EP1626372A1 - Méthode et système de contrôle d'accès et les dispositifs associés - Google Patents

Méthode et système de contrôle d'accès et les dispositifs associés Download PDF

Info

Publication number
EP1626372A1
EP1626372A1 EP04405504A EP04405504A EP1626372A1 EP 1626372 A1 EP1626372 A1 EP 1626372A1 EP 04405504 A EP04405504 A EP 04405504A EP 04405504 A EP04405504 A EP 04405504A EP 1626372 A1 EP1626372 A1 EP 1626372A1
Authority
EP
European Patent Office
Prior art keywords
time
authorization
user
bit
code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04405504A
Other languages
German (de)
English (en)
Inventor
Hugo Straumann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Swisscom AG
Original Assignee
Swisscom AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Swisscom AG filed Critical Swisscom AG
Priority to EP04405504A priority Critical patent/EP1626372A1/fr
Publication of EP1626372A1 publication Critical patent/EP1626372A1/fr
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • G07C2009/00793Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by Hertzian waves
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/00865Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication

Definitions

  • the present invention relates to an electronic authorization control method, an electronic authorization control system and devices suitable therefor.
  • the present invention relates to an electronic authorization control method and an electronic authorization control system in which an authorization of a user at a current time is checked on the basis of authorization data of the user.
  • the present invention also relates to a mobile electronic terminal, an electronic access control device, a computerized authorization center, and a computer program product suitable for executing the electronic authorization control and authorization control system.
  • Methods and systems for controlling a time-dependent authorization of a user are known both in access control to buildings and premises and in access control to computer systems and networks.
  • the user is assigned credentials that define the user's time-dependent permissions.
  • the authorization data is stored, for example, in a centralized database of an authorization control system, in an access control device or on a mobile data carrier of the user. In the authorization control, both the authorization data and information about the current time are taken into account.
  • the authorization data are transmitted from the authorization center via a mobile radio network to the user's mobile telephones and stored there, according to EP 1 336 937 .
  • the authorization data according to EP 1 336 937 are preferably transmitted wirelessly by the mobile telephone of a user to the access control device, where the time-dependent access authorization of the user is determined there on the basis of the current time and the received authorization data.
  • the transmission channels used and / or transmission protocols only allow the transmission of a highly limited amount of data, for example, the standardized SMS short messages (Short Messaging Services) in GSM mobile networks (Global System for Mobile Communication ) is limited to 160 characters (bytes).
  • This restriction also limits the possible complexity of the authorization data to be transmitted for time-dependent user authorizations if multiple transmissions and complex algorithms are to be prevented during the authorization checks. In other words, if complex and flexible design of time-dependent user privileges is to be possible, this requires increased complexity of authorization control, which puts a greater burden on the processor performance and program memory required for this purpose.
  • the present invention proposes an electronic authorization control method, a system for the electronic authorization control and suitable devices, by means of which a user's authorization is controlled at a current time on the basis of authorization data of the user, on the one hand a complex and flexible design of time-dependent user permissions and on the other hand an easy-to-execute control of the user's permission will be enabled.
  • the current time at which the authorization of a user is controlled is mapped to several time units of different significance, wherein for the time units in a time code each time unit area is provided, wherein Time unit range for each possible value of the time unit an information bit is provided, and wherein the value of the current time in the time code is mapped by setting one of the information bits for each of the time units in the associated time unit area.
  • time units for example, years, months, days of the month, weeks, days of the week, day hours and / or minutes units are used.
  • the authorization data are generated with one or more bitmasks, which bitmasks determine the authorization of the user for the possible values of one of the time units.
  • the bitmasks each include one bit for indicating the user's authority for each possible value of one of the time units.
  • weekdays ⁇ monday, tuesday, wednesday, thursday, friday, saturday, sunday ⁇
  • a general authorization for the weekdays "tuesday” and "wednesday” can be defined for the user by the bitmask "0000110”.
  • the authorization of the user is controlled by logically linking the time code with the bit masks.
  • the proposed coding of the value of the current time and the use of the proposed bit masks for the coding of the user authorizations allows extremely simple checking of time-dependent user authorizations by elementary logic operations such as Boolean "AND” or "OR” operations.
