE50214332D1 (fr)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1643457A1 (fr) * 2004-10-04 2006-04-05 SimonsVoss Technologies AG Serrure à combinaisons multiples et procédé de fonctionnement du serrure à combinaisons multiples.
EP1699019A3 (fr) * 2005-03-03 2006-11-29 EVVA Sicherheitssysteme GmbH Système de contrôle d'accès
EP2821970A1 (fr) * 2013-07-05 2015-01-07 Assa Abloy Ab Dispositif de communication de commande d'accès, procédé, programme informatique et produit de programme informatique
CN105556575A (zh) * 2013-07-05 2016-05-04 亚萨合莱有限公司 钥匙装置和关联的方法、计算机程序以及计算机程序产品
EP3300036A1 (fr) * 2016-09-26 2018-03-28 Aug. Winkhaus GmbH & Co. KG Installation électronique de fermeture et procédé de fonctionnement d'une installation électronique de fermeture
EP3506216A1 (fr) * 2017-12-28 2019-07-03 Netatmo Serrure intelligente à économie d'énergie présentatn une clé électromécanique
EP2348490B1 (fr) * 2009-12-22 2020-03-04 9Solutions Oy Système de contrôle d'accès
EP3716230A1 (fr) 2019-03-29 2020-09-30 Antoine Decayeaux Dispositif d'ouverture et de fermeture de porte avec controle d'acces, systeme integrant un tel dispositif, et procede correspondant
EP3739554A1 (fr) * 2019-05-16 2020-11-18 EVVA Sicherheitstechnologie GmbH Procédé de fonctionnement d'un système de contrôle d'accès ainsi que système de contrôle d'accès
NL2024201B1 (en) * 2019-11-08 2021-07-20 Kibba Ip B V Space access control module and remote key provisioning system
FR3132374A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
FR3132373A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
FR3132372A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
EP4038583A4 (fr) * 2019-10-03 2023-11-08 Swedlock AB Ensemble cadenas électromécanique

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5506905A (en) * 1994-06-10 1996-04-09 Delco Electronics Corp. Authentication method for keyless entry system
CA2167631A1 (fr) * 1995-01-20 1996-07-21 W. Dale Hopkins Methode et appareil d'authentification d'utilisateurs et de dispositifs de securite
US6097306A (en) * 1996-12-03 2000-08-01 E.J. Brooks Company Programmable lock and security system therefor
DE69924349T2 (de) * 1999-01-28 2006-02-09 International Business Machines Corp. Elektronisches Zugangskontrollsystem und Verfahren

