What technology area does this patent fall under?

Primary CPC classification H04L63/0807. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 24 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Utilizing caveats for wireless credential access

US10848477B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10848477-B2
Application number	US-201815975148-A
Country	US
Kind code	B2
Filing date	May 9, 2018
Priority date	May 9, 2018
Publication date	Nov 24, 2020
Grant date	Nov 24, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A method according to one embodiment includes receiving, by an access control device, a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action, determining, by the access control device, a credential type associated with the access credential based on the credential identifier, determining, by the access control device, a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type, and performing, by the access control device, the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for utilizing caveats for wireless credential access, the method comprising: receiving, by an access control device, a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action; determining, by the access control device, a credential type associated with the access credential based on the credential identifier; determining, by the access control device, a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type; validating, by the access control device, the caveat based on a keyed hash included in the credential token; and performing, by the access control device, the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type, and wherein the associated action identified by the caveat is performed in addition to or in the alternative to a standard action associated with the credential type. 2. A method for utilizing caveats for wireless credential access, the method comprising: receiving, by an access control device, a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action; determining, by the access control device, a credential type associated with the access credential based on the credential identifier; determining, by the access control device, a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type; validating, by the access control device, the caveat based on a keyed hash included in the credential token; and performing, by the access control device, the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type; wherein the keyed hash is keyed by a static key stored on the access control device if the access credential is a first credential type; and wherein the keyed hash is keyed by a second keyed hash included in the credential token and associated with the access credential if the access credential is a second credential type. 3. The method of claim 2 , wherein the static key is a site key stored on the access control device and a host server; and wherein the site key is inaccessible to the mobile device. 4. The method of claim 1 , wherein the credential token further includes a user code; and wherein determining the credential type comprises determining the credential type associated with the access credential based on the credential identifier and the user code. 5. The method of claim 4 , wherein an access credential having a first credential identifier and a first user code is determined to be of a first credential type; and an access credential having the first credential identifier and a second user code is determined to be of a second credential type. 6. The method of claim 1 , wherein determining the credential type comprises comparing the credential identifier to an access control database of the access control device. 7. An access control device for utilizing caveats for wireless credential access, the access control device comprising: a processor; and a memory comprising an access control database and a plurality of instructions stored thereon that, in response to execution by the processor, causes the access control device to: receive a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action; determine a credential type associated with the access credential based on the credential identifier; determine a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type; validate the caveat based on a keyed hash included in the credential token; and perform the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type, and wherein the associated action identified by the caveat is performed in addition to or in the alternative to a standard action associated with the credential type. 8. The access control device of claim 7 , wherein the plurality of instructions further causes the access control device to ignore the caveat in response to a determination that the associated action is an action not authorized by the set of caveat rules associated with the credential type. 9. An access control device for utilizing caveats for wireless credential access, the access control device comprising: a processor; and a memory comprising an access control database and a plurality of instructions stored thereon that, in response to execution by the processor, causes the access control device to: receive a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action; determine a credential type associated with the access credential based on the credential identifier; determine a set of caveat rules associated with the credential type, wherein the set of caveat rules identifies one or more actions authorized for an access credential of the credential type; validate the caveat based on a keyed hash included in the credential token; and perform the associated action identified by the caveat in response to a determination that the associated action is an action authorized by the set of caveat rules associated with the credential type; wherein the keyed hash is keyed by a static key stored on the access control device if the access credential is a first credential type; and wherein the keyed hash is keyed by a second keyed hash included in the credential token and associated with the access credential if the access credential is a second credential type. 10. The access control device of claim 9 , wherein the static key is a site key stored on the access control device and a host server; wherein the site key is inaccessible to the mobile device. 11. The access control device of claim 7 , wherein the credential token further includes a user code; wherein determining the credential type comprises determining the credential type associated with the access credential based on the credential identifier and the user; wherein an access credential having a first credential identifier and a first user code is determined to be of a first credential type; and an access credential having the first credential identifier and a second user code is determined to be of a second credential type. 12. An access control system, comprising: a mobile device; a host server configured to receive an access credential from a credential server and transmit the access credential to the mobile device; and an access control device comprising a memory having an access control database stored thereon, wherein the access control device is configured to: update the access control database based on acce

Assignees

Schlage Lock Co Llc

Inventors

Classifications

H04L63/20
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
G07C2209/02
Access control comprising means for the enrolment of users · CPC title
H04W12/08
Access security · CPC title
G07C2009/00841
by a portable device · CPC title
G06F21/44
Program or device authentication · CPC title

Patent family

Related publications grouped by family.

View patent family 66483987

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10848477B2 cover?: A method according to one embodiment includes receiving, by an access control device, a credential token from a mobile device, wherein the credential token includes an access credential, a credential identifier, and a caveat that instructs the access control device to perform an associated action, determining, by the access control device, a credential type associated with the access credential…
Who is the assignee on this patent?: Schlage Lock Co Llc
What technology area does this patent fall under?: Primary CPC classification H04L63/0807. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 24 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).