Apparatus for distributed data storage of security identification and security access system and method of use thereof

US 20090050697A1
Filed: 08/24/2007
Published: 02/26/2009
Est. Priority Date: 08/24/2007
Status: Abandoned Application

First Claim

Patent Images

1. A system for secure access control comprising:

a controller having a unique identifier;

a controllable access portal in communication with the controller;

a first reader in communication with the controller;

a data card, removably connectable to the reader, for storing the unique identifier list; and

,the controller programmed to upload the unique identifier list from the data card, compare the unique identifier to the unique identifier list and to open the controllable access portal if the unique identifier is in the unique identifier list.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and method are provided to control the entry and tracking of individuals into and through controlled areas for security. A novel system is provided which stores data in a collection of portable data carriers of various formats and flash memory. A method is further provided to control the so called “anti-passback” of individuals into controlled areas. Still further provided is a system which allows storage and dissemination of control information for security system operation on the collection of data carriers allowing the intelligence of the reader system to be low compared to the network security systems of the prior art. Controlling data can include data pointers, program components, executable files and various operating systems.

Citations

53 Claims

1. A system for secure access control comprising:
- a controller having a unique identifier;
  
  a controllable access portal in communication with the controller;
  
  a first reader in communication with the controller;
  
  a data card, removably connectable to the reader, for storing the unique identifier list; and
  
  ,the controller programmed to upload the unique identifier list from the data card, compare the unique identifier to the unique identifier list and to open the controllable access portal if the unique identifier is in the unique identifier list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22)
- - 2. The system of claim 1 wherein the data card further stores a first operating system andthe controller is further programmed to upload and implement the first operating system upon connection to the data card.
  - 3. The system of claim 2 further comprising:
    - a second data card storing a second operating system;
      
      the controller programmed to upload and implement the second operating system upon connection to the second data card.
  - 4. The system of claim 2 wherein the first operating system and second operating system are different.
  - 5. The system of claim 1 wherein the data card further stores a bootstrap segment andthe controller is further programmed to upload the bootstrap segment and boot an operating system upon connection to the data card.
  - 6. The system of claim 2 wherein the first operating system is stored in the data card.
  - 7. The system of claim 2 wherein the first operating system is stored in a memory connected to the controller.
  - 8. The system of claim 1 wherein the data card further stores a FASC data field and the controller is further programmed to upload the FASC data field upon connection to the data card.
  - 9. The system of claim 1 wherein the data card further stores an executable file and the controller is further programmed to upload the executable file upon connection to the data card.
  - 10. The system of claim 1 wherein the data card further stores a pointer file containing at least one pointer and the controller is further programmed to execute a code segment stored in a memory attached to the controller located at a location in the memory corresponding to the at least one pointer.
  - 11. The system of claim 1 wherein the data card further stores identity data and the controller is further programmed to:
    - query a cardholder for the response data;
      
      compare the response data to the identity data; and
      
      ,open the controllable access portal upon a match between the response data and the identity data.
  - 12. The system of claim 1 wherein the data card further stores a program component and the controller is further programmed to:
    - load the program component; and
      
      run the program component.
  - 13. The system of claim 1 wherein the data card further stores a card ID and the controller is further programmed to:
    - compare the card ID to an exception list; and
      
      if the card ID is found on the exception list, then alter a data field on the data card.
  - 14. The system of claim 1 wherein the data card further stores a tracking field and the controller is further programmed to update the tracking field with the unique identifier.
  - 16. The system of claim 14 wherein a second reader in communication with the controller;
    - the first reader in a first controlled physical area with a first designated area number stored in a memory of the controller;
      
      the second reader in a second controlled physical area with a second designation and a number stored in the memory of the controller;
      
      the data card storing a tracking number;
      
      the controller further programmed to read the tracking number from the data card upon presentation of the data card at the first reader;
      
      compare the tracking number to the second designation area number;
      
      if the second designated area number is greater than the tracking number, then activating the controllable access portal to grant access and storing the second designated area number in the data card as the tracking number and if the second designated area number is less than the tracking umber, then denying access.
  - 17. The system of claim 16 wherein the controller is further programmed to:
    - read the tracking number from the data car upon presentation of the data card at the second reader;
      
      compare the tracking number of the first designated area number;
      
      ]if the first designated area number is less than the tracking number, then activating the controllable access portal to grant access and storing the first designated area number in the data card as the tracking number; and
      
      if the first designated area number is greater than the tracking number, then denying access.
  - 18. The system of claim 1 wherein the data card further stores function controller data and the controller is further programmed, to upload the function controller data to a function controller.
  - 19. The system of claim 13 wherein the function controller is programmed to use the function control data to operate one of the group of:
    - a legacy system, a HVAC system, a lighting system, a parking system and a video/audio system.
  - 20. The system of claim 1 wherein the controller is further programmed to establish communication with a local area controller and upload a log entry to the local area controller.
  - 21. The system of claim 1 wherein the controller is further programmed to establish communication with a local area network and establish communication with a wide area network.
  - 22. The system of claim 21 wherein the controller is further programmed to move a data set related to the data card to the wide area network.

15. The system of claim 15 wherein the tracking field contains a stack of data related to a physical location of the data card.