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1643457A1 (fr) * 2004-10-04 2006-04-05 SimonsVoss Technologies AG Serrure à combinaisons multiples et procédé de fonctionnement du serrure à combinaisons multiples.
EP1699019A3 (fr) * 2005-03-03 2006-11-29 EVVA Sicherheitssysteme GmbH Système de contrôle d'accès
EP2348490B1 (fr) * 2009-12-22 2020-03-04 9Solutions Oy Système de contrôle d'accès
US10192380B2 (en) 2013-07-05 2019-01-29 Assa Abloy Ab Key device and associated method, computer program and computer program product
US9858740B2 (en) 2013-07-05 2018-01-02 Assa Abloy Ab Access control communication device, method, computer program and computer program product
CN105556575A (zh) * 2013-07-05 2016-05-04 亚萨合莱有限公司 钥匙装置和关联的方法、计算机程序以及计算机程序产品
JP2016527779A (ja) * 2013-07-05 2016-09-08 アッサ アブロイ アーベーAssa Abloy Ab アクセス制御通信装置、方法、コンピュータプログラムおよびコンピュータプログラム製品
US9595148B2 (en) 2013-07-05 2017-03-14 Assa Abloy Ab Access control communication device, method, computer program and computer program product
US9704321B1 (en) 2013-07-05 2017-07-11 Assa Abloy Ab Key device and associated method, computer program and computer program product
AU2014286137B2 (en) * 2013-07-05 2017-10-12 Assa Abloy Ab Key device and associated method, computer program and computer program product
EP2821970A1 (fr) * 2013-07-05 2015-01-07 Assa Abloy Ab Dispositif de communication de commande d'accès, procédé, programme informatique et produit de programme informatique
EP2821970B1 (fr) 2013-07-05 2016-04-27 Assa Abloy Ab Dispositif de communication de commande d'accès, procédé, programme informatique et produit de programme informatique
US10019861B2 (en) 2013-07-05 2018-07-10 Assa Abloy Ab Access control communication device, method, computer program and computer program product
AU2014286214B2 (en) * 2013-07-05 2018-08-30 Assa Abloy Ab Access control communication device, method, computer program and computer program product
WO2015001009A1 (fr) * 2013-07-05 2015-01-08 Assa Abloy Ab Dispositif, procédé, programme d'ordinateur et produit programme d'ordinateur de communication de commande d'accès
US10282930B2 (en) 2013-07-05 2019-05-07 Assa Abloy Ab Access control communication device, method, computer program and computer program product
EP3300036A1 (fr) * 2016-09-26 2018-03-28 Aug. Winkhaus GmbH & Co. KG Installation électronique de fermeture et procédé de fonctionnement d'une installation électronique de fermeture
EP3506216A1 (fr) * 2017-12-28 2019-07-03 Netatmo Serrure intelligente à économie d'énergie présentatn une clé électromécanique
CN110029881A (zh) * 2017-12-28 2019-07-19 尼特莫公司 具有带有省电的电动机械钥匙的智能锁
EP3716230A1 (fr) 2019-03-29 2020-09-30 Antoine Decayeaux Dispositif d'ouverture et de fermeture de porte avec controle d'acces, systeme integrant un tel dispositif, et procede correspondant
EP3739554A1 (fr) * 2019-05-16 2020-11-18 EVVA Sicherheitstechnologie GmbH Procédé de fonctionnement d'un système de contrôle d'accès ainsi que système de contrôle d'accès
EP4038583A4 (fr) * 2019-10-03 2023-11-08 Swedlock AB Ensemble cadenas électromécanique
US12247416B2 (en) 2019-10-03 2025-03-11 Swedlock Ab Electromechanical lock assembly
NL2024201B1 (en) * 2019-11-08 2021-07-20 Kibba Ip B V Space access control module and remote key provisioning system
FR3132374A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
FR3132373A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
FR3132372A1 (fr) 2022-02-03 2023-08-04 Cogelec Procédé de contrôle d’accès à des bâtiments
EP4224441A1 (fr) 2022-02-03 2023-08-09 Cogelec Procédé de contrôle d accès à des bâtiments
EP4224442A1 (fr) 2022-02-03 2023-08-09 Cogelec Procédé de contrôle d accès à des bâtiments
EP4224443A1 (fr) 2022-02-03 2023-08-09 Cogelec Procédé de contrôle d'accès à des bâtiments

Also Published As

Publication number Publication date
DE50214332D1 (de) 2010-05-20
EP1321901B1 (fr) 2010-04-07
EP1321901A3 (fr) 2005-09-07
ATE463810T1 (de) 2010-04-15

