System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone

What is claimed is: 1. A method of controlling physical access to a secure asset, comprising: transmitting, by a reader of a physical access control system associated with a physical access point of the secure asset, an interrogating radio frequency (RF) signal to a mobile device, the interrogating RF signal comprising a first credential that is unique to the reader; receiving, at the reader from the mobile device, an RF response to the interrogating RF signal, the RF response comprising: a second credential that is unique to the mobile device, and data associated with an access control decision by the mobile device with respect to the reader; and controlling the physical access point, with the reader, to permit or deny a holder of the mobile device access to the secure asset based on the RF response to the interrogating RF signal. 2. The method of claim 1 , wherein the first credential corresponds to a first key and wherein the second credential corresponds to a second key. 3. The method of claim 2 , wherein at least one of the first or second keys correspond to an encryption key. 4. The method of claim 1 , wherein the second credential is received at the mobile device via a mobile communications network. 5. The method of claim 4 , wherein the mobile device receives the second credential via a Short Message Service (SMS) message. 6. The method of claim 1 , wherein the second credential is received at the mobile device via the reader. 7. The method of claim 1 , wherein, when the reader denies the holder of the mobile device access to the secure asset, the method further comprises: generating a log entry at an access control log maintained on the reader; and reporting the log entry via a communication network. 8. The method of claim 1 , wherein the physical access point includes a door of a building and the secure asset includes a room within the building. 9. The method of claim 1 , wherein the data comprising the second credential in the RF response includes data that is wirelessly updated, at the mobile device, by a remote server. 10. The method of claim 1 , wherein the physical access point of the secure asset includes a lock controlling access to the secure asset. 11. The method of claim 1 , wherein at least one of the first or second credentials comprises an identifier. 12. A system, comprising: a reader of a physical access control system associated with a physical access point of a secure asset, wherein the reader is configured to perform operations comprising: transmitting an interrogating radio frequency (RF) signal to a mobile device, the interrogating RF signal comprising a first credential that is unique to the reader; receiving, from the mobile device, an RF response to the interrogating RF signal, the RF response comprising: a second credential that is unique to the mobile device, and data associated with an access control decision by the mobile device with respect to the reader; and controlling the physical access point to permit or deny a holder of the mobile device access to the secure asset based on the RF response to the interrogating RF signal. 13. The system of claim 12 , wherein the first credential corresponds to a first key and wherein the second credential corresponds to a second key. 14. The system of claim 13 , wherein at least one of the first or second keys correspond to an encryption key. 15. The system of claim 12 , wherein the second credential is received via a mobile communications network. 16. The system of claim 15 , wherein the mobile device receives the second credential via a Short Message Service (SMS) message. 17. The system of claim 12 , wherein the second credential is received via the reader. 18. The system of claim 12 , wherein, when the reader denies the holder of the mobile device access to the secure asset, the reader is further configured to generate a log entry at an access control log maintained on the reader and report the log entry via a communication network. 19. The system of claim 12 , wherein at least one of the first or second credentials comprises an identifier. 20. An access control system, comprising: a processor; and memory comprising processor-executable instructions that, when executed by the processor, enable the processor to perform operations comprising: receiving, at a mobile device, an interrogating radio frequency (RF) signal from a reader of a physical access control system associated with a physical access point of a secure asset, the interrogating RF signal comprising a first credential that is unique to the reader; in response to receiving the interrogating RF signal, performing an access control decision by the mobile device with respect to the reader; and transmitting, from the mobile device to the reader, an RF response to the interrogating RF signal, the RF response comprising: a second credential, and data associated with the access control decision by the mobile device with respect to the reader, wherein the physical access point is controlled by the reader to permit or deny a holder of the mobile device access to the secure asset based on the RF response to the interrogating RF signal. 21. The access control system of claim 20 , wherein the first credential corresponds to a first key and wherein the second credential corresponds to a second key. 22. The access control system of claim 21 , wherein at least one of the first or second keys correspond to an encryption key. 23. The access control system of claim 21 , wherein at least one of the first or second credentials comprises an identifier.