  • the proposed encoding of the user authorizations based on bit masks for the possible values of multiple time units of different significance also allows a very flexible, compact and detailed coding of time-dependent user permissions, the time-dependent user permissions are nested, overlapping and periodically definable and over large periods of, for example, several Years can extend.
  • the authorization data is generated in a computerized authorization center and transmitted by the authorization center wirelessly to a mobile electronic terminal of the user.
  • the time code is preferably generated in an electronic access control device and transmitted from the access control device to the mobile terminal of the user.
  • the logical combination of the time code with the bit masks is preferably carried out in the mobile terminal of the user and a result of the logical link is transmitted from the mobile terminal to the access control device.
  • the authorization data does not have to be transmitted via the wireless interface between the mobile terminal and the Access control device are transmitted.
  • the access control device can be made simpler, since it does not have to perform the logical combination of the time code with the bit masks.
  • codes are inserted in the authorization data, which codes determine how the bit masks are logically linked to time unit areas of the time code. This enables flexible and compact encoding of the authorizations.
  • the authorization data is generated with a plurality of bit masks, whereby preferably time unit codes each assigned to a bit mask are inserted into the authorization data.
  • the time unit codes indicate the weight of the time unit for which time unit the associated bit mask determines the authorization of the user.
  • the bitmasks are each logically linked to the time unit area determined by the associated time unit code.
  • the authorization data is generated with multiple bitmasks, wherein different groups of bitmasks determine user permissions for different timeslots, and rule codes are inserted between the groups in the authorization data.
  • the rule codes determine how a first result, from a logical combination of bitmasks of a first group with the time code, and a second result, from a logical combination of bitmasks of a second group with the time code, are to be logically linked.
  • the proposed rule codes make it easy to define time-nested user permissions.
  • compression codes each assigned to a bit mask are inserted into the authorization data.
  • the compression codes specify whether authorization of the user is finally determined by the assigned bit mask or whether further bit masks have to be taken into account.
  • the proposed compression codes enable a particularly simple and compact encoding of the user authorizations, if depending on the respective user permissions for certain time unit ranges on bit masks can be dispensed with.
  • reference numeral 1 denotes a mobile electronic terminal having a communication module 11 for wireless data exchange with a computerized authentication center 3 via the telecommunication network 2.
  • the mobile terminal 1 is, for example, a mobile phone, a personal digital assistant (PDA) computer or mobile notebook or laptop computer.
  • the telecommunications network comprises a mobile radio network, for example a GSM (Global System for Mobile Communication), a Universal Mobile Telephone System (UMTS) or another, such as a satellite-based mobile network, or a Wireless Local Area Network (WLAN).
  • the mobile terminal 1 additionally comprises a communication module 12 for wireless data exchange with the electronic access control device 4.
  • the communication module 12 preferably comprises an infrared (eg IrDA) or radio-based (eg Bluetooth) device interface.
  • the mobile terminal 1 also comprises a control module 13, which is preferably designed as a programmed software module for controlling a processor of the mobile terminal 1.
  • the control module 13 is executed, for example, on a processor of a SIM card (Subscriber Identity Module), which is removably connected to the mobile terminal 1.
  • SIM card Subscriber Identity Module
  • the function of the control module 13 will be discussed later, but those skilled in the art will understand that the control module 13 may also be partially or completely hardware implemented.
  • the authorization center 3 comprises one or more computers each having one or more processors, a communication module 32 for data exchange with the mobile terminal 1 (eg by means of SMS messages), a user database 31 and a coding module 33.
  • the coding module 33 is preferably a programmed software module to control a processor of the authorization center 3 executed. The function of the coding module 33 will be discussed later, but the person skilled in the art will understand that the coding module 33 can also be executed partially or completely in terms of hardware.
  • the access control device 4 includes a communication module 41 for wireless data exchange with the mobile terminal 1.
  • the access control device 4 also includes a time determination module 42 for determining the value of the current time including date and time, such as an electronic clock.
  • the access control device 4 comprises a time mapping module 43, preferably as a programmed Software module for controlling a processor of the access control device 4 is executed.
  • the function of the time map module 43 will be discussed below, but those skilled in the art will understand that the time map module 43 may also be implemented partially or fully hardware.
