EP1678683B1 - A lock system and a method of configuring a lock system. - Google Patents

A lock system and a method of configuring a lock system. Download PDF

Info

Publication number
EP1678683B1
EP1678683B1 EP04775530A EP04775530A EP1678683B1 EP 1678683 B1 EP1678683 B1 EP 1678683B1 EP 04775530 A EP04775530 A EP 04775530A EP 04775530 A EP04775530 A EP 04775530A EP 1678683 B1 EP1678683 B1 EP 1678683B1
Authority
EP
European Patent Office
Prior art keywords
certificate
lock system
door access
manufacturer
access control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP04775530A
Other languages
German (de)
French (fr)
Other versions
EP1678683A1 (en
Inventor
Hans Thorsen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Assa Abloy AB
Original Assignee
Assa Abloy AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Assa Abloy AB filed Critical Assa Abloy AB
Publication of EP1678683A1 publication Critical patent/EP1678683A1/en
Application granted granted Critical
Publication of EP1678683B1 publication Critical patent/EP1678683B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed

Definitions

  • the present invention relates generally to lock systems and more particularly to a lock system which can be set up in an easy and yet secure way and be operated with a high security level.
  • Electronic or electro-mechanical lock systems having locks or the like that are connected to a central computer or system by means of a cable network have been in use for many years.
  • the operation of these systems are managed from the central computer which communicate the applicable rules via a local network (LAN) to individual door access control (DAC) units.
  • LAN local network
  • DAC door access control
  • the DAC units in turn communicate e.g. log information to the central computer.
  • One way of achieving secure communication on a pre-existing network is to use encrypted data for communication between the central computer and the individual DAC units.
  • the different units communicating must have encryption/decryption keys installed. These keys could be installed by skilled personnel that provide each and every unit with the required keys.
  • One problem associated with this solution is that the persons normally installing such lock systems are not skilled personnel in the sense that they are not familiar with computer hardware and software. Thus, installation of encryption/decryption keys would be performed by expensive personnel in a separate step after the physical installation of the system, leading to increased costs. Also, the use of individuals for installing software is a security risk in itself.
  • a problem in prior art is thus to provide a lock system which shows a high degree of security while the installation and set-up of the system can be effected in an easy way.
  • US-B1-6 615 350 discloses computer systems wherein cryptographic policies involving certificates are implemented
  • WO-A-01/66888 discloses secure distribution of key and lock devices between manufacturer, distributor and end users.
  • An object of the present invention is to provide a lock system wherein the prior art drawbacks are avoided and in which encryption keys can be installed in an easy and yet secure way. This means that one specific object is that installation of components must be as simple as possible.
  • Another object is that security breach by customer mistakes must not affect other customers or the manufacturer.
  • Yet another object is to provide a system and method wherein existing standards and implementations are used as much as possible.
  • Still yet another object is to provide a method wherein system requirements are kept as small as possible.
  • the invention is based on the realisation that the use of certificates in combination with asymmetric and symmetric encryption in a lock system provides a secure yet efficient solution to the above described problem.
  • a unique symmetric encryption key is used for each door access control unit. This ensures that the integrity of the lock system is maintained in the case one or more of the DAC units are taken over by a fraudulent person trying to gain unauthorized access to the premise in which the lock system is installed.
  • lock system is intended to cover all types of electronic lock systems wherein the door access units control electronic or electro-mechanical locks, card readers, panic buttons etc. (not shown in the figures) and is thus not limited to systems comprising conventional lock cylinders or the like.
  • FIG. 1 It is there shown a manufacturer computer system 10, which comprises computer hardware with peripherals etc. and access to the Internet.
  • the manufacturer computer system runs software adapted for processing of customer certificates.
  • the management system is divided into a front end system that collects signature request and a back end system that holds the manufacturer's private key used for signing of a customer public key.
  • the subsystem that contain the private key responsible for signing customers certificate is not exposed to public networks
  • a number of customer lock systems each comprises a customer management computer 110 connected to a plurality of door access control (DAC) units 120 via a local area network (LAN) 130.
  • DAC door access control
  • LAN local area network
  • the LAN could be Ethernet-based but the invention does not exclude other kinds of networks.
  • the management computer 110 is the computer wherein all rules relating to the lock system 100 is managed and stored. These rules can be related to which individuals are authorised to open which doors, temporal restrictions to access to doors etc. These rules are downloaded to the individual DAC units 120 which effect the physical control of the doors by means of actuators etc.
  • the present invention uses the well-known Public Key Infrastructure (PKI) which uses techniques for public-key encryption, also referred to as asymmetric encryption.
  • PKI Public Key Infrastructure
  • each entity has a public key and a corresponding private key.
  • the public key defines an encryption transformation
  • the private key defines the associated decryption transformation.
  • Any entity wishing to send a message to another entity A obtains an authentic copy of A's public key, uses the encryption transformation to obtain the cipher text, and transmits this cipher text to A. To decrypt the cipher text, A applies the decryption transformation to obtain the original message.
