SYSTEM AND METHOD FOR REMOTELY ASSIGNING AND REVOKING ACCESS CREDENTIALS USING A NEAR FIELD COMMUNICATION EQUIPPED MOBILE PHONE

US 20100077466A1
Filed: 12/01/2009
Published: 03/25/2010
Est. Priority Date: 04/05/2005
Status: Active Grant

First Claim

Patent Images

1. A method of remotely maintaining a secure access system, comprising:

receiving, at a secure access system controller, a credential update for at least one user of the secure access system; and

in response to receiving the credential update, said controller automatically initiating a system update process, the system update process comprising;

generating a message comprising information representing the credential update;

determining at least one target for said message, wherein said at least one target comprises at least one mobile device associated with the at least one user; and

transmitting said message to said at least one target.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is generally directed toward a mobile device that can be used in a secure access system. More specifically, the mobile device can have credential data loaded thereon remotely updated, enabled, disabled, revoked, or otherwise altered with a message sent from, for example, a control panel and/or controller in the system.

62 Citations

View as Search Results

44 Claims

1. A method of remotely maintaining a secure access system, comprising:
- receiving, at a secure access system controller, a credential update for at least one user of the secure access system; and
  
  in response to receiving the credential update, said controller automatically initiating a system update process, the system update process comprising;
  
  generating a message comprising information representing the credential update;
  
  determining at least one target for said message, wherein said at least one target comprises at least one mobile device associated with the at least one user; and
  
  transmitting said message to said at least one target.
- View Dependent Claims (2, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 43)
- - 2. The method of claim 1, wherein the system update process further comprises transmitting said message to at least one of a reader and a database.
  - 3. The method of claim 1, wherein said at least one mobile device has a first set of credential data stored thereon, and wherein upon receiving said message from said controller, said first set of credential data is changed to a second different set of credential data and wherein said message is transmitted to said at least one mobile device without receiving a request for said message from said at least one user.
  - 4. The method of claim 3, wherein said first set of credential data has at least one of a key, password, unique ID, encryption scheme, and transmission protocol that is different in said second set of credential data.
  - 6. The method of claim 1, further comprising, in the event that said at least one mobile device does not receive said message and is subsequently presented to a reader, determining, by said reader, that said at least one mobile device is invalid.
  - 7. The method of claim 1, wherein said credential updates are received at the controller on a periodic basis.
  - 8. The method of claim 1, further comprising:
    - receiving said message at said at least one mobile device; and
      
      modifying at least a portion of memory of said at least one mobile device according to said updated credential information.
  - 9. The method of claim 8, wherein said modifying comprises at least one of disabling and revoking at least a portion of said memory.
  - 10. The method of claim 8, further comprising:
    - disabling at least a portion of said memory unless an enabling message is received.
  - 11. The method of claim 1, further comprising de-enrolling a user of at least one mobile device from an access list, wherein said credential update is generated in response to de-enrolling said user from said access list.
  - 12. The method of claim 1, wherein said message is transmitted over a cellular communication network.
  - 13. The method of claim 1, wherein said message is transmitted by at least one of a radio frequency signal and a near field communication signal.
  - 14. The method of claim 1, further comprising:
    - presenting said at least one mobile device to a reader;
      
      generating a second message comprising information related to said at least one mobile device being presented to said reader; and
      
      sending said second message to at least one of a database, controller, and another mobile device.
  - 15. The method of claim 14, wherein said second message is sent via a short message service (SMS) message.
  - 43. The method of claim 1, wherein said credential update is pushed toward said at least one mobile device without any solicitation by said at least one mobile device or a user of said at least one mobile device.

5. (canceled)

16. A secure access system, comprising:
- at least one mobile device comprising memory, wherein said memory comprises credential information;
  
  a controller that is operable to receive a credential update for at least one user of the secure access system and in response to receiving the credential update automatically initiate a system update process, wherein during the system update process the controller is operable to automatically cause a message to be generated that comprises said updated credential, and cause said message to be transmitted to said at least one mobile device associated with said at least one user.
- View Dependent Claims (17, 18, 19, 20, 21, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 44)
- - 17. The system of claim 16, further comprising:
    - at least one reader for determining an authenticity of said at least one mobile device; and
      