  • the above-mentioned functional modules are preferably implemented on one or more separate computer program products, each comprising a computer-readable medium, wherein the programmed software modules, that is the computer program code means of the functional modules , are included.
  • the computer program code means of the coding module 33, the control module 13 and the time map module 43 are each stored on a different data carrier, for example.
  • the computer program code means of the functional modules control the processors of the electronic authorization control system as described below, wherein the system comprises at least one authorization center 3, at least one mobile terminal 1 and at least one access control device 4.
  • the time map module 4 is set up to map the current time determined by the time determination module 42 to a plurality of time units of different significance.
  • a time unit area is provided for the time units in a time code, and an information bit is provided in each time unit area for each possible value of the time unit.
  • the value of the current time is mapped in the time code by setting one of the information bits for each of the time units in the associated time unit area.
  • the time units of different valence are years, months, days of the month, weeks, days of the week, hours of the day and units of minutes. Depending on the application requirement, millennium, century, Decade or even seconds can be used as additional time units.
  • the possible values for the time units millennium, century, decade and year include the values ⁇ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 ⁇ .
  • ten bits of information are each provided, with the value "0" assigned to the least significant bit and the value "9" to the highest significant bit.
  • the current value of the year "4" is coded by the information bits "0000010000”.
  • the ten information bits are stored as least significant bits in a time unit area of two bytes, with the unused bits set to "1". For the current value of the year "4", this results in the value "11111100 00010000", which is expressed in hexadecimal form as "FC 10".
  • the possible values for the unit of time month are ⁇ January, February, March, April, May, June, July, August, September, October, November, December ⁇ .
  • twelve bits of information are provided for the map of the current month, with the value "January” assigned to the least significant bit and the value "December” to the highest significant bit.
  • the current value of the month "May” (5) is coded by the information bits "000000010000”.
  • the twelve information bits are stored as least significant bits in a time unit area of two bytes, with the unused bits again set to "1". For the current value of the month "May”, this results in the value "11110000 00010000", which is expressed in hexadecimal form as "F0 10".
  • the possible values for the unit of time monthdays include the values ⁇ 1, 2, 3, ... 31 ⁇ .
  • the picture of the current month will become thirty-one bits of information are provided, with the value "1" assigned to the least significant bit and the value "31" to the highest significant bit.
  • the current value of the month "20” is coded by the information bits "000000000001000000000000000”.
  • the thirty-one bits of information are stored as least significant bits in a time unit area of four bytes, with the unused bits set to the value "1".
  • the value "10000000 00001000 00000000000000000000” is obtained, which is expressed in hexadecimal form as "80 08 00 00".
  • the possible values for the time unit days of the week include ⁇ Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday ⁇ .
  • seven bits of information are provided for mapping the current day of the month, with the value "Monday” assigned to the least significant bit and the value "Sunday” to the highest significant bit.
  • the current value of the Thursday “Thursday” is coded by the information bits "0001000”.
  • the seven information bits are stored as least significant bits in a one-byte unit time range, with the unused bit set to "1".
  • the value "10001000” is obtained, which is expressed in hexadecimal form as "88".
  • the possible values for the time unit hours include the values ⁇ 0, 1, 2, 3, ... 23 ⁇ .
  • twenty-four bits of information are provided, with the value "0" assigned to the least significant bit and the value "23" to the highest significant bit.
  • the current value of the hour "4" is coded by the information bits "000000000000000000010000".
  • the twenty-four bits of information are referred to as least significant bits stored in a time unit area of three bytes. For the current value of the hour "4", this results in the value "00000000 00000000 00010000", which is expressed in hexadecimal as "00 00 10".
  • the possible values for the time unit of minutes at a resolution of five minutes are ⁇ 0, 5, 10, 15, 20, 25, ... 55 ⁇ .
  • twelve bits of information are provided for mapping the current minute, with the value "0" assigned to the least significant bit and the value "55" to the highest significant bit.
  • the current value of the minute "17" (rounded “15") is coded by the information bits "000000001000”.
  • the twelve information bits are stored as least significant bits in a time unit area of two bytes, with the unused bits set to the value "1".
  • F0 08 hexadecimal form