  • the public key need not be kept secret, and, in fact, may be widely available - only its authenticity is required to guarantee that A is indeed the only party who knows the corresponding private key.
  • a primary advantage of such systems is that providing authentic public keys is generally easier than distributing secret keys securely, as required in symmetric key systems.
  • A's encryption transformation is public knowledge, public-key encryption alone does not provide data origin authentication or data integrity. Such assurances must be provided through use of additional techniques, including message authentication codes and digital signatures. Public-key encryption schemes are typically substantially slower than symmetric-key encryption algorithms.
  • Public-key decryption may also provide authentication guarantees in entity authentication and authenticated key establishment protocols.
  • the Public Key Infrastructure in a lock system will now be described with reference to fig. 2 , wherein part of the environment shown in fig. 1 is detailed. More specifically, the manufacturer computer system 10, a management computer 110, and a DAC unit 120 are shown therein, but not the physical interconnections (the Internet, LAN). It is here seen that the manufacturer functions as an upper level Certificate Authority - CA level 1 - and the lock system owner as a lower level CA - CA level 2. To achieve a scalable installation of the DAC units 120 and to restrict problems of a comprised management computer to a customer domain, part of the PKI have been arranged as this hierarchy.
  • the manufacturer public key is installed in the DAC unit at a trusted factory.
  • a security feature is boot-strapped into the DAC units in the form of a certificate trusting the manufacturer's software. This means that the DAC units' software can only be installed under the manufacturer's control.
  • Each and every DAC unit 120 is thus provided with the manufacturer public key. This is a more efficient and reliable way than providing the public key when the DAC unit already has been installed.
  • This method also provides DAC units that are essentially identical before delivery, facilitating logistics and storage.
  • each DAC unit is provided with a unique serial number. However, this is not important for the present invention.
  • a DAC unit When a DAC unit boots for the first time it retrieves the installer program image, checks the signature against the factory installed manufacturer public key and starts to execute upon match.
  • the temporary installer application is capable of verifying the manufacturer's signature of the customer's public key and could verify that the certificate presented by the management computer 110 has been signed by the manufacturer computer 10.
  • the manufacturer public certificate is bundled with the installer image, which is signed by manufacturer private key.
  • the DAC units only trust the manufacturer at delivery, the customers do not have full control over their own system, which in their view is unacceptable.
  • This certificate is delivered on-line through a procedure, wherein the receiver is obliged to identify himself or herself. More specifically, the receiver is indicated in the certificate as attributes. This ensures that a specific individual is responsible, increasing the security level of the inventive concept.
  • the certificate signed by the manufacturer is used in a further step to install a certificate trusting the customer. In that way, the customer gets full control of the system except for software updating, see below.
  • a lock system owner buys the management computer software and obtains media together with a unique code
  • the name of the lock system owner is registered in the manufacturer computer 10 together with the software version.
  • the lock system owner is then instructed to contact the manufacturer to get its management computer public key signed by the manufacturer, i.e., the upper level CA.
  • the lock system owner's management computer public certificate is then added in a database located in the manufacturer computer 10.
  • the management computer 110 When the lock system owner installs the lock system software or when the lock system 100 is about to be set up, the management computer 110 generates a symmetric encryption key pair and makes available the certificate signed by the manufacturer. In that way, the management computer 110 becomes a CA of itself.
  • the installer program image that has been installed in the DAC unit accepts the management computer public certificate signed by the manufacturer.
  • An encrypted and authenticated channel is then established, such as by means of an SSL-session using asymmetric encryption, between the management computer and the DAC unit.
  • the DAC unit then installs the symmetric secret key from the management computer. From this moment asymmetric methods are replaced by symmetric by terminating the asymmetrically encrypted channel and establishing a symmetrically encrypted tunnel and the DAC unit could thereafter only be controlled by the management computer to prevent hostile takeover from other management computer systems.
  • the factory installed manufacturer public key remains in the DAC unit to verify software from the manufacturer. This prevents customers to remote install unauthorized software in the DAC unit.
  • Asymmetric encryption is more demanding on hardware, which is inconvenient when taking hardware costs into consideration. This is one reason why the lock system according to the invention operates in a secure yet efficient way.
  • the manufacturer public key is distributed on-line.
  • the manufacturer public key can also be distributed on compact disc, for example, when the software product is purchased.
  • the receiver of the manufacturer certificate is indicated as attributes in the certificate.
  • each certificate has a unique serial number distinguishing it from other certificates. It is also preferred that the certificate is protected by means of some kind of password, such as a PIN code.
  • the manufacturer computer system and management computers have been described as interconnected via the Internet. It will be appreciated that some of the management computers are not connected to the outside. In that case communication between the manufacturer computer system and management computers can be effected via other media, such as diskettes, compact discs etc.
  • manufacturer computer system has been described as one single computer. It will be appreciated that there can be more than one computer at the manufacturer having different functions.

