Security system for access control using smart cards
First Claim
1. A security system for access control using smart card badges each having a unique Smart Card Serial Number onto which is stored a unique Credential Identifier, in which said security system has a Site Secret Key, said system comprising:
- at least one access controller having a database storing for each one of a plurality of smart card badges at least a Credential Identifier and an encrypted Authorization Code as a badge number and an issue code, respectively, for the smart card badge, and access privilege data;
one or more readers in which each of said readers when presented with one smart card badge of said plurality of smart card badges reads the Credential Identifier and Smart Card Serial Number from said one smart card badge, generates an encrypted Authorization Code based on the read Credential Identifier and Smart Card Serial Number, and a Site Secret Key stored in the reader, and sends a request to the access controller with at least the read Credential Identifier and generated Authorization Code; and
said access controller receives the Credential Identifier and the Authorization Code of the request as the badge number and the issue code for said one smart card badge, respectively, and makes access decision as to whether the badge number and the issue code for said one smart card badge matches one of the badge number and issue code for one of the plurality of smart card badges stored in the database of the access controller, and whether said one smart card badge has access privileges at the reader which sent said request in accordance with said access privileges data for said one smart card badge in said database of the access controller.
2 Assignments
0 Petitions
Accused Products
Abstract
An improved security system for access control using smart card badges and readers, and one or more access controllers coupled to the readers. Each access controller has a database storing for each badge at least a Credential Identifier and an encrypted Authorization Code as badge number and issue code, respectively, and access privileges data for the cardholder. Each badge has memory storing a Credential Identifier and unique Smart Card Serial Number. The Authorization Code is encrypted using a badge'"'"'s Credential Identifier and unique Smart Card Serial Number using a Site Secret Key. Each reader can read a badge'"'"'s Credential Identifier and Smart Card Serial Number and generate an encrypted Authorization Code using the read Credential Identifier and Smart Card Serial Number, and the Site Secret Key. The access controller receives from the reader a request having at least the read Credential Identifier and generated Authorization Code as a badge number and issue code, respectively, and uses such in determining whether the cardholder has access at the reader.
77 Citations
17 Claims
-
1. A security system for access control using smart card badges each having a unique Smart Card Serial Number onto which is stored a unique Credential Identifier, in which said security system has a Site Secret Key, said system comprising:
-
at least one access controller having a database storing for each one of a plurality of smart card badges at least a Credential Identifier and an encrypted Authorization Code as a badge number and an issue code, respectively, for the smart card badge, and access privilege data; one or more readers in which each of said readers when presented with one smart card badge of said plurality of smart card badges reads the Credential Identifier and Smart Card Serial Number from said one smart card badge, generates an encrypted Authorization Code based on the read Credential Identifier and Smart Card Serial Number, and a Site Secret Key stored in the reader, and sends a request to the access controller with at least the read Credential Identifier and generated Authorization Code; and said access controller receives the Credential Identifier and the Authorization Code of the request as the badge number and the issue code for said one smart card badge, respectively, and makes access decision as to whether the badge number and the issue code for said one smart card badge matches one of the badge number and issue code for one of the plurality of smart card badges stored in the database of the access controller, and whether said one smart card badge has access privileges at the reader which sent said request in accordance with said access privileges data for said one smart card badge in said database of the access controller. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for access control in a system using smart card badges having at least one access controller and one or more readers coupled to said access controller, said method comprising the steps of:
-
storing in a database of the access controller for each of the smart card badges at least a Credential Identifier and an encrypted Authorization Code as badge number and issue code, respectively, and access privilege data for the smart card badge; presenting one of the smart card badges to a reader; reading at the reader the Credential Identifier and Smart Card Serial Number from the smart card badge; generating at the reader an encrypted Authorization Code based on the read Credential Identifier and Smart Card Serial Number, and a Site Secret Key; sending a request to the access controller with the read Credential Identifier and generated Authorization Code; receiving at the access controller the request in which the access controller construes the Credential Identifier and the Authorization Code as a badge number and issue code, respectively; comparing at the access controller the badge number and issue code with the badge number and issue code for the smart card badges stored in the database of the access controller; and granting access at the reader when the badge number and issue code matches that store in the database of the access controller and the smart card badge has access privileges at the reader sending the request. - View Dependent Claims (8, 9)
-
-
10. A reader for smart card badges in a security system for controlling access to an area or locked door in a facility comprising:
-
means for reading memory from a smart card having at least a Credential Identifier and a Smart Card Serial Number; means for generating an encrypted Authorization Code based on the read Credential Identifier and Smart Card Serial Number, and a Site Secret Key stored in said card reader; means for sending a request to the access controller with the read Credential Identifier and generated Authorization Code; means for receiving a response from the access controller; and means for granting access based on said response. - View Dependent Claims (11, 12, 13)
-
-
14. A badging workstation for a security system using smart card badges comprising:
- computer system having memory storing at least a Site Secret Key;
a smart card reader/writer coupled to said computer system for reading a Smart Card Serial Number from a smart card badge; and said computer system determines a unique Credential Identifier for the smart card badge, generates an encrypted Authorization Code based on the Credential Identifier and Smart Card Serial Number, and the Site Secret Key, and provides to another computer system said Credential Identifier and encrypted Authorization Code as the badge number and issue code for download to one or more access controller.
- computer system having memory storing at least a Site Secret Key;
-
15. A security system for access control using smart card badges each having a unique Smart Card Serial Number onto which is stored a unique Credential Identifier, in which said security system has a Site Secret Key, said system comprising:
-
one or more access controllers each having a database storing for a plurality of smart card badges at least a Credential Identifier and an encrypted Authorization Code as a badge number and an issue code, respectively, for the smart card badges; one or more readers, each of said readers when presented with one of said smart card badges reads the Credential Identifier and Smart Card Serial Number from the smart card badge, generates an encrypted Authorization Code based on the read Credential Identifier and Smart Card Serial Number, and a Site Secret Key stored in the reader, and sends a request to one of said access controllers associated with the reader for receiving said request in which said request has at least the read Credential Identifier and generated Authorization Code; and each of said access controllers in response to receiving one of said request from one of the readers operates upon the Credential Identifier and the Authorization Code of the request as a badge number and a issue code, respectively, and makes an access decision in accordance the Credential Identifier and the Authorization Code of the request matching one of the badge number and issue code, respectively, for one of the plurality of smart card badges stored in the database of the access controller, and sends a message to the reader which sent said request with said access decision. - View Dependent Claims (16, 17)
-
Specification