  • the current time "May 20, 2004, 4 o'clock 17" is thus mapped by the time map module 4 without mapping the time units millennium, century and decade on a time code in the form of a bit string, the hexadecimal as "FC 10 F0 10 80 08 00 00 88 00 00 10 F0 08 ", whereby the order of year, month, day of the month, day of the week, hour and minute is observed with decreasing bit position value.
  • the coding module 33 is set up to generate authorization data for the wireless transmission to the mobile terminal 1 from the user authorization data stored in the user database 31.
  • the coding module 33 generates authorization data with at least one bit mask (for all years without further restrictions) but typically with multiple bit masks.
  • In the authorization data will be the individual Bitmasks each assigned a time unit code (notation "u").
  • the time unit codes indicate the unit of time or the value of the time unit for which the assigned bit mask determines the authorization of the user.
  • For the coding of the time unit code one byte suffices, into which, for example, the values ⁇ 0, 1, 2, 3,... N ⁇ are inserted for the identification of the different time units (the value of N depends on the number of different time units used become).
  • the bitmasks determine the authorization of the user for the possible values of the assigned time unit. That is, by setting or not setting a bit in the bitmask corresponding to a possible value of the assigned time unit, the user's authority for a time range is determined, the time period of the time range being determined by the assigned significance of the time unit, and the time of the time Time is determined by the relevant possible value of the assigned time unit or by the position of the bit in the bit mask.
  • bitmask associated with the time unit years by setting the bits for years 4, 5 and 6, resulting in the bit sequence "0001110000”, from which insert in two bytes, the bit mask "00000000 01110000” (hexadecimal "00 70") is formed.
  • bit sequence "0011111” from which the bit mask "00011111” (hexadecimal "1F") is formed in one byte.
  • the authorization data is constructed by the coding module 33 so that from left to right (ie from the highest priority bits to the Bits with the lowest digits), the bitmasks as stated above are listed according to the valency of the assigned unit of time from the highest to the lowest valency.
  • the bitmasks are also each assigned a compression code which indicates whether an authorization of the user is finally determined by the assigned bit mask or whether further bitmasks must be taken into account for the determination of the relevant authorization. For example, four bits may be provided for encoding the compression code.
  • a compression code with the value "1" indicates, for example, that at least one further bit mask follows with another condition (notation "c").
  • a compression code with the value "2" indicates, for example, that the respective authorization of the user is finally determined by the optionally preceding bit masks (which are assigned to time units with higher significance) and the subsequent bit mask (notation "a").
  • the subsequent bit mask not all bit masks for the time units of all weights have to be inserted in the authorization data for a user authorization. It is therefore sufficient to determine the maximum permissible time window and then specify the specific exception conditions.
  • the authorization data from the coding module 33 is typically formed with multiple bit masks.
  • the bitmasks and their associated unit codes and compression codes are separated by control codes from other bitmasks and their associated unit codes and compression codes.
  • different sets of bitmasks, each defining user permissions for different time windows are separated by special rule codes that are inserted between the groups in the authorization data.
  • the special rule codes determine, like a first result, from a logical one determine how a first result, from a logical combination of bit masks of a first group with the time code, and a second result, a logical combination of bit masks of a second group with the time code to be logically linked. For example, four bits can also be provided for the coding of the control codes.
  • rule code with the value "0" indicates, for example, that another bit mask follows the same group (rule code for separation with the notation ";”), wherein the further bit mask is assigned to a time unit with lower significance and taken into account for determining the authorization got to.
  • rule codes with the values "1" or “2" correspond to special rule codes that indicate that the subsequent bitmasks belong to a different, new set of bitmasks and designate user permissions for a different timeslot.
  • the special control code of value "1" indicates that the time window with the user permission determined by the subsequent group of bitmasks is to be added to the other user privileges defined by the authorization data (rule code for addition with the notation "+").
  • the special rule code with the value "2" indicates, for example, that the time window with the user authorization determined by the following group of bitmasks is to be subtracted from the further user authorizations defined by the authorization data as exception (non-authorization) (rule code for subtraction with the notation "). ").
  • the rule code with the value "3" finally indicates that the time window is completed with the user authorization determined by the previous group of bitmasks (rule code for termination with the notation "#").
  • Table 1 illustrates an example of the coding of authorization data by the coding module 33.