Abstract

A lock system (100) is owned by a lock system owner and comprises a management computer (110) connected to a plurality of door access control units (120). A method of configuring this system comprises the following steps: installing in the door access control units a first certificate issued by a manufacturer (10) of the lock system; providing at the management computer (110) a second certificate issued by the lock system owner and signed by the manufacturer; transmitting from the management computer to a first door access control unit of the door access units the signed second certificate together with a symmetric encryption key used by the lock system owner; installing by means of asymmetric encryption the second certificate at the first door access control unit after checking the authenticity of the signed second certificate; and establishing of symmetric encryption communication between the management computer and the first door access unit. Simple yet secure installation of the lock system is thereby achieved.

Description

    FIELD OF INVENTION
  • The present invention relates generally to lock systems and more particularly to a lock system which can be set up in an easy and yet secure way and be operated with a high security level.
    • BACKGROUND
  • Electronic or electro-mechanical lock systems having locks or the like that are connected to a central computer or system by means of a cable network have been in use for many years. The operation of these systems are managed from the central computer which communicate the applicable rules via a local network (LAN) to individual door access control (DAC) units. The DAC units in turn communicate e.g. log information to the central computer.
  • It is of vital importance that the communication between the central computer and the individual DAC units is secure, i.e., that it cannot be intercepted and interpreted or manipulated by a fraudulent person trying to gain unauthorized access to the premise in which the lock system is installed.
  • In prior art lock systems this high level of security has been achieved by the use of proprietary communication protocols, shielded communication wires etc. However, today's users are not prepared to install a separate protected cable network for a lock system in parallel with a computer network already installed in the office, such as an Ethernet based network, or to use proprietary systems tying them to one or a limited number of suppliers.
  • One way of achieving secure communication on a pre-existing network is to use encrypted data for communication between the central computer and the individual DAC units. However, before using encrypted communication, the different units communicating must have encryption/decryption keys installed. These keys could be installed by skilled personnel that provide each and every unit with the required keys. One problem associated with this solution is that the persons normally installing such lock systems are not skilled personnel in the sense that they are not familiar with computer hardware and software. Thus, installation of encryption/decryption keys would be performed by expensive personnel in a separate step after the physical installation of the system, leading to increased costs. Also, the use of individuals for installing software is a security risk in itself.
  • A problem in prior art is thus to provide a lock system which shows a high degree of security while the installation and set-up of the system can be effected in an easy way.
  • US-B1-6 615 350 discloses computer systems wherein cryptographic policies involving certificates are implemented WO-A-01/66888 discloses secure distribution of key and lock devices between manufacturer, distributor and end users.
    • SUMMARY bF THE INVENTION
  • An object of the present invention is to provide a lock system wherein the prior art drawbacks are avoided and in which encryption keys can be installed in an easy and yet secure way. This means that one specific object is that installation of components must be as simple as possible.
  • Another object is that security breach by customer mistakes must not affect other customers or the manufacturer.
  • Yet another object is to provide a system and method wherein existing standards and implementations are used as much as possible.
  • Still yet another object is to provide a method wherein system requirements are kept as small as possible.
  • The invention is based on the realisation that the use of certificates in combination with asymmetric and symmetric encryption in a lock system provides a secure yet efficient solution to the above described problem.
  • According to the invention there are provided method of installing a lock system as defined in claim 1 and a lock system as defined in claim 9.
  • By providing a lock system which is set up by means of both asymmetric and symmetric communication between the units in the system both simple installation and high security are achieved.
  • In a particularly preferred embodiment, a unique symmetric encryption key is used for each door access control unit. This ensures that the integrity of the lock system is maintained in the case one or more of the DAC units are taken over by a fraudulent person trying to gain unauthorized access to the premise in which the lock system is installed.
  • Further preferred embodiments are defined by the dependent claims.
    • BRIEF DESCRIPTION OF DRAWINGS
  • The invention is now described, by way of example, with reference to the accompanying drawings, in which:
