Access control system, access control method and devices suitable therefor
First Claim
1. An access control method, in which an access code is assigned to an access control device and is stored in the access control device, in which an access code is stored in a mobile communication terminal, in which a unique access control device identification for each access control device, stored in each respective access control device, is transmitted from the access control device to the mobile communication terminal, and in which the access code for the access control device is determined in the mobile communication terminal, in that the access code is determined which is stored, assigned to the received unique access control device identification, in the mobile communication terminal, comprising:
- generating a first digital certificate in the mobile communication terminal based on the determined access code and on access rights data, which are stored, assigned to the received unique access control device identification, in the mobile communication terminal, and which define access rights of the user for the access control device,transmitting the first digital certificate from the mobile communication terminal together with the access rights data to the access control device,generating a second digital certificate in the access control device based on the received access rights data and on the access code stored in the access control device,comparing the generated second digital certificate with the received first digital certificate,checking the received access rights data in the access control device, andclearing access upon agreement of the digital certificates and with sufficient access right.
3 Assignments
0 Petitions
Accused Products
Abstract
An access control system comprises a plurality of access control devices in each of which is stored an access code. Specific access codes and access rights for a plurality of access control devices are transmitted from an access control central unit over a mobile radio network to the mobile communication terminal of a user. Transmitted to the mobile communication terminal by an access control device to be passed is an access control device identification. In the mobile communication terminal, on the basis of the received identification, the access code and the access rights for the access control device to be passed are determined, and are transmitted to the access control device. The access control device clears the user for access if the received access rights suffice and the received access code agrees with the stored access code.
-
Citations
10 Claims
-
1. An access control method, in which an access code is assigned to an access control device and is stored in the access control device, in which an access code is stored in a mobile communication terminal, in which a unique access control device identification for each access control device, stored in each respective access control device, is transmitted from the access control device to the mobile communication terminal, and in which the access code for the access control device is determined in the mobile communication terminal, in that the access code is determined which is stored, assigned to the received unique access control device identification, in the mobile communication terminal, comprising:
-
generating a first digital certificate in the mobile communication terminal based on the determined access code and on access rights data, which are stored, assigned to the received unique access control device identification, in the mobile communication terminal, and which define access rights of the user for the access control device, transmitting the first digital certificate from the mobile communication terminal together with the access rights data to the access control device, generating a second digital certificate in the access control device based on the received access rights data and on the access code stored in the access control device, comparing the generated second digital certificate with the received first digital certificate, checking the received access rights data in the access control device, and clearing access upon agreement of the digital certificates and with sufficient access right. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product comprising:
-
a tangible computer readable medium with computer program code means contained therein for control of a processor of a mobile communication terminal, said tangible computer readable medium comprising, means for controlling exchange of data with an access control device to receive and accept a unique access control device identification for each access control device which is transmitted from a respective access control device to be passed, to determine an access code for the access control device to be passed in the mobile communication terminal, to assign the determined access code to the received unique access control device identification, and to store the determined access code in the mobile communication terminal, and means for controlling the processor of the mobile communication terminal to generate a digital certificate in the mobile communication terminal based on the determined access code and access rights data which are stored and assigned to the received unique access control device identification in the mobile communication terminal, and to define access rights of the user of the mobile communication terminal for the access control device to be passed, wherein the generated digital certificate is transmitted from the mobile communication terminal together with the access rights data to the access control device to be passed. - View Dependent Claims (6, 7)
-
-
8. An access control device in which an access code is stored, comprising:
-
communication means for exchange of data with a mobile communication terminal, and which comprises an identification module for transmitting a unique access control device identification for each access control device, stored in each respective access control device, to the mobile communication terminal; means for receiving access rights data and a first digital certificate from the mobile communication terminal, which access rights data define access rights of the user of the mobile control device; and an access control module configured to generate a second digital certificate based on the access rights data which have been received from the mobile communication terminal, and on the access code which is stored in the access control device, wherein the access control module is configured to compare the generated second digital certificate with the received first digital certificate and to check the received access rights data, and the access control module is configured to clear access upon agreement of the digital certificates and with sufficient access right. - View Dependent Claims (9, 10)
-
Specification