  • the authorization data comprises two groups of bitmasks separated by the addition "+” rule code.
  • the rule code for addition "+” corresponds to the rule code for addition "+"
  • the user authorizations defined by the two groups for the different time windows A and B are to be cumulated.
  • the group A comprises three bit masks b1, b2, b3, which are identified by the rule code for separation ";” are separated and each of which a time unit code "u” is assigned with a different significance of a unit of time.
  • the bit masks b1 and b2 are respectively associated with compression codes "c" indicating that another bit mask follows with a condition.
  • the bit mask b3 is assigned a compression code "a" which indicates that the user authorization defined by the bit masks b1 and b2 is finally determined taking into account the bit mask b3.
  • the group B comprises two bit masks b4 and b5, which are identified by the rule code for separation ";” are separated and each of which a time unit code "u” is assigned with a different significance of a unit of time.
  • the bitmask b4 is assigned a compression code "c” indicating that another bitmask follows with a condition.
  • the bit mask b5 is assigned a compression code "a” which indicates that the user authorization defined by the bit mask b4 is finally determined taking into account the bit mask b5.
  • the time unit codes "u" for year, hour, and minute, the Compression codes for "c" and "a”, as well as the special rule code for addition "+” used.
  • the user authorization is granted for all years and months with the restriction to the time window for the weekdays from Monday to Friday in the time window from 9:00 am to 6:00 pm, with the permission for the time window also being available for the weekdays from Monday to Friday from 8 o'clock for the minutes of the second half hour (8:30 o'clock to 8:59 o'clock) is granted.
  • the authorization data generated by the coding module 33 are transmitted from the authorization center 3 via the telecommunications network 2 to the mobile terminal 1 and stored there, for example on the SIM card.
  • the authorization data are preferably assigned to one or more access control devices.
  • the time code generated by the time map module 43 of the current time is wirelessly transmitted to the mobile terminal 1 and stored there.
  • the access control device 4 also transmits an identification of the access control device 4 wirelessly to the mobile terminal 1.
  • the data exchange between the access control device 4 and the mobile terminal 1 is preferably carried out with the aid of cryptographic means, for example encrypted and / or with challenge codes as described for example in EP 1 336 937.
  • the control module 13 determines the corresponding stored authorization data.
  • the control module 13 preferably performs a logical combination of the time code with the bit masks in the mobile terminal 1.
  • all the bitmasks of the authorization data belonging to a group are respectively logically linked to the corresponding time unit area of the time code received by the access control device 4. This means that a bit mask is linked to the time unit area which is determined by the time unit code assigned to the bit mask. Time unit ranges of the time code for which no corresponding bit mask is contained in the relevant group are ignored.
  • the individual groups of bitmasks in the authorization data are processed according to the notation from left to right.
  • the time code T includes the time unit ranges Y (year), M (month), MD (day of the month), WD (day of the week), H (hour) and M5 (minute unit with a resolution of five minutes).
  • the group G1 comprises the bit masks b11, b12, b13, b14, b15 and b16, which are each associated with the associated time unit ranges Y, M, MD, WD, H and M5 with a logical "AND" function.
  • bit masks b21, b22, b23, b24, b25 and b26 of the group Gm are associated with the associated time unit areas of the time code T.
  • bitmasks are assigned for all time unit ranges only for a better understanding of the logical processing, for the definition of authorizations this is typically not necessary, as already mentioned.
  • a match in a bit of the same significance (ie same position) between the bit mask and the time unit area is sufficient for a positive result for the respective bit mask or for the respective time unit range concerned. As shown in FIG.
  • the reference numeral 5 designates schematically all the groups G1,... Gm (notation “+”) to be added, whose output values 71, 7m are combined with a logical "OR” function and form the resulting output value 7.
  • reference numeral 6 schematically indicates all the groups Gn ...
  • cryptographic means are used, for example the formation of an electronic certificate as described in EP 1 336 937.
  • the access control device 4 gives a positive permission unlocks the access and, for example, opens a door lock or unlocks access to a network or computer system.
  • control of the authorization of the user described above by the control module 13 in an alternative embodiment can also be carried out in the access control device 4 by a corresponding functional module if the authorization data are transmitted to the access control device 4.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mobile Radio Communication Systems (AREA)
EP04405504A 2004-08-11 2004-08-11 Méthode et système de contrôle d'accès et les dispositifs associés Withdrawn EP1626372A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP04405504A EP1626372A1 (fr) 2004-08-11 2004-08-11 Méthode et système de contrôle d'accès et les dispositifs associés