    • fig. 1 is an overall view of a the hardware including a manufacturer and customer lock systems;
    • fig. 2 is a block diagram showing a Public Key Infrastructure implemented in the lock system according to the invention;
    • fig. 3 is a simplified diagram showing the different steps in the method according to the invention; and
    • fig. 4 is a detailed diagram showing the different steps in the method according to the invention.
    DETAINED DESCRIPTION OF THE INVENTION
  • In the following a detailed description of a preferred embodiment of the present invention will be given.
  • In the present description, the term "lock system" is intended to cover all types of electronic lock systems wherein the door access units control electronic or electro-mechanical locks, card readers, panic buttons etc. (not shown in the figures) and is thus not limited to systems comprising conventional lock cylinders or the like.
  • An environment in which the present invention is implemented will now be described with reference to figure 1. It is there shown a manufacturer computer system 10, which comprises computer hardware with peripherals etc. and access to the Internet. The manufacturer computer system runs software adapted for processing of customer certificates. The management system is divided into a front end system that collects signature request and a back end system that holds the manufacturer's private key used for signing of a customer public key. The subsystem that contain the private key responsible for signing customers certificate is not exposed to public networks
  • A number of customer lock systems, generally designated 100, two of which are shown in the figure, each comprises a customer management computer 110 connected to a plurality of door access control (DAC) units 120 via a local area network (LAN) 130. The LAN could be Ethernet-based but the invention does not exclude other kinds of networks.
  • The management computer 110 is the computer wherein all rules relating to the lock system 100 is managed and stored. These rules can be related to which individuals are authorised to open which doors, temporal restrictions to access to doors etc. These rules are downloaded to the individual DAC units 120 which effect the physical control of the doors by means of actuators etc.
  • The present invention uses the well-known Public Key Infrastructure (PKI) which uses techniques for public-key encryption, also referred to as asymmetric encryption. In public-key encryption systems each entity has a public key and a corresponding private key. The public key defines an encryption transformation, while the private key defines the associated decryption transformation. Any entity wishing to send a message to another entity A obtains an authentic copy of A's public key, uses the encryption transformation to obtain the cipher text, and transmits this cipher text to A. To decrypt the cipher text, A applies the decryption transformation to obtain the original message.
  • The public key need not be kept secret, and, in fact, may be widely available - only its authenticity is required to guarantee that A is indeed the only party who knows the corresponding private key. A primary advantage of such systems is that providing authentic public keys is generally easier than distributing secret keys securely, as required in symmetric key systems.
  • Since A's encryption transformation is public knowledge, public-key encryption alone does not provide data origin authentication or data integrity. Such assurances must be provided through use of additional techniques, including message authentication codes and digital signatures. Public-key encryption schemes are typically substantially slower than symmetric-key encryption algorithms.
  • Public-key decryption may also provide authentication guarantees in entity authentication and authenticated key establishment protocols.
  • The Public Key Infrastructure in a lock system according to the invention will now be described with reference to fig. 2, wherein part of the environment shown in fig. 1 is detailed. More specifically, the manufacturer computer system 10, a management computer 110, and a DAC unit 120 are shown therein, but not the physical interconnections (the Internet, LAN). It is here seen that the manufacturer functions as an upper level Certificate Authority - CA level 1 - and the lock system owner as a lower level CA - CA level 2. To achieve a scalable installation of the DAC units 120 and to restrict problems of a comprised management computer to a customer domain, part of the PKI have been arranged as this hierarchy.
  • The installation procedure for the lock system shown in fig. 1 will now be explained in detail with reference to fig. 3, which shows the major steps of the procedure, and fig. 4, which is a more detailed representation.
  • As a first step, the manufacturer public key is installed in the DAC unit at a trusted factory. A security feature is boot-strapped into the DAC units in the form of a certificate trusting the manufacturer's software. This means that the DAC units' software can only be installed under the manufacturer's control.
  • Each and every DAC unit 120 is thus provided with the manufacturer public key. This is a more efficient and reliable way than providing the public key when the DAC unit already has been installed. This method also provides DAC units that are essentially identical before delivery, facilitating logistics and storage. Optionally, each DAC unit is provided with a unique serial number. However, this is not important for the present invention.
