Access control system based upon behavioral patterns
First Claim
1. A method comprising:
- providing a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through at least some other of the plurality of security zones;
detecting entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period;
forming a probability model of entry into each of the plurality of security zones from the detected entrances of the authorized person over the predetermined previous time period;
detecting access requests for the authorized user from the access controllers during a current time period;
generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and
granting access to the secured area by the person upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for detecting behavioral changes in a security system is provided. The method includes the steps of providing a secured area having a plurality of security zones where access to each is controlled by an access controller, detecting entrances to at least some of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period, forming a probability model of entry into each of the plurality of security zones from the detected entrances over the previous time period, detecting access requests for the authorized user from the access controllers during a current time period, and generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model.
23 Citations
17 Claims
-
1. A method comprising:
-
providing a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through at least some other of the plurality of security zones; detecting entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period; forming a probability model of entry into each of the plurality of security zones from the detected entrances of the authorized person over the predetermined previous time period; detecting access requests for the authorized user from the access controllers during a current time period; generating a security alert upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and granting access to the secured area by the person upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
-
a secured area having a plurality of security zones where access to each is controlled by an access controller and where at least some of the plurality of security zones are accessed through some other of the plurality of security zones; an event log that contains detected entrances to each of the plurality of security zones by an authorized person through respective access controllers of the plurality of zones over a predetermined previous time period; a probability model of entry into each of the plurality of security zones formed from the detected entrances of the authorized person over the predetermined previous time period; access requests for the authorized user received from the access controllers during a current time period; a security alert that is generated upon determining that an access request of the current access requests exceeds a probability threshold value associated with the probability model; and an access grant allowing the person to enter the secured area upon determining that the probability threshold value is greater than an alerting threshold value and less than a lockout value. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
Specification