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP04405504A EP1626372A1 (fr) 2004-08-11 2004-08-11 Méthode et système de contrôle d'accès et les dispositifs associés

Publications (1)

Publication Number Publication Date
EP1626372A1 true EP1626372A1 (fr) 2006-02-15

Family

ID=34932234

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04405504A Withdrawn EP1626372A1 (fr) 2004-08-11 2004-08-11 Méthode et système de contrôle d'accès et les dispositifs associés

Country Status (1)

Country Link
EP (1) EP1626372A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2016566A4 (fr) * 2006-04-28 2010-12-29 Sics Swedish Inst Of Comp Science Ab Système de commande d'accès et procédé permettant de le faire fonctionner
GB2543857A (en) * 2015-11-02 2017-05-03 Mgm Advantage Services Ltd Authorisation system
DE202021104535U1 (de) 2021-07-20 2021-09-08 Robert Bosch Gesellschaft mit beschränkter Haftung Zutrittskontrollanordnung und Lesemodul

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4080575A (en) * 1976-11-03 1978-03-21 Tokyo Jihoki Manufacturing Company, Limited Electronic time signalling device
WO1999040546A1 (fr) * 1998-02-09 1999-08-12 La Poste Protocole de controle d'acces entre une cle et une serrure electroniques
EP1336937A1 (fr) * 2002-02-13 2003-08-20 Swisscom AG Système de contrôle d'accès, methode de contrôle d'accès et dispositifs pour la mettre en oeuvre

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4080575A (en) * 1976-11-03 1978-03-21 Tokyo Jihoki Manufacturing Company, Limited Electronic time signalling device
WO1999040546A1 (fr) * 1998-02-09 1999-08-12 La Poste Protocole de controle d'acces entre une cle et une serrure electroniques
EP1336937A1 (fr) * 2002-02-13 2003-08-20 Swisscom AG Système de contrôle d'accès, methode de contrôle d'accès et dispositifs pour la mettre en oeuvre