      a database for maintaining information related to said system, wherein said controller is further operable to cause a second message to be generated that comprises said updated credential and cause said second message to be transmitted to at least one of said reader and said database.
  - 18. The system of claim 17, wherein, in the event that said at least one mobile device does not receive said message, credentials of said at least one mobile device become obsolete.
  - 19. The system of claim 18, wherein, upon presentation of said at least one mobile device to said at least one reader, the authenticity of said at least one mobile device is determined to be invalid.
  - 20. The system of claim 16, wherein credential information on said memory is altered in response to receiving said message and wherein said credential update is initiated by an entity other than said at least one user.
  - 21. The system of claim 20, wherein said credential information altered on said memory comprises at least one of a key, password, unique ID, encryption scheme, and transmission protocol.
  - 23. The system of claim 16, wherein credential updates are received at said controller on a periodic basis.
  - 24. The system of claim 16, wherein credential information on said memory is at least one of disabled and revoked in response to receiving said message.
  - 25. The system of claim 16, wherein said mobile device comprises a timing-out mechanism, wherein said timing-out mechanism is operable to disable said memory unless an enabling message is received from said controller.
  - 26. The system of claim 16, wherein said controller causes said message to be transmitted to said mobile device via at least one of a global system for mobile communications, a digital cellular system, and a personal communications system.
  - 27. The system of claim 16, wherein said at least one mobile device is at least one of a cellular phone, and personal digital assistant.
  - 28. The system of claim 16, wherein said credential update is initiated in response to de-enrolling at least one user from a list of authorized users.
  - 29. The system of claim 16, wherein said at least one mobile device comprises a plurality of mobile devices, and wherein credential information in each one of the plurality of mobile devices is altered.
  - 30. The system of claim 16, wherein said at least one mobile device comprises a plurality of mobile devices, and wherein credential information in less than all of the plurality of mobile devices is altered.
  - 31. The system of claim 16, wherein said message is transmitted via at least one of a radio frequency and near field communication signal.
  - 32. The system of claim 16, wherein said message is transmitted via a cellular communications network.
  - 44. The system of claim 16, wherein said credential update is pushed toward said at least one mobile device without any solicitation by said at least one mobile device or a user of said at least one mobile device.

22. (canceled)

33. A mobile device for use by a user in a secure access system, comprising:
- a memory, wherein said memory comprises credential information; and
  
  an interface operable to communicate with a reader and further operable to receive messages relating to updated-credential information, wherein, upon receipt of a first message, said credential information for the user is automatically changed from a first state to a second state and wherein said messages relating to updated-credential information are received without said at least one user transmitting a request for said messages.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 41, 42)
- - 34. The device of claim 33, wherein, in the event that said first message is not received, said credential information is maintained in said first state and as a result becomes obsolete.
  - 35. The device of claim 34, wherein said reader is operable to determine an authenticity of said mobile device based at least in part upon said credential information, and upon presentation of said mobile device to said reader, the authenticity of said mobile device is determined to be invalid.
  - 36. The device of claim 33, wherein said reader is associated with a controller and the controller is operable to determine an authenticity of said mobile device based at least in part upon said credential information.
  - 37. The device of claim 36, wherein said reader is operable to determine an authenticity of said mobile device based at least in part upon said credential information.
  - 38. The device of claim 33, wherein said credential information comprises at least one of a key, password, unique ID, encryption scheme, and transmission protocol.
  - 39. The device of claim 33, wherein said at least one of a key, password, unique ID, encryption scheme, and transmission protocol is different in said first state than in said second state.
  - 41. The device of claim 33, further comprising a timing-out mechanism, wherein said timing-out mechanism is operable to disable said memory unless an enabling message is received.
  - 42. The device of claim 33, wherein a near field communications protocol is used by said first interface to communicate with said reader.

40. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Lowe, Peter R.

Granted Patent

US 8,150,374 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/31   User authentication

G06F 21/45   Structures or tools for the...

G07C 9/20   involving the use of a pass

H04L 63/0492   by using a location-limited...

H04L 63/062   for key distribution, e.g. ...

H04L 63/068   using time-dependent keys, ...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

H04W 12/082   using revocation of authori...

H04W 4/023   using mutual or relative lo...

H04W 4/80   Services using short range ...

H04W 48/04   based on user or terminal l...

H04W 88/02   Terminal devices

SYSTEM AND METHOD FOR REMOTELY ASSIGNING AND REVOKING ACCESS CREDENTIALS USING A NEAR FIELD COMMUNICATION EQUIPPED MOBILE PHONE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

62 Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR REMOTELY ASSIGNING AND REVOKING ACCESS CREDENTIALS USING A NEAR FIELD COMMUNICATION EQUIPPED MOBILE PHONE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links