  • When a DAC unit boots for the first time it retrieves the installer program image, checks the signature against the factory installed manufacturer public key and starts to execute upon match. The temporary installer application is capable of verifying the manufacturer's signature of the customer's public key and could verify that the certificate presented by the management computer 110 has been signed by the manufacturer computer 10. The manufacturer public certificate is bundled with the installer image, which is signed by manufacturer private key.
  • Because the DAC units only trust the manufacturer at delivery, the customers do not have full control over their own system, which in their view is unacceptable. Each customer wants control of its own system. Therefore, the customer receives a certificate signed by the manufacturer. This certificate is delivered on-line through a procedure, wherein the receiver is obliged to identify himself or herself. More specifically, the receiver is indicated in the certificate as attributes. This ensures that a specific individual is responsible, increasing the security level of the inventive concept.
  • The certificate signed by the manufacturer is used in a further step to install a certificate trusting the customer. In that way, the customer gets full control of the system except for software updating, see below.
  • When a lock system owner buys the management computer software and obtains media together with a unique code, the name of the lock system owner is registered in the manufacturer computer 10 together with the software version. The lock system owner is then instructed to contact the manufacturer to get its management computer public key signed by the manufacturer, i.e., the upper level CA. The lock system owner's management computer public certificate is then added in a database located in the manufacturer computer 10.
  • When the lock system owner installs the lock system software or when the lock system 100 is about to be set up, the management computer 110 generates a symmetric encryption key pair and makes available the certificate signed by the manufacturer. In that way, the management computer 110 becomes a CA of itself.
  • After having been connected to the LAN 130, when the DAC unit 120 is turned on, the installer program image that has been installed in the DAC unit accepts the management computer public certificate signed by the manufacturer. An encrypted and authenticated channel is then established, such as by means of an SSL-session using asymmetric encryption, between the management computer and the DAC unit. By means of this communication channel, the DAC unit then installs the symmetric secret key from the management computer. From this moment asymmetric methods are replaced by symmetric by terminating the asymmetrically encrypted channel and establishing a symmetrically encrypted tunnel and the DAC unit could thereafter only be controlled by the management computer to prevent hostile takeover from other management computer systems.
  • In the preferred embodiment, the factory installed manufacturer public key remains in the DAC unit to verify software from the manufacturer. This prevents customers to remote install unauthorized software in the DAC unit.
  • After the set-up of the lock system 100 has been completed, further communications between the management computer 110 and the DAC 120 are effected by means of symmetric encryption. A unique symmetric encryption key is used for each DAC unit, i.e., the management computer uses different symmetric encryption keys for the DAC units. This ensures that the integrity of the lock system is maintained in the case one or more of the DAC units are taken over by a fraudulent person trying to gain unauthorized access to the premise in which the lock system is installed.
  • Asymmetric encryption is more demanding on hardware, which is inconvenient when taking hardware costs into consideration. This is one reason why the lock system according to the invention operates in a secure yet efficient way.
  • It has been described how the manufacturer public key is distributed on-line. However, the manufacturer public key can also be distributed on compact disc, for example, when the software product is purchased.
  • Further communication between the manufacturer and the customer can be on-line by means of the Internet, for example, or by means of other media, such as compact disks.
  • In the described embodiment, the receiver of the manufacturer certificate is indicated as attributes in the certificate. As an alternative, each certificate has a unique serial number distinguishing it from other certificates. It is also preferred that the certificate is protected by means of some kind of password, such as a PIN code.
  • A preferred embodiment of a lock system according to the invention has been described. A person skilled in the art realises that this could be varied within the scope of the appended claims.
  • The manufacturer computer system and management computers have been described as interconnected via the Internet. It will be appreciated that some of the management computers are not connected to the outside. In that case communication between the manufacturer computer system and management computers can be effected via other media, such as diskettes, compact discs etc.
  • For ease of understanding, the manufacturer computer system has been described as one single computer. It will be appreciated that there can be more than one computer at the manufacturer having different functions.

