Unified network and physical premises access control server

US 20070094716A1
Filed: 10/26/2005
Published: 04/26/2007
Est. Priority Date: 10/26/2005
Status: Active Grant

First Claim

Patent Images

1. An access control system comprising:

a plurality of devices capable of capturing and/or generating information when a monitored parameter is detected;

a server having access to a list containing authorized entities, defined by credentials, permitted to access a physical facility and network resource based upon a certain specified criteria or policy;

said server can verify credentials submitted by said devices and issue commands to distribute and implement said policies using said devices;

a network connected device configured to couple said server to said plurality of devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides an access control server that holds information pertaining to both network access and facility access. The access control server enforces policies based on location, type of resource, time of day, duration, or other events, and logs all successful and unsuccessful attempts to access a given resource whether it be on the network or at the facility. The access control server operates off a common list or table of attributes and policies, or separate lists or tables of attributes and policies that are arbitrated by a credential verification and policy engine. This unified access control server implements protocols that work with network and/or physical premises-based devices. The unified access control server allows events in the facility to be associated with events on the network and vice versa and direct policies that may be executed in the physical or network realm.

Citations

20 Claims

1. An access control system comprising:
- a plurality of devices capable of capturing and/or generating information when a monitored parameter is detected;
  
  a server having access to a list containing authorized entities, defined by credentials, permitted to access a physical facility and network resource based upon a certain specified criteria or policy;
  
  said server can verify credentials submitted by said devices and issue commands to distribute and implement said policies using said devices;
  
  a network connected device configured to couple said server to said plurality of devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The access control system of claim 1 wherein said list is a synchronized set of lists.
  - 3. The access control system of claim 1 wherein said list is a distributed common set of lists.
  - 4. The access control system of claim 1 wherein said devices comprise physical access control, network-connected or both physical access control and network-connected and wherein said list further containing policy for issuing instructions to modify physical resource parameters and network access parameters.
  - 5. The access control system of claim 4 wherein said physical resource parameters include lighting, heating and cooling.
  - 6. The access control system of claim 4 wherein said engine further generates and transmits policy-based instructions in response to an event or combination of events to said network connected devices such that said network connected devices perform a corresponding, pre-defined action.
  - 7. The access control system of claim 1 wherein said server comprises means for ingesting, maintaining and distributing access control policies for access to physical facilities and to network resources.
  - 8. The access control system of claim 1 further comprising a frame based network.
  - 9. The access control system of claim 1 further comprising a packet-based network.
  - 10. The access control system of claim 1 further comprising a unified server and management station for logging attempts to access a physical facility and a network resource.
  - 11. The access control system of claim 10 further comprising means for logging policy-based instructions in response to each access attempt.
  - 12. The access control system of claim 10 further comprising means for monitoring network resources and access control events.
  - 13. The access control system of claim 10 further comprising means for implementing an access policy for regulating user access to multiple facilities and multiple networks.
  - 14. The access control system of claim 1 wherein said list and policies are integrated into a network infrastructure device.

15. A method for implementing access control policies for physical facilities and network resources comprising:
- defining policies for an entity or a group of entities;
  
  associating physical resource access requests or events with network-based resource access requests or events with said policies; and
  
  implementing, arbitrating and providing, as dictated by said policy, responsive instructions.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15 wherein said policies are defined by correlating and specifying events in the physical realm with events or access of network resources.
  - 17. The method of claim 15 further comprising:
    - associating physical resource access requests or events with network-based resource access requests or events from a given entity or group of entities.
  - 18. The method of claim 17 further comprising:
    - correlating and specifying access to said network resources with events in the physical realm.

19. A method of managing access to physical and network-based assets comprising:
- provisioning a unified list with user credentials that define access rights to physical facilities and network resources, said unified list further including user information that defines access rights to network resources; and
  
  managing access to physical and network-based assets from a common platform.

20. An access control system comprising:
- means for detecting a request requiring either or both credential verification and policy determination. A communication network;
  
  an access control device, coupled to said network, capable of generating information when a monitored parameter is detected;
  
  a server for establishing access policy and for distributing said policy to said access control device;
  
  said server having access to a set of lists containing authorized entities, defined by credentials, for permitting access to a physical facility or a network resource based upon a specified set of policies and for generating instructions to modify selected physical resource parameters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Twinam, David, Farino, Mark, Kolar, Mark, Beliles, Robert

Granted Patent

US 7,437,755 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G07C 9/27   with central registration

G07C 9/38   with central registration

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

Unified network and physical premises access control server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Unified network and physical premises access control server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links