DYNAMIC ACCESS CONTROL IN RESPONSE TO FLEXIBLE RULES

US 20110221565A1
Filed: 11/05/2008
Published: 09/15/2011
Est. Priority Date: 11/05/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method in a computer system for controlling access to a location based on one or more access rules, the method comprising:

receiving identification information associated with an individual from a piece of identification;

comparing at least some of the received identification information with a first data set to assess the likelihood that the individual is a person of interest, the first data set including first data items, each first data item corresponding to a person of interest;

comparing at least some of the received identification information with a second data set to assess whether the individual is authorized to access the location, the second data set including second data items, each second data item corresponding to an authorized person; and

if the received identification information does not substantially match a first or second data item, applying one or more access rules to at least some of the read identification information to determine whether the individual is to be granted or denied access to the location.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A dynamic access control facility that enables an operator to determine whether to grant or deny access to an individual based, in part, on the status of the individual. The operator scans the individual'"'"'s identification information from an identification record using a scanning device. To determine the status of the individual, the facility decodes the scanned identification information and identifies candidates based on the decoded identification information. The facility may identify a number of candidates or no candidates. For each authorized candidate, the facility selects for display the locations or resources that the candidate is authorized to access. When there is at least one candidate, the facility displays the selected candidate(s) to the operator indicating the status of the individual and/or whether access should be denied or granted. In some embodiments, when no candidates are identified, the facility indicates whether the individual should be denied or granted access.

92 Citations

View as Search Results

34 Claims

1. A method in a computer system for controlling access to a location based on one or more access rules, the method comprising:
- receiving identification information associated with an individual from a piece of identification;
  
  comparing at least some of the received identification information with a first data set to assess the likelihood that the individual is a person of interest, the first data set including first data items, each first data item corresponding to a person of interest;
  
  comparing at least some of the received identification information with a second data set to assess whether the individual is authorized to access the location, the second data set including second data items, each second data item corresponding to an authorized person; and
  
  if the received identification information does not substantially match a first or second data item, applying one or more access rules to at least some of the read identification information to determine whether the individual is to be granted or denied access to the location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 further comprising:
    - if the received identification information substantially matches a first data item and does not substantially match a second data item, denying the individual access to the location.
  - 3. The method of claim 1 further comprising:
    - if the received identification information substantially matches a second data item and does not substantially match a first data item, granting the individual access to the location.
  - 4. The method of claim 1 further comprising receiving environmental information that is used to determine whether the individual is to be granted or denied access to the location.
  - 5. The method of claim 4 wherein the environmental information identifies at least one of the one or more access rules that is applied to control access to the location that the individual is attempting to access.
  - 6. The method of claim 4 wherein the environmental information comprises information indicating that the individual was previously denied access to the location at one or more entry points of the location within a predefined period of time.
  - 7. The method of claim 1 wherein the one or more access rules have an order of precedence.
  - 8. The method of claim 1 wherein at least one access rule is defined for the location for which the computer system is providing access-control service.
  - 9. The method of claim 8 wherein the location is a government facility.
  - 10. The method of claim 8 wherein the location is a port of entry.
  - 11. The method of claim 8 wherein the location is a medical facility, a power plant, a court, a public facility, or a private facility.
  - 12. The method of claim 1 wherein at least one access rule is based on a type of identification.
  - 13. The method of claim 12 wherein the type of identification is a state ID, a military ID, a passport, a corporate ID, a credit card, a bank card, a loyalty card, or a student ID.
  - 14. The method of claim 1 wherein at least one access rule is based on a threat level.
  - 15. The method of claim 1 wherein at least one access rule is based on a time of day.
  - 16. The method of claim 1 wherein at least one access rule is based on a calendar date.
  - 17. The method of claim 1 further comprising:
    - if the received identification information substantially matches a first and second data item, applying the one or more access rules to at least some of the received identification information to determine whether the individual is to be granted or denied access to the location, wherein at least one of the one or more access rules is defined based on the severity of acts for which individual is suspected, charged, or convicted;
      
      if the severity is within a predefined range, granting the individual access to the location; and
      
      if the severity is not within the predefined range, denying the individual access to the location.
  - 18. The method of claim 1 wherein the identification information is received from a portable device.