Claims (10)

  1. A method of configuring a lock system (100) owned by a lock system owner and comprising a management computer (110) connected to a plurality of door access control units (120), said method comprising the following steps:
    a) installing in the door access control units a first certificate issued and signed by a manufacturer (10) of the lock system;
    b) installing at the management computer (110) a second certificate assigned to the lock system owner and issued and signed by the manufacturer;
    c) transmitting from the management computer to a first door access control unit of the door access units the signed second certificate together with a symmetric encryption key used by the lock system owner;
    d) installing by means of asymmetric encryption the second certificate at the first door access control unit after checking the authenticity of the signed second certificate by means of the installed first certificate; and
    e) establishing of symmetric encryption communication between the management computer and the first door access unit.
  2. The method according to claim 1, wherein a unique symmetric encryption key is used for each door access control unit.
  3. The method according to claim 1 or 2, wherein the step of installing a first certificate is performed under the control of a boot strapped security feature in the door access control unit.
  4. The method according to any of claims 1-3, wherein the step of providing at the management computer a second certificate is performed on-line through a procedure, wherein a receiver identifies himself or herself.
  5. The method according to claim 4, wherein the identity of the receiver is indicated in the second certificate as attributes.
  6. The method according to any of claims 1-5, wherein the step of providing a second certificate comprises providing a symmetric encryption key pair.
  7. The method according to any of claims 1-6, wherein the step of transmitting from the management computer to a first door access control unit the signed second certificate is preformed as an SSL-session.
  8. The method according to any of claims 1-7, wherein the step of installing the second certificate involves keeping the first certificate so as to verify data from the manufacturer.
  9. A lock system (100) owned by a lock system owner and comprising a management computer (110) connected to a plurality of door access control units (120), which lock system is arranged to communicate with a manufacturer system (10) of a manufacturer of the lock system, characterized by
    - a first certificate issued and signed by the manufacturer system (10) and provided in the door access control units (120);
    - a second certificate assigned to the lock system owner, issued and signed by the manufacturer system and provided in the management computer (110);
    - a symmetric encryption key pair provided in the management computer and a respective door access control unit (120); and
    - a public asymmetric encryption key for the manufacturer provided in the door access control units.
  10. The lock system according to claim 9, wherein a unique symmetric encryption key is provided for each door access control unit.
EP04775530A 2003-10-16 2004-10-12 A lock system and a method of configuring a lock system. Active EP1678683B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE0302733A SE525847C2 (en) 2003-10-16 2003-10-16 Ways to configure a locking system and locking system
PCT/SE2004/001448 WO2005038727A1 (en) 2003-10-16 2004-10-12 A lock system and a method of configuring a lock system.

