SYSTEMS AND METHODS OF OPERATING A SECURED FACILITY
First Claim
1. A method of performing access control in a secured facility, wherein the secured facility includes a plurality of access control units physically distributed at different physical locations within the secured facility, the method comprising:
- providing access control cards to users who are granted access to respective portions of the secured facility;
defining dynamic, de-centralized access control policies that define conditions for access for the users through access control units in the secured facility, wherein at least some of the de-centralized access control policies are dynamic role-based policies for dynamic evaluation within the secured facility;
storing data on at least one of the access control cards that includes first data reflective of one or more of the dynamic access control policies, wherein (i) the first data includes a plurality of rules for managing access for the user of the at least one of the access cards, wherein at least two of the rules define access conditions for different portions of the secured facility, (ii) the at least two of the rules are parameterized for evaluation according to variables reflecting dynamic events within the secured facility, and (iii) the first data includes tolerance data for temporary deviation from the at least two of the rules;
generating second data reflective of dynamic events within the secured facility; and
performing access control decisions for the user of the at least one card according to the first data and the second data, wherein (i) the access control decisions determine whether a dynamic event variable set to a value determined by the second data satisfies a constraint defined by the first data or whether temporary tolerance data permits deviation from an applicable access control parameterized rule, and (ii) the access control decisions are performed in a de-centralized manner substantially where the access cards are presented to access control units without requiring access control logic being involved at a central access control system.
0 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method of providing security operations in a secured facility in which access control operations are performed, wherein the secured facility includes a plurality of access control units physically distributed at different physical locations within the secured facility, comprises: performing access control decisions for the user of the at least one card according to the first data and the second data, wherein (i) the access control decisions determine whether a dynamic event variable set to a value determined by the second data satisfies a constraint defined by the first data or whether temporary tolerance data permits deviation from an applicable access control parameterized rule, and (ii) the access control decisions are performed in a de-centralized manner substantially where the access cards are presented to access control units without requiring access control logic being involved at a central access control system.
-
Citations
7 Claims
-
1. A method of performing access control in a secured facility, wherein the secured facility includes a plurality of access control units physically distributed at different physical locations within the secured facility, the method comprising:
-
providing access control cards to users who are granted access to respective portions of the secured facility; defining dynamic, de-centralized access control policies that define conditions for access for the users through access control units in the secured facility, wherein at least some of the de-centralized access control policies are dynamic role-based policies for dynamic evaluation within the secured facility; storing data on at least one of the access control cards that includes first data reflective of one or more of the dynamic access control policies, wherein (i) the first data includes a plurality of rules for managing access for the user of the at least one of the access cards, wherein at least two of the rules define access conditions for different portions of the secured facility, (ii) the at least two of the rules are parameterized for evaluation according to variables reflecting dynamic events within the secured facility, and (iii) the first data includes tolerance data for temporary deviation from the at least two of the rules; generating second data reflective of dynamic events within the secured facility; and performing access control decisions for the user of the at least one card according to the first data and the second data, wherein (i) the access control decisions determine whether a dynamic event variable set to a value determined by the second data satisfies a constraint defined by the first data or whether temporary tolerance data permits deviation from an applicable access control parameterized rule, and (ii) the access control decisions are performed in a de-centralized manner substantially where the access cards are presented to access control units without requiring access control logic being involved at a central access control system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
-
Current AssigneeCrawford C.S. Lee
-
Original AssigneeCrawford C.S. Lee
-
InventorsCrawford, C.S. Lee
-
Application NumberUS13/341,981Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current340/5.6CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/6218 to a system of files or obj...G06F 2221/2153 Using hardware token as a s...G07C 9/00571 operated by interacting wit...G07C 9/22 in combination with an iden...H04L 63/102 Entity profiles