19. A system for controlling access to a location based on locally-defined access rules, the system comprising:
- a device for reading identification information associated with an individual from an identification document; and
  
  a processing component for;
  
  comparing at least some of the read identification information with a data set containing records corresponding to persons of interest to determine whether the individual is a person of interest;
  
  comparing at least some of the read identification information with a data set containing records corresponding to authorized persons to determine whether the individual is authorized to access the location; and
  
  if the read identification information does not substantially match a record corresponding to a person of interest or a record corresponding to an authorized person, applying locally-defined access rules to at least some of the read identification information to determine whether the individual is to be granted or denied access to the location.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 20. The system of claim 19 wherein the processing component denies the individual access to the location if the read identification information substantially matches a record corresponding to a person of interest and does not substantially match a record corresponding to an authorized person.
  - 21. The system of claim 19 wherein the processing component grants the individual access to the location if the read identification information substantially matches a record corresponding to an authorized person and does not substantially match a record corresponding to a person of interest.
  - 22. The system of claim 19 further comprising a receiving component for receiving environmental information that is used to determine whether the individual is to be granted or denied access to the location.
  - 23. The system of claim 22 wherein the environmental information identifies at least one locally-defined access rules that is to be applied to control access to the location in which the device is operating.
  - 24. The system of claim 22 wherein the environmental information comprises information indicating that the individual was denied access to the location at one or more entry points of the location.
  - 25. The system of claim 19 wherein the locally-defined access rules have an order of precedence.
  - 26. The system of claim 19 wherein at least one locally-defined access rule is based on a type of the identification record.
  - 27. The system of claim 26 wherein the identification record is a state ID, a military ID, a passport, a corporate ID, a credit card, a bank card, a loyalty card, or a student ID.
  - 28. The system of claim 19 wherein at least one locally-defined access rule is based on a threat level.
  - 29. The system of claim 19 further comprising globally-defined access rules, and wherein at least one globally-defined access rule used to determine whether the individual is to be denied or granted access to the location.
  - 30. The system of claim 19 wherein the location in which at least one of the locally-defined rules is defined for is a government facility.
  - 31. The system of claim 19 wherein the location in which at least one of the locally-defined rules is defined for is a port of entry.
  - 32. The system of claim 19 wherein the identification information is read using a scanning component of the device, and wherein the scanning component comprises at least one of a digital scanner, a camera, a magnetic strip reader, an optical character reader, a bar code scanner, or an RFID reader.

33. A computer-readable storage medium encoded with instructions that, when executed by a computing system, cause the computing system to control access to a location based on at least one locally-defined access rule, by:
- reading information from an identification record presented by an individual;
  
  comparing at least some of the read identification information with a first data set to determine whether the individual is a person of interest, the first data set including first data items, each first data item corresponding to a person of interest;
  
  comparing at least some of the read identification information with a second data set to determine whether the individual is authorized to access the location, the second data set including second data items, each second data item corresponding to an authorized person;
  
  if the read identification information substantially matches a first data item and does not substantially match a second data item, providing an indication that the individual is to be denied access to the location;
  
  if the read identification information substantially matches a second data item and does not substantially match a first data item, providing an indication that the individual is to be granted access to the location; and
  
  if the read identification information does not substantially match a first or second data item, applying the at least one locally-defined access rule to at least some of the read identification information to determine whether the individual it to be granted or denied access to the location.
- View Dependent Claims (34)
- - 34. The computer-readable storage medium of claim 33 further comprising:
    - if the read identification information substantially matches a first and second data item, applying the at least one locally-defined access rule to at least some of the read identification information to determine whether the individual is to be granted or denied access to the location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellicheck, Inc.
Original Assignee
Intellicheck, Inc.
Inventors
Zehm, Steven, Leonard, Tristan, Ludlow, Nelson, Blood, Brian

Application Number

US12/265,666
Publication Number

US 20110221565A1
Time in Patent Office

Days
Field of Search
US Class Current

340/5.6
CPC Class Codes

G07C 9/22 in combination with an iden...

G07C 9/27 with central registration

DYNAMIC ACCESS CONTROL IN RESPONSE TO FLEXIBLE RULES

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

DYNAMIC ACCESS CONTROL IN RESPONSE TO FLEXIBLE RULES

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others