Device authentication using a unidirectional protocol
First Claim
Patent Images
1. A method of maintaining a secure access system that uses a unidirectional communication protocol, the secure access system comprising at least one credential, at least one reader, and a device upstream of said reader, the method comprising:
- reading a credential with a reader;
said reader generating a first message comprising credential data associated with said credential and a first code;
transmitting said first message to an upstream device;
said upstream device analyzing said credential data in order to determine the authenticity of said credential and further analyzing said first code in order to determine the authenticity of said reader;
receiving, at said reader, a prompting signal transmitted by said upstream device;
in response to receiving said prompting signal from said upstream device, said reader generating a second message comprising a second code, wherein said second code is different from said first code; and
transmitting, by said reader, said second message to said upstream device, wherein a first code selection algorithm is used to generate said first code, wherein said first code selection algorithm generates said first code based upon at least one of time of day, total operation time of said reader, a reader unique ID, number of cards read, and a reader manufacturer ID, wherein a second code selection algorithm is used to generate said second code, and wherein the first and second code selection algorithms are different.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure access systems are discussed herein. Specifically, a method and system is provided that allows a control panel of a secure access system to verify the authenticity and fidelity of a reader within the secure access system by utilizing a rolling code agreed upon by the reader and the control panel.
-
Citations
46 Claims
-
1. A method of maintaining a secure access system that uses a unidirectional communication protocol, the secure access system comprising at least one credential, at least one reader, and a device upstream of said reader, the method comprising:
-
reading a credential with a reader; said reader generating a first message comprising credential data associated with said credential and a first code; transmitting said first message to an upstream device; said upstream device analyzing said credential data in order to determine the authenticity of said credential and further analyzing said first code in order to determine the authenticity of said reader; receiving, at said reader, a prompting signal transmitted by said upstream device; in response to receiving said prompting signal from said upstream device, said reader generating a second message comprising a second code, wherein said second code is different from said first code; and transmitting, by said reader, said second message to said upstream device, wherein a first code selection algorithm is used to generate said first code, wherein said first code selection algorithm generates said first code based upon at least one of time of day, total operation time of said reader, a reader unique ID, number of cards read, and a reader manufacturer ID, wherein a second code selection algorithm is used to generate said second code, and wherein the first and second code selection algorithms are different. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of maintaining a secure access system that uses a unidirectional communication protocol, comprising:
-
providing a downstream device associated with at least one interrogator device that is operable to transmit a rolling code from a first list of rolling codes as a part of a message; providing an upstream device that is operable to receive said message and analyze said rolling code by accessing a second list of rolling codes which matches the first list of colling codes and then comparing the rolling code to a valid code from the second list of rolling codes; requiring said downstream device to transmit a first message comprising a first valid rolling code at a first time; prompting said downstream device to transmit a second message comprising a second valid rolling code at a second time, wherein said upstream device prompts said downstream device to transmit said second message by at least one of (i) transmitting a prompting signal to said downstream device via an LED control line and (ii) interrupting power supplied to the downstream device. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A secure access system utilizing a unidirectional communication protocol, comprising:
-
a credential; a reader that is operable to read credential data from said credential upon presentation of said credential to said reader, generate a first message comprising some or all of said credential data and code data, and to transmit said first message; an upstream device that is operable to receive said first message and upon receiving said first message is operable to analyze said credential data in order to determine the authenticity of said credential and to analyze said code data in order to determine the authenticity of said reader, wherein said upstream device is further operable to generate and transmit a prompting signal via an LED control line to said reader which requires the reader to transmit additional code data in a second message to confirm its authenticity to said upstream device, wherein the code data includes a rolling code selected from a list of rolling codes, wherein said rolling code is a unique code chosen from said list of rolling codes, wherein said upstream device is further operable to access a second list which matches said list of rolling codes, compare said rolling code to a valid code from said second list, determine that said first code matches said valid code, and in response to determining that said first code matches said valid code, determine that the authenticity of said reader is valid. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A device for use in a secure access system that uses a unidirectional communication protocol, wherein said device is operable to read credential data from a credential, comprising:
-
a code generator that is operable to generate a first message comprising credential data associated with a credential that is used to determine the authenticity of said credential and a first code that is used to determine the authenticity of said device, wherein said code generator comprises a code selection algorithm, wherein said code selection algorithm generates said first code based upon at least one of time of day, total time of operation, a reader unique ID, and a reader manufacturer ID, wherein a second code selection algorithm is used to generate said second code; an LED control input which connects said device to an upstream device, wherein said LED control input is used control an LED of said reader and to receive prompting signals from said upstream device which prompts said code generator to generate a second message comprising a second code; and an output for transmitting said first and second messages to said upstream device. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification