Method and apparatus for making a decision on a card

US 9,672,345 B2
Filed: 03/25/2015
Issued: 06/06/2017
Est. Priority Date: 08/09/2006
Status: Active Grant

First Claim

Patent Images

1. A physical access control system for protecting a secure asset, comprising:

a reader associated with a physical access point to the secure asset;

a plurality of mobile devices storing credential information and configured to communicate at least a portion of the stored credential information with the reader to attempt to gain access at the physical access point; and

a remote server configured to;

maintain a revocation list including information related to at least one of the plurality of mobile devices to which the reader is not allowed to grant access to the physical access point; and

update the credential information stored on the at least one mobile device according to the information included in the revocation list,wherein the at least one mobile device is configured to make an access control decision denying an attempt to gain access to the physical access point by the mobile device based on information obtained from the reader and the updated credential information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network.

132 Citations

28 Claims

1. A physical access control system for protecting a secure asset, comprising:
- a reader associated with a physical access point to the secure asset;
  
  a plurality of mobile devices storing credential information and configured to communicate at least a portion of the stored credential information with the reader to attempt to gain access at the physical access point; and
  
  a remote server configured to;
  
  maintain a revocation list including information related to at least one of the plurality of mobile devices to which the reader is not allowed to grant access to the physical access point; and
  
  update the credential information stored on the at least one mobile device according to the information included in the revocation list,wherein the at least one mobile device is configured to make an access control decision denying an attempt to gain access to the physical access point by the mobile device based on information obtained from the reader and the updated credential information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The access control system of claim 1, wherein the at least one mobile device includes information related to readers that the mobile device or a user thereof is not allowed to obtain access.
  - 3. The access control system of claim 1, wherein the reader includes information related to mobile devices or users thereof that the reader is not allowed to grant access.
  - 4. The access control system of claim 1, wherein additional authentication rules are maintained on the at least one mobile device.
  - 5. The access control system of claim 1, wherein the at least one mobile device comprises a mobile phone.
  - 6. The access control system of claim 1, wherein the revocation list is updated periodically.
  - 7. The access control system of claim 6, wherein the revocation list is updated in response to detection of one or more events.
  - 8. The access control system of claim 7, wherein the one or more events correspond to a failed authentication between the mobile device and the reader.
  - 9. The physical access control system of claim 6, wherein the revocation list is updated after a predetermined amount of time has passed since the revocation list was last updated.
  - 10. The physical access control system of claim 1, wherein the physical access point to the secure asset includes a lock associated with the physical access point.
  - 11. The physical access control system of claim 1, wherein the reader is a non-networked reader.
  - 12. The physical access control system of claim 1, wherein the at least one mobile device is communicably coupled to the remote server.
  - 13. The physical access control system of claim 1, wherein at least parts of the revocation list are communicated to the reader and the at least one mobile device.

14. A method of operating a physical access control system for protecting a secure asset, comprising:
- maintaining, at a server, a revocation list including information related to a mobile device to which a reader is not allowed to grant access to a physical access point to the secure asset, the reader associated with the physical access point and the mobile device storing credential information and configured to communicate at least a portion of the stored credential information with the reader to gain access at the physical access point;
  
  updating the credential information stored in the mobile device according to the information included in the revocation list; and
  
  receiving, at the server, a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The method of claim 14, wherein the mobile device includes information related to readers that the mobile device or a user thereof is not allowed to obtain access.
  - 16. The method of claim 15, wherein the mobile device comprises a cellular phone.
  - 17. The method of claim 14, wherein the reader includes information related to mobile devices or users thereof that the reader is not allowed to grant access.
  - 18. The method of claim 14, wherein additional authentication rules are maintained on the mobile device.
  - 19. The method of claim 14, wherein the revocation list is updated periodically.
  - 20. The method of claim 19, wherein the revocation list is updated in response to detection of one or more predetermined events.
  - 21. The method of claim 20, wherein the one or more events corresponds to a failed authentication between the mobile device and the reader.
  - 22. The method of claim 19, wherein the revocation list is updated after a predetermined amount of time has passed since the revocation list was last updated.
  - 23. The method of claim 14, wherein at least parts of the revocation list are communicated to the reader and the mobile device.
  - 24. The method of claim 14, wherein the physical access point to the secure asset includes a lock associated with the physical access point.
  - 25. The method of claim 14, wherein the reader is a non-networked reader.
  - 26. The method of claim 14, wherein the mobile device is communicably coupled to the server.

27. A physical access control system for protecting a secure asset, comprising:
- a server that is configured to perform operations comprising;
  
  maintaining a revocation list including information related to a mobile device to which a reader is not allowed to grant access to a physical access point to the secure asset, the reader associated with the physical access point and the mobile device storing credential information and configured to communicate at least a portion of the stored credential information with the reader to gain access at the physical access point;
  
  updating the credential information stored in the mobile device according to the information included in the revocation list; and
  
  receiving a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information.

28. A physical access control system for protecting a secure asset, comprising:
- a plurality of mobile devices storing credential information and configured to communicate at least a portion of the stored credential information with a reader associated with a physical access point to the secure asset, to gain access at the physical access point; and
  
  a remote server that is configured to perform operations comprising;
  
  maintaining a revocation list including information related to at least one of the plurality of mobile devices to which the reader is not allowed to grant access to the secure asset;
  
  updating the credential information stored in the at least one mobile device according to the information included in the revocation list; and
  
  receiving a communication associated with a failed attempt to gain access to the physical access point by the mobile device based on an access control decision by the mobile device denying access, the access control decision based on information obtained from the reader and the updated credential information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Davis, Michael L., Wamsley, Robert, Hulusi, Tam
Primary Examiner(s)
ABRISHAMKAR, KAVEH

Application Number

US14/668,507
Publication Number

US 20150213248A1
Time in Patent Office

804 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G07C 2209/08   With time considerations, e...

G07C 9/23   by means of a password

G07C 9/257   electronically G07C9/26 tak...

G07C 9/29   the pass containing active ...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

Method and apparatus for making a decision on a card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

132 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for making a decision on a card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

132 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links