23. A system for controlling access to controlled areas comprising:
- a first programmable controller having a first unique identifier and a first key access connector;
  
  a first controllable lock operatively connected to the first controller;
  
  a second programmable controller having a second unique identifier and a second key access connector;
  
  a second controllable lock operatively connected to the second controller;
  
  a first access key removably connectable to the first key access connector and the second key access connector and having a first readable memory programmed with the first unique identifier and the second unique identifier and wherein;
  
  the first programmable controller is programmed to;
  
  read the first readable memory and identify the first unique identifier; and
  
  open the controllable lock to allow access to the controlled areas upon identification of the first unique identifier.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 24. The system of claim 23 wherein the first readable memory is a nonvolatile memory.
  - 25. The system of claim 23 wherein the first access key is one of the group of a USB device, a SD device and a smart card device.
  - 26. The system of claim 23 wherein the first readable memory is further programmed with a data set in a data field and the first programmable controller is further programmed to alter the data set in the data field.
  - 27. The system of claim 26 wherein the data set contains the second unique identifier.
  - 28. The system of claim 26 wherein the data set stores data related to the physical presence of the first access key in the controlled areas.
  - 29. The system of claim 28 wherein the data set is arranged in a LIFO stack.
  - 30. The system of claim 28 wherein the data set is arranged in a FIFO stack.
  - 31. The system of claim 23 further comprising a second access key removably connectable to the first key access connector and the second key access connector and having a second readable memory programmed with the second unique identifier and wherein the first controller is programmed to:
    - read the second readable memory and identify the absence of the first unique identifier; and
      
      deny access to the controlled areas upon recognition of the absence of the first unique identifier.
  - 32. The system of claim 31 wherein:
    - a first operating system is stored in the first readable memory;
      
      a second operating system is stored in the second readable memory;
      
      the first programmable controller is programmed to;
      
      upload and run the first operating system upon connection of the first access key to the first key access connector; and
      
      upload and run the second operating system upon connection of the second access key to the first key access connector.
  - 33. The system of claim 32 wherein the first operating system and the second operating system are different.
  - 34. The system of claim 31 wherein the first controller is further programmed to record the denial of access to the controlled areas.
  - 35. The system of claim 31 wherein the first controller is further programmed to incapacitate the second access key.
  - 36. The system of claim 23 further comprising:
    - a biometric reader capable of producing a first data file related to a human physical characteristic, connected to the first programmable controller;
      
      the first access key having the first readable memory programmed with a second data file related to the human physical characteristic; and
      
      the first programmable controller further programmed to compare the first data file related to the human physical characteristic to the second data file related to the human physical characteristic and determine if a match condition exists.
  - 37. The system of claim 23 further comprising:
    - a data entry device, connected to the first programmable controller, for entry of data by a keyholder;
      
      a communication device, connected to the first programmable controller for communication of request data to the keyholder; and
      
      the first programmable controller further programmed to;
      
      communicate the request data to the keyholder;
      
      receive response data from the data entry device;
      
      compare the response data to the request data to form a decision; and
      
      respond to the decision.
  - 38. The system of claim 37 wherein the request data is stored in the first readable memory.
  - 39. The system of claim 23 wherein the first readable memory is programmed with a bootstrap program and the first programmable controller is further programmed to boot from the bootstrap program.
  - 40. The system of claim 23 wherein the first programmable controller is a single board computer.
  - 41. The system of claim 23 wherein the first unique identifier is a GUID.

42. A method of verifying the access authorization of an access card comprising:
- presenting the access card to a reader connected to a controller having a unique GUID;
  
  uploading a GUID list from the access card to the controller;
  
  receiving a decision from the controller as to the presence of the GUID on the GUID list;
  
  not blocking access authorization if the GUID is on the GUID list; and
  
  blocking access authorization if the GUID is not on the GUID list.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
- - 43. The method of claim 42 comprising the further steps of:
    - downloading a first data file from the access card to the controller;
      
      downloading a unique key identifier from the access card to the controller;
      
      receiving a decision from the controller as to the presence of the unique key identifier on an exception list; and
      
      uploading a second data file to the access card from the controller if the unique identifier is on the exception list.
  - 44. The method of claim 42 further comprising the steps of:
    - receiving a request for secondary information from the controller;
      
      returning the secondary information from the access card;
      
      receiving a decision from the controller as to the validity of the secondary information;
      
      not blocking access if the secondary information is valid; and
      
      blocking access if the secondary information is not valid.
  - 45. The method of claim 44 wherein the secondary information is one of the list of fingerprint data, facial data, encryption data, question and answer data and FASC data.
  - 46. The method of claim 42 wherein the first data file is one from the list of an executable file, a pointer file, a program component, a reader list, a bootstrap program, a FASC data field, a file of function control data, an exception list and a tracking file.
  - 47. The method of claim 46 comprising the further step of:
    - implementing the first data file.
  - 48. The method of claim 42 further comprising the steps of:
    - downloading a tracking list from the access card;
      
      receiving a decision from the controller as to the presence of the GUID on the tracking list;
      
      not blocking access if the GUID is not on the tracking list; and
      
      blocking access if the GUID is on the tracking list.
  - 49. The method of claim 48 further comprising the steps of:
    - not blocking access if the GUID is on the tracking list;
      
      blocking access if the GUID is not on the tracking list.
  - 50. The method of claim 42 further comprising the step of:
    - reporting an access condition to a LAN controller.
  - 51. The method of claim 42 further comprising the step of:
    - updating an exception list from a LAN controller.
  - 52. The method of claim 42 further comprising the step of:
    - decrypting the first data file.
  - 53. The method of claim 42 further comprising the step of:
    - encrypting the first data file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Collier Sparks, James Oakley Lowder, Tim Rohrbach
Original Assignee
Collier Sparks, James Oakley Lowder, Tim Rohrbach
Inventors
Sparks, Collier, Lowder, James Oakley, Rohrbach, Tim

Application Number

US11/895,436
Publication Number

US 20090050697A1
Time in Patent Office

Days
Field of Search
US Class Current

235/382.500
CPC Class Codes

G07C 9/257 electronically G07C9/26 tak...

G07F 7/0893 the card reader reading the...

Apparatus for distributed data storage of security identification and security access system and method of use thereof

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus for distributed data storage of security identification and security access system and method of use thereof

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links