SYSTEMS AND METHODS FOR CONTROLLING ACCESS WITHIN A SYSTEM OF NETWORKED AND NON-NETWORKED PROCESSOR-BASED SYSTEMS
First Claim
1. A method of controlling access within a system, the system comprising at least one security server for managing access rights and at least one networked processor-based system that processes access attempts to provide or deny access and multiple non-networked processor-based systems that process access attempts to provide or deny access, the method comprising:
- processing first access attempts from end-users by the at least one networked processor-based system, wherein the first access attempts occur when the end-users are in physical proximity to the at least one networked processor-based system, wherein the end-users do not manage, control, or modify access rights within the system, wherein the end-users are employees of a common organization and the at least one security server maintains one or several databases that store data pertaining to the end-user employees of the common organization, networked and non-networked processor-based systems of the common organization, and access rights specific to the common organization;
in conjunction with processing of the first access attempts by the at least one networked processor-based system, communicating with the at least one security server to obtain access rights information relevant to the respective end-users;
writing access rights information obtained from the at least one security server by the at least one networked processor-based system to portable cards, wherein the portable cards respectively belong to end-users and store data identifying each respective end-user and data relevant to the access rights associated with each respective end-user;
physically transporting the portable cards by the end-users to non-networked processor-based systems;
processing further access attempts from the end-users by non-networked processor-based systems, wherein the further access attempts occur when the end-users are in physical proximity to the non-networked processor-based systems;
in conjunction with processing of the further access attempts by the non-networked processor-based systems, writing access log information to the portable cards of each respective end-user, wherein the access log information includes time-stamps for times associated with accesses by the respective end-users;
in conjunction with processing of the further access attempts by the non-networked processor-based systems, analyzing time stamps of accesses by each end-user for multiple accesses on multiple processor-based systems against one or more access rules, the one or more rules defining one or more relative timing constraints or order constraints for accesses on multiple processor-based systems; and
in conjunction with processing of the further access attempts by the non-networked processor-based systems, controlling access decisions in response to determining whether the time stamps of respective end-users indicate that said respective end-users have violated the one or more access rules.
0 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, access log information is written to portable cards of end-users of system that includes networked and non-networked processor based systems that control user access. In conjunction with processing of access attempts by non-networked processor-based systems, time stamps of accesses by each end-user for multiple accesses on multiple processor-based systems are analyzed against one or more access rules, the one or more rules defining one or more relative timing constraints or order constraints for accesses on multiple processor-based systems. Also, in conjunction with processing of the further access attempts by the non-networked processor-based systems, access decisions are controlled in response to determining whether the time stamps of respective end-users indicate that said respective end-users have violated the one or more access rules.
-
Citations
8 Claims
-
1. A method of controlling access within a system, the system comprising at least one security server for managing access rights and at least one networked processor-based system that processes access attempts to provide or deny access and multiple non-networked processor-based systems that process access attempts to provide or deny access, the method comprising:
-
processing first access attempts from end-users by the at least one networked processor-based system, wherein the first access attempts occur when the end-users are in physical proximity to the at least one networked processor-based system, wherein the end-users do not manage, control, or modify access rights within the system, wherein the end-users are employees of a common organization and the at least one security server maintains one or several databases that store data pertaining to the end-user employees of the common organization, networked and non-networked processor-based systems of the common organization, and access rights specific to the common organization;
in conjunction with processing of the first access attempts by the at least one networked processor-based system, communicating with the at least one security server to obtain access rights information relevant to the respective end-users;
writing access rights information obtained from the at least one security server by the at least one networked processor-based system to portable cards, wherein the portable cards respectively belong to end-users and store data identifying each respective end-user and data relevant to the access rights associated with each respective end-user;
physically transporting the portable cards by the end-users to non-networked processor-based systems;
processing further access attempts from the end-users by non-networked processor-based systems, wherein the further access attempts occur when the end-users are in physical proximity to the non-networked processor-based systems;
in conjunction with processing of the further access attempts by the non-networked processor-based systems, writing access log information to the portable cards of each respective end-user, wherein the access log information includes time-stamps for times associated with accesses by the respective end-users;
in conjunction with processing of the further access attempts by the non-networked processor-based systems, analyzing time stamps of accesses by each end-user for multiple accesses on multiple processor-based systems against one or more access rules, the one or more rules defining one or more relative timing constraints or order constraints for accesses on multiple processor-based systems; and
in conjunction with processing of the further access attempts by the non-networked processor-based systems, controlling access decisions in response to determining whether the time stamps of respective end-users indicate that said respective end-users have violated the one or more access rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification