System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone
US-2015222622-A1 · Aug 6, 2015 · US
Method and apparatus for making a decision on a card
US9672345B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9672345-B2 |
| Application number | US-201514668507-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 25, 2015 |
| Priority date | Aug 9, 2006 |
| Publication date | Jun 6, 2017 |
| Grant date | Jun 6, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network.
First claim
Opening claim text (preview).
What is claimed is: 1. A physical access control system for protecting a secure asset, comprising: a reader associated with a physical access point to the secure asset; a plurality of mobile devices storing credential information and configured to communicate at least a portion of the stored credential information with the reader to attempt to gain access at the physical access point; and a remote server configured to: maintain a revocation list including information related to at least one of the plurality of mobile devices to which the reader is not allowed to grant access to the physical access point; and update the credential information stored on the at least one mobile device according to the information included in the revocation list, wherein the at least one mobile device is configured to make an access control decision denying an attempt to gain access to the physical access point by the mobile device based on information obtained from the reader and the updated credential information. 2. The access control system of claim 1 , wherein the at least one mobile device includes information related to readers that the mobile device or a user thereof is not allowed to obtain access. 3. The access control system of claim 1 , wherein the reader includes information related to mobile devices or users thereof that the reader is not allowed to grant access. 4. The access control system of claim 1 , wherein additional authentication rules are maintained on the at least one mobile device. 5. The access control system of claim 1 , wherein the at least one mobile device comprises a mobile phone. 6. The access control system of claim 1 , wherein the revocation list is updated periodically. 7. The access control system of claim 6 , wherein the revocation list is updated in response to detection of one or more events. 8. The access control system of claim 7 , wherein the one or more events correspond to a failed authentication between the mobile device and the reader. 9. The physical access control system of claim 6 , wherein the revocation list is updated after a predetermined amount of time has passed since the revocation list was last updated. 10. The physical access control system of claim 1 , wherein the physical access point to the secure asset includes a lock associated with the physical access point. 11. The physical access control system of claim 1 , wherein the reader is a non-networked reader. 12. The physical access control system of claim 1 , wherein the at least one mobile device is communicably coupled to the remote server. 13. The physical access control system of claim 1 , wherein at least parts of the revocation list are communicated to the reader and the at least one mobile device. 14. A method of operating a physical access control system for protecting a secure asset, comprising: maintaining, at a server, a revocation list including information related to a mobile device to which a reader is not allowed to grant access to a physical access point to the secure asset, the reader associated with the physical access point and the mobile device storing credential information and configured to communicate at least a portion of the stored credential information with the reader to gain access at the physical access point; updating the credential information stored in the mobile device according to the information included in the revocation list; and receiving, at the server, a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information. 15. The method of claim 14 , wherein the mobile device includes information related to readers that the mobile device or a user thereof is not allowed to obtain access. 16. The method of claim 15 , wherein the mobile device comprises a cellular phone. 17. The method of claim 14 , wherein the reader includes information related to mobile devices or users thereof that the reader is not allowed to grant access. 18. The method of claim 14 , wherein additional authentication rules are maintained on the mobile device. 19. The method of claim 14 , wherein the revocation list is updated periodically. 20. The method of claim 19 , wherein the revocation list is updated in response to detection of one or more predetermined events. 21. The method of claim 20 , wherein the one or more events corresponds to a failed authentication between the mobile device and the reader. 22. The method of claim 19 , wherein the revocation list is updated after a predetermined amount of time has passed since the revocation list was last updated. 23. The method of claim 14 , wherein at least parts of the revocation list are communicated to the reader and the mobile device. 24. The method of claim 14 , wherein the physical access point to the secure asset includes a lock associated with the physical access point. 25. The method of claim 14 , wherein the reader is a non-networked reader. 26. The method of claim 14 , wherein the mobile device is communicably coupled to the server. 27. A physical access control system for protecting a secure asset, comprising: a server that is configured to perform operations comprising: maintaining a revocation list including information related to a mobile device to which a reader is not allowed to grant access to a physical access point to the secure asset, the reader associated with the physical access point and the mobile device storing credential information and configured to communicate at least a portion of the stored credential information with the reader to gain access at the physical access point; updating the credential information stored in the mobile device according to the information included in the revocation list; and receiving a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information. 28. A physical access control system for protecting a secure asset, comprising: a plurality of mobile devices storing credential information and configured to communicate at least a portion of the stored credential information with a reader associated with a physical access point to the secure asset, to gain access at the physical access point; and a remote server that is configured to perform operations comprising: maintaining a revocation list including information related to at least one of the plurality of mobile devices to which the reader is not allowed to grant access to the secure asset; updating the credential information stored in the at least one mobile device according to the information included in the revocation list; and receiving a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information.
Assignees
Inventors
Classifications
electronically (G07C9/26 takes precedence) · CPC title
the pass containing active electronic elements, e.g. smartcards · CPC title
by means of a password · CPC title
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity · CPC title
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9672345B2 cover?
- Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database ther…
- Who is the assignee on this patent?
- Assa Abloy Ab
- What technology area does this patent fall under?
- Primary CPC classification G06F21/31. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 06 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).