Similar Documents

Publication Publication Date Title
EP2691940B1 (fr) Gestion de droits d'accès à des données de fonctionnement et/ou de commande de bâtiments ou complexes de bâtiments
EP2013811B1 (fr) Procédé et dispositif pour pseudonymiser des données numériques
EP1321901B1 (fr) Méthode pour contrôler les droits d'accès à un objet
DE102014101495B4 (de) Verfahren zum Zugang zu einem physisch abgesicherten Rack sowie Computernetz-Infrastruktur
EP1942466A2 (fr) Dispositif de communication, d'accès et de surveillance ainsi que procédé de communication, d'accès et de surveillance
WO2009094683A1 (fr) Procédé et dispositif de commande du contrôle d'accès
DE102007005638A1 (de) Verfahren zur Autorisierung des Zugriffs auf mindestens eine Automatisierungskompente einer technischen Anlage
DE69804120T2 (de) Verfahren und vorrichtung zum überwachen von räumen
EP3427237A1 (fr) Procédé pour contrôler l'accès à des dispositifs pouvant être commandés par voie électronique
EP3596709A1 (fr) Procédé de contrôle d'accès
DE102021105701B4 (de) Notlichtbeleuchtungsanlage mit zentral abgelegten und verwalteten Anlagendaten
EP0559605B1 (fr) Système d'identification de personnes
EP4216489A1 (fr) Procédé de modification d'une clé d'accès réelle dans un appareil de terrain de la technique d'automatisation
EP1299817A2 (fr) Systeme de service d'informations
EP1821262A2 (fr) Système de contrôle d'autorisations de personnes à exécuter des activités autorisées
DE102010019467A1 (de) Kontaktlos arbeitendes Zugangssystem
DE2635180B2 (de) Verfahren zur elektronisch gesteuerten Freigabe von Tür-, Safe- und Funktionsschlössern unter Verwendung elektronisch codierter Schlüssel sowie Schaltungsanordnung zur Durchführung des Verfahrens
WO2022180088A1 (fr) Procédé d'installation d'une pluralité de composants de porte
EP4195171A1 (fr) Système de distribution des outils, procédé de gestion et de distribution des outils et utilisation d'une serrure électronique
DE10144936A1 (de) Verfahren zur Prüfung der Zugangsberechtigung
BE1030391B1 (de) Dienstleister-Kunden-Kommunikationssystem mit zentraler Datenspeicherung und -verwaltung, integriertem-synchronisiertem Zeiterfassungssystem sowie lokalen Terminals
WO2006056085A1 (fr) Installation de contrôle d'accès munie de plusieurs dispositifs de fermeture
DE102024105386B3 (de) Smart Meter Gateway mit nachträglich aktivierbarer Netzwerkmanagement-Funktionalität und Verfahren zur nachträglichen Aktivierung einer Netzwerkmanagement-Funktionalität eines Smart Meter Gateways
AT502458B1 (de) Zutrittskontrollanlage
AT13608U1 (de) Verfahren und Vorrichtung zur Steuerung der Zutrittskontrolle

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO

17P Request for examination filed

Effective date: 20060306

AKX Designation fees paid

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SI SK TR

17Q First examination report despatched

Effective date: 20060724

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SI SK TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: LANGUAGE OF EP DOCUMENT: GERMAN

REF Corresponds to:

Ref document number: 50214332

Country of ref document: DE

Date of ref document: 20100520

Kind code of ref document: P

REG Reference to a national code

Ref country code: CH

Ref legal event code: NV

Representative=s name: FREI PATENTANWALTSBUERO AG

REG Reference to a national code

Ref country code: NL

Ref legal event code: T3

REG Reference to a national code

Ref country code: SE

Ref legal event code: TRGR

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

REG Reference to a national code

Ref country code: IE

Ref legal event code: FD4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100718

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100708

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100809

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

26N No opposition filed

Effective date: 20110110

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

BERE Be: lapsed

Owner name: KABA A.G.

Effective date: 20101231

REG Reference to a national code

Ref country code: NL

Ref legal event code: V1

Effective date: 20110701

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101231

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20101216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101216

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20110831

REG Reference to a national code

Ref country code: SE

Ref legal event code: EUG

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101217

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101231

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20110103

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20110701

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100407

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: CH

Payment date: 20121114

Year of fee payment: 11

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: AT

Payment date: 20121212

Year of fee payment: 11

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100707

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

REG Reference to a national code

Ref country code: AT

Ref legal event code: MM01

Ref document number: 463810

Country of ref document: AT

Kind code of ref document: T

Effective date: 20131216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131231

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131231

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131216

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20211210

Year of fee payment: 20

REG Reference to a national code

Ref country code: DE

Ref legal event code: R071

Ref document number: 50214332

Country of ref document: DE