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2016566A4 (fr) * 2006-04-28 2010-12-29 Sics Swedish Inst Of Comp Science Ab Système de commande d'accès et procédé permettant de le faire fonctionner
US8482378B2 (en) 2006-04-28 2013-07-09 Telcred Ab Access control system and method for operating said system
US8723641B2 (en) 2006-04-28 2014-05-13 Telecred AB Access control system and method for operating said system
GB2543857A (en) * 2015-11-02 2017-05-03 Mgm Advantage Services Ltd Authorisation system
GB2543857B (en) * 2015-11-02 2018-04-04 Mgm Advantage Services Ltd Authorisation system
DE202021104535U1 (de) 2021-07-20 2021-09-08 Robert Bosch Gesellschaft mit beschränkter Haftung Zutrittskontrollanordnung und Lesemodul
DE102021207700A1 (de) 2021-07-20 2023-01-26 Robert Bosch Gesellschaft mit beschränkter Haftung Zutrittskontrollanordnung, Lesemodul und Verfahren zur Zutrittskontrolle
US12243367B2 (en) 2021-07-20 2025-03-04 Robert Bosch Gmbh Access control arrangement, reading module and access control method

Similar Documents

Publication Publication Date Title
EP1336937B1 (fr) Système de contrôle d'accès, methode de contrôle d'accès et dispositifs pour la mettre en oeuvre
DE69730712T2 (de) Kommunikationssystem mit gesicherter, unabhängiger verwaltung mehrerer anwendungen pro gebraucherkarte, gebraucherkarte und verwaltungsverfahren dafür
DE69936904T2 (de) Automatisiertes Zugangskontrollsystem mit verteilter Intelligenz
EP0203424B1 (fr) Procédé et circuit pour la vérification de l'autorisation d'accès à un système de traitement de signaux
DE3412663A1 (de) Chipkartensystem
EP0805607B1 (fr) Méthode d'accès d'au moins une partie des données d'une carte à microprocesseur
DE102017107150A1 (de) Teilnehmer eines Intercom-Netzwerkes, Intercom-Netzwerk und Verfahren
EP1029421A1 (fr) Carte d'identification et procede d'identification
DE3809795C2 (fr)
EP1073019A2 (fr) Méthode et dispositif pour le transfert de données aux cartes à puce
EP1159842B1 (fr) Systeme de communication pour la radiotelephonie mobile determinant une zone d'abonne et procede approprie
DE19955096B4 (de) Verfahren zur Authentifikation eines Funk-Kommunikationsnetzes gegenüber einer Mobilstation sowie ein Funk-Kommunikationsnetz und eine Mobilstation
EP1626372A1 (fr) Méthode et système de contrôle d'accès et les dispositifs associés
DE3884485T2 (de) Frankiermaschinensystem.
DE10218148B4 (de) Server für ein Telekommunikationssystem und Verfahren zum Erstellen einer Telekommunikationsverbindung
DE4306054A1 (fr)
EP0717578A2 (fr) Méthode de connexion des stations d'abonnés à un réseau radio mobile
EP1922890A1 (fr) Implementation ulterieure d'une fonctionnalite sim dans un module de securite
EP3550805A1 (fr) Procédé de fonctionnement d'un système de collecte de données de consommation et collecteur de données
DE19755012A1 (de) Verfahren zur Verwaltung teilnehmerindividueller Daten eines Telekommunikationsendgerätes
DE69623689T2 (de) Teilnehmerrufnummerspeicherungseinrichtung und Mobilstation dafür
WO2010124707A1 (fr) Commande d'accès à des appareils d'automatisation
EP0687117A2 (fr) Système de radio-téléphonie
DE19524822C2 (de) Einrichtung zur ]berpr}fung der Berechtigung und zur Benutzung von gesch}tzten Diensten
DE19711907A1 (de) System zur Erfassung von Daten, insbesondere Arbeitszeitdaten

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL HR LT LV MK

AKX Designation fees paid
REG Reference to a national code

Ref country code: DE

Ref legal event code: 8566

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20060817