Systems and methods for managing configuration data at disconnected remote devices
First Claim
1. A method performed by an access control device of a host access control system, for managing configuration data, the method comprising the steps of:
- the access control device determining whether it has a network connection to a server device of the host access control system;
the access control device, in response to determining that it does not have a network connection to a server device of the host access control system, adopting a disconnected mode of operation;
the access control device reading an access control smartcard, wherein the access control smartcard carries data comprising;
(i) user credential data configured to enable an authorization/authentication process to determine whether or not access should be granted in response to reading of the access control smartcard; and
(ii) configuration data including threat level data;
the access control device, in response to reading the access control smartcard, performing an automated process comprising;
(a) reading the configuration data including threat level data from the access control smartcard, wherein the threat level data is a form of configuration data, wherein the configuration data including threat level data, when successfully applied by the access control device, is used by the access control device to determine at least part of the functionality of the remote device when operated in the disconnected mode, including threat-level specific functionality of a given authorization/authentication process to determine whether or not access should be granted;
(b) determining version information for the configuration data including threat level data carried by the access control smartcard;
(c) comparing the version information of the configuration data including threat level data carried by the access control smartcard with version information of configuration data including threat level data applied by the access control device;
(d) in the case that the version information for the configuration data including threat level data carried by the access control smartcard supersedes version information of configuration data including threat level data applied by the access control device, selectively applying the configuration data including threat level data carried by the access control smartcard to the access control device; and
(e) in the case that the version information for the configuration data including threat level data carried by the access control device supersedes version information of configuration data applied by the access control smartcard, writing the configuration data including threat level data carried by the access control device to the access control smartcard, and configuring the access control smartcard to cause a further disconnected access control device of the host access control system to, following presentation of the access control smartcard to the further disconnected access control device, selectively apply the written configuration data including threat level data; and
the access control device subsequently performing the authorization/authentication process to determine whether or not access should be granted based on the presentation of the access control smartcard, using configuration data including threat level data current applied by the access control device.
1 Assignment
0 Petitions
Accused Products
Abstract
Described herein are systems and methods for managing configuration data. These are particularly directed towards the management of configuration data in disconnected remote devices of a host system. For example, this may be an access control environment having one or more connected access control devices (i.e. devices in communication with a central server), and one or more disconnected access control devices (i.e. devices operating without communication with the central server), the latter being regarded as disconnected remote devices. In overview, the present systems and methods make use of a versioning protocol to allow the reliable distribution of configuration data at the disconnected remote devices, this protocol operating to best ensure the propagation of the most current configuration data.
267 Citations
13 Claims
-
1. A method performed by an access control device of a host access control system, for managing configuration data, the method comprising the steps of:
-
the access control device determining whether it has a network connection to a server device of the host access control system; the access control device, in response to determining that it does not have a network connection to a server device of the host access control system, adopting a disconnected mode of operation; the access control device reading an access control smartcard, wherein the access control smartcard carries data comprising;
(i) user credential data configured to enable an authorization/authentication process to determine whether or not access should be granted in response to reading of the access control smartcard; and
(ii) configuration data including threat level data;the access control device, in response to reading the access control smartcard, performing an automated process comprising; (a) reading the configuration data including threat level data from the access control smartcard, wherein the threat level data is a form of configuration data, wherein the configuration data including threat level data, when successfully applied by the access control device, is used by the access control device to determine at least part of the functionality of the remote device when operated in the disconnected mode, including threat-level specific functionality of a given authorization/authentication process to determine whether or not access should be granted; (b) determining version information for the configuration data including threat level data carried by the access control smartcard; (c) comparing the version information of the configuration data including threat level data carried by the access control smartcard with version information of configuration data including threat level data applied by the access control device; (d) in the case that the version information for the configuration data including threat level data carried by the access control smartcard supersedes version information of configuration data including threat level data applied by the access control device, selectively applying the configuration data including threat level data carried by the access control smartcard to the access control device; and (e) in the case that the version information for the configuration data including threat level data carried by the access control device supersedes version information of configuration data applied by the access control smartcard, writing the configuration data including threat level data carried by the access control device to the access control smartcard, and configuring the access control smartcard to cause a further disconnected access control device of the host access control system to, following presentation of the access control smartcard to the further disconnected access control device, selectively apply the written configuration data including threat level data; and the access control device subsequently performing the authorization/authentication process to determine whether or not access should be granted based on the presentation of the access control smartcard, using configuration data including threat level data current applied by the access control device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An access control device configured for operation as part of a host access control system without a communication channel to the host access control system, the access control device comprising:
-
a communications port configured to read access control smartcards, including an access control smartcard that carries data comprising;
(i) user credential data configured to enable an authorization/authentication process to determine whether or not access should be granted in response to presentation of the access control smartcard; and
(ii) configuration data including threat level data;a memory module for maintaining software instructions; and a processor for executing the software instructions; wherein the access control device is configured to; operate in a disconnected mode, wherein the access control device does not have a network connection to any other devices of the host access control system, and whilst in the disconnected mode, in response to reading an access control smartcard with configuration data including threat level data, perform an automated process comprising; determining version information for the configuration data including threat level data carried by the access control smartcard; comparing the version information of the configuration data including threat level data carried by the access control smartcard with version information of configuration data including threat level data applied by the access control device; in the case that the version information for the configuration data including threat level data carried by the access control smartcard supersedes version information of configuration data including threat level data applied by the access control device, selectively applying the configuration data including threat level data carried by the access control smartcard to the access control device, wherein the access control device uses the configuration data including threat level data to determine at least part of the functionality of the access control device including threat-level specific functionality of a given authorization/authentication process to determine whether or not access should be granted; and in the case that the version information for the configuration data including threat level data carried by the access control device supersedes version information of configuration data including threat level data applied by the access control smartcard, write the configuration data including threat level data carried by the access control device to the access control smartcard, and configuring the access control smartcard to cause a further access control device of the host access control system to, following presentation of the access control smartcard to the further access control device, selectively apply the written configuration data including threat level data; and subsequently performing the authorization/authentication process to determine whether or not access should be granted based on the presentation of the access control smartcard, using configuration data including threat level data current applied by the access control device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for managing configuration data including threat level data in a host system including one or more connected devices that are connected to a host system network and one or more access control devices that are not connected to the host system network, the method comprising:
-
at an access control device, whilst operating in a disconnected mode wherein the device does not have a network connection to any other devices, reading configuration data including threat level data from an access control smartcard, wherein the access control smartcard is a smartcard or a portable memory device, and based on a version control protocol selectively either;
(i) apply the read configuration data including threat level data to the access control device, wherein the access control device uses the configuration data including threat level data to determine at least part of the functionality of the access control device including threat-level specific functionality of a given authorization/authentication process to determine whether or not access should be granted;
or (ii) write configuration data including threat level data stored at the access control device to the access control smartcard, and in the case that the read configuration data including threat level data is selectively applied to the access control device, writing data indicative of that application to the access control smartcard;at the access control device, subsequently performing an authorization/authentication process to determine whether or not access should be granted based on the presentation of the access control smartcard, using configuration data including threat level data current applied by the access control device; and at a connected device, reading from the access control smartcard data indicative of successful application of configuration data including threat level data to one or more access control devices, and propagating that data to a central controller of the host system; wherein in the case of (ii), configuring the access control smartcard to cause a further access control device of the host access control system to, following presentation of the access control smartcard to the further access control device, selectively apply the written configuration data including threat level data.
-
Specification