Access control system based upon behavioral patterns

US 8,680,995 B2
Filed: 01/28/2010
Issued: 03/25/2014
Est. Priority Date: 01/28/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through at least some other of the plurality of security zones;

detecting entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period;

forming a probability model of entry into each of the plurality of security zones from the detected entrances of the authorized person over the predetermined previous time period;

detecting access requests for the authorized user from the access controllers during a current time period;

generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and

granting access to the secured area by the person upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for detecting behavioral changes in a security system is provided. The method includes the steps of providing a secured area having a plurality of security zones where access to each is controlled by an access controller, detecting entrances to at least some of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period, forming a probability model of entry into each of the plurality of security zones from the detected entrances over the previous time period, detecting access requests for the authorized user from the access controllers during a current time period, and generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model.

23 Citations

View as Search Results

17 Claims

1. A method comprising:
- providing a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through at least some other of the plurality of security zones;
  
  detecting entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period;
  
  forming a probability model of entry into each of the plurality of security zones from the detected entrances of the authorized person over the predetermined previous time period;
  
  detecting access requests for the authorized user from the access controllers during a current time period;
  
  generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and
  
  granting access to the secured area by the person upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as in claim 1 further comprising recording a sequence of video images of the person within the secured area.
  - 3. The method as in claim 1 further comprising denying access by the person to the secured area upon determining that the probability threshold value is greater than a lockout value.
  - 4. The method as in claim 1 wherein the probability model further comprises a probability density function.
  - 5. The method as in claim 4 further comprising granting access to the secured area by the person upon determining that a density value of the probability density function at the time of the request for access is less than an average of the detected entrances for a security zone of the plurality of security zones for a corresponding time period minus a variance of the average.
  - 6. The method as in claim 4 further comprising denying access to the secured area by the person upon determining that a density value of the probability density function at the time of the request for access is less than an average of the detected entrances for a security zone of the plurality of security zones for a corresponding time period minus two times a variance of the average.
  - 7. The method as in claim 1 wherein the probability model further comprises a reference set of principal components and the currently detected access requests comprises a current set of principle components using Principal Component analysis.
  - 8. The method as in claim 7 wherein the step of generating the security alert further comprising deteimining a Euclidean distance between each point of the reference and current principle components.
  - 9. The method as in claim 8 further comprising comparing the Euclidean distance with the probability threshold value.

10. An apparatus comprising:
- a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through some other of the plurality of security zones;
  
  an event log that contains detected entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period;
  
  a probability model of entry into each of the plurality of security zones formed from the detected entrances of the authorized person over the predetermined previous time period;
  
  access requests for the authorized user received from the access controllers during a current time period;
  
  a security alert that is generated upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and
  
  an access grant allowing the person to enter the secured area upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The apparatus as in claim 10 further comprising an access denial sent to an access controller of the secured area for the authorized person upon determining that the probability threshold value is greater than a lockout value.
  - 12. The apparatus as in claim 10 wherein the probability model further comprises a probability density function.
  - 13. The apparatus as in claim 12 further comprising an access grant to the secured area by the person sent to an access controller of the access controllers upon determining that a density value of the probability density function at the time of the request for access is less than an average of the detected entrances for a security zone of the plurality of security zones for a corresponding time period minus a variance of the average.
  - 14. The method as in claim 12 further comprising an access denial to the secured area by the person sent to an access controller of the access controllers upon determining that a density value of the probability density function at the time of the request for access is less than an average of the detected entrances for a security zone of the plurality of security zones for a corresponding time period minus two times a variance of the average.
  - 15. The method as in claim 10 wherein the probability model further comprises a reference set of principal components and the currently detected access requests comprises a current set of principle components using Principal Component analysis.
  - 16. The method as in claim 15 wherein the generated the security alert further comprises a probability processor that determines a Euclidean distance between each point of the reference and current principle components.
  - 17. The method as in claim 16 further comprising comparing the Euclidean distance with the probability threshold value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
G, Ashwin, Subramanian, Sriram, Balakrishnan, Sivakumar, Guralnik, Valerie, Heimerdinger, Walt, Ponnambalam, Santhanakrishnan
Primary Examiner(s)
Mehmood, Jennifer
Assistant Examiner(s)
ALAM, MIRZA F

Application Number

US12/695,542
Publication Number

US 20110181414A1
Time in Patent Office

1,517 Days
Field of Search

340/541, 340/545.1, 340/5.2, 340/5.3, 340/5.31, 340/5.32, 340/5.33, 340/5.51, 340/5.52, 340/5.6, 340/5.8, 340/5.82, 340/555, 340/556, 340/557, 340/528, 340/309.16, 340/10.1, 340/572.4, 340/572.7, 340/825.49, 340/870.11, 340/825.31, 340/825.72, 379 37- 44, 379 47- 51, 379/58, 379/59, 379/93, 379/100, 455/41.2, 455/404.1, 455/404.2, 455/445, 455/464, 455/552.2, 455/556.1, 713/165, 713/182, 713/168, 713/193, 713/166
US Class Current

340/541
CPC Class Codes

G07C 9/30 not involving the use of a ...

Access control system based upon behavioral patterns

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Access control system based upon behavioral patterns

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others