×

Just in time visitor authentication and visitor access media issuance for a physical site

  • US 8,847,729 B2
  • Filed: 08/29/2011
  • Issued: 09/30/2014
  • Est. Priority Date: 08/29/2011
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method of issuing a visitor access medium to a visitor for access to a visitor access medium controlled physical site of a host organization, comprising:

  • receiving, by at least one processor of a host organization system for a host organization of a physical site, a request, by a visitor with an identifier of a visitor organization, for a visitor access medium for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship according to a federation standard between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor comprising authentication information for the visitor organization system to authenticate the identity of the visitor according to the federation standard, wherein the host organization system does not separately maintain information for authenticating the identity of the visitor;

    identifying, by the at least one processor, the visitor organization system from among a plurality of visitor organization systems with which the host organization system maintains separate electronic trust relationships according to the federation standard;

    sending, by the at least one processor, a request to the visitor organization system to provide access to the visitor;

    receiving, by the at least one processor, a login interface for the visitor from the visitor organization system;

    outputting, by the at least one processor, the login interface for the visitor to enter identifying information;

    sending, by the at least one processor, the identifying information input by the visitor through the login interface to the visitor organization system according to the federation standard;

    receiving, by the at least one processor, an identity provider token dispensed by the visitor organization system according to the federation standard identifying the identity of the visitor is verified by the visitor organization system from the identifying information authenticating in the electronic identity profile for the visitor;

    responsive to validating the identity provider token is from the visitor organization system, dispensing, by the at least one processor, a resource token from the host organization system according to the federation standard validating the identity of the visitor by the visitor organization system, wherein at least one assertion in the identity provider token authenticating the identity of the visitor is copied into the resource token, wherein the host organization system implements the authentication process through the existing electronic trust relationship with the visitor organization system to generate the resource token to authenticate the visitor for access to both the electronic services of the host organization system and for access to the physical site;

    translating, by the at least one processor, data in the resource token specified according to the federation standard into a physical access control system request for the visitor access medium formatted for calling a physical access control system application programming interface; and

    sending, by a visitor access service of the host organization system, the physical access control system request to a visitor provision service interface layer atop a physical access control system to call the physical access control system application program interface, for adding the visitor to the physical access control system and triggering issuance of the visitor access medium for the visitor, wherein the visitor provision service layer provides an interface between the host organization system and the physical access control system, wherein the visitor provision service layer distributes the physical access control system request to at least one physical access control system provider comprising the physical access control system application program interface of the physical access control system, wherein each physical access control system provider provisions access by the visitor using the physical visitor access medium by each of a plurality of door controllers for controlling access to the physical site.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×