METHOD AND APPARATUS FOR MAKING A DECISION ON A CARD
First Claim
Patent Images
1. A method, comprising:
- presenting a first and a second credential to a reader, said reader associated with an access control system;
said reader transmitting data comprising at least one of a host identifier and timestamp to said first and second credentials;
said first credential receiving information from said second credential;
said first credential analyzing the at least one of a host identifier and timestamp using an application stored on said first credential and further analyzing said information from said second credential,said first credential making an access control decision, the access control decision comprising a determination as to whether or not the first and second credentials are both allowed access to an asset protected by said reader, and the access control decision being based on said analyzing step;
said first credential generating a first message containing results of said access control decision; and
said first credential sending said first message to said reader.
2 Assignments
0 Petitions
Accused Products
Abstract
Method and devices for making access decisions in a secure access network are provided. The access decisions are made by one or more portable credentials using data and algorithms stored on or received by two or more credentials. Since access decisions are made by the portable credential or credentials, non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database, thereby reducing the cost of building and maintaining the secure access network.
-
Citations
20 Claims
-
1. A method, comprising:
-
presenting a first and a second credential to a reader, said reader associated with an access control system; said reader transmitting data comprising at least one of a host identifier and timestamp to said first and second credentials; said first credential receiving information from said second credential; said first credential analyzing the at least one of a host identifier and timestamp using an application stored on said first credential and further analyzing said information from said second credential, said first credential making an access control decision, the access control decision comprising a determination as to whether or not the first and second credentials are both allowed access to an asset protected by said reader, and the access control decision being based on said analyzing step; said first credential generating a first message containing results of said access control decision; and said first credential sending said first message to said reader. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An access control system, comprising:
-
at least one local host for controlling access to an asset; and at least two credentials, each credential comprising; a memory for storing an access decision application that is capable of making an access decision for said credential based on data received from the at least one local host, the access decision comprising a determination as to whether or not the credential is allowed access to the asset protected by said at least one local host; and a processor for executing said access decision application in connection with said received data, wherein said processor is further capable of generating a message after executing said access decision application and causing said message to be transmitted to one of the other credential and the at least one local host, and wherein said message comprises results of said access decision for said credential. - View Dependent Claims (16, 17, 18)
-
-
19. A credential for use in a secure access system, comprising:
-
a memory for storing an access decision application that is capable of making an access decision for said credential based on data received from a local host and data received from a second credential, the access decision comprising a determination as to whether or not the credential and the second credential are allowed access to an asset protected by the local host; and a processor for executing said access decision application in connection with said received data, wherein said processor is further capable of generating a message after executing said access decision application and causing said message to be transmitted to the local host, and wherein said message comprises results of said access decision for said credential. - View Dependent Claims (20)
-
Specification