Publications (2)

Publication Number Publication Date
EP1678683A1 EP1678683A1 (en) 2006-07-12
EP1678683B1 true EP1678683B1 (en) 2009-12-09

Family

ID=29398746

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04775530A Active EP1678683B1 (en) 2003-10-16 2004-10-12 A lock system and a method of configuring a lock system.

Country Status (7)

Country Link
EP (1) EP1678683B1 (en)
AT (1) ATE451672T1 (en)
AU (1) AU2004281437A1 (en)
DE (1) DE602004024567D1 (en)
NO (1) NO336212B1 (en)
SE (1) SE525847C2 (en)
WO (2) WO2005038727A1 (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7706778B2 (en) 2005-04-05 2010-04-27 Assa Abloy Ab System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone
WO2007045051A1 (en) 2005-10-21 2007-04-26 Honeywell Limited An authorisation system and a method of authorisation
US8074271B2 (en) 2006-08-09 2011-12-06 Assa Abloy Ab Method and apparatus for making a decision on a card
US9985950B2 (en) 2006-08-09 2018-05-29 Assa Abloy Ab Method and apparatus for making a decision on a card
EP2332386A4 (en) 2008-09-30 2014-07-23 Honeywell Int Inc Systems and methods for interacting with access control devices
IT1392268B1 (en) * 2008-12-02 2012-02-22 Sata Hts Hi Tech Services S P A AUTHENTICATION PROCESS VIA TOKEN GENERANTE ONE TIME PASSWORD
US8878931B2 (en) 2009-03-04 2014-11-04 Honeywell International Inc. Systems and methods for managing video data
US9019070B2 (en) 2009-03-19 2015-04-28 Honeywell International Inc. Systems and methods for managing access control devices
FR2945177A1 (en) * 2009-04-30 2010-11-05 Pascal Metivier SECURE PROGRAMMING AND MANAGEMENT SYSTEM FOR LOCKS HAVING CONTACTLESS AND COMMANDABLE COMMUNICATION MEANS BY AN NFC PORTABLE TELEPHONE
US9280365B2 (en) 2009-12-17 2016-03-08 Honeywell International Inc. Systems and methods for managing configuration data at disconnected remote devices
US9894261B2 (en) 2011-06-24 2018-02-13 Honeywell International Inc. Systems and methods for presenting digital video management system information via a user-customizable hierarchical tree interface
WO2013020165A2 (en) 2011-08-05 2013-02-14 HONEYWELL INTERNATIONAL INC. Attn: Patent Services Systems and methods for managing video data
US10362273B2 (en) 2011-08-05 2019-07-23 Honeywell International Inc. Systems and methods for managing video data
US9344684B2 (en) 2011-08-05 2016-05-17 Honeywell International Inc. Systems and methods configured to enable content sharing between client terminals of a digital video management system
PL2821970T5 (en) 2013-07-05 2019-12-31 Assa Abloy Ab Access control communication device, method, computer program and computer program product
EP2821972B1 (en) 2013-07-05 2020-04-08 Assa Abloy Ab Key device and associated method, computer program and computer program product
US9443362B2 (en) 2013-10-18 2016-09-13 Assa Abloy Ab Communication and processing of credential data
US10523903B2 (en) 2013-10-30 2019-12-31 Honeywell International Inc. Computer implemented systems frameworks and methods configured for enabling review of incident data
US10192383B2 (en) 2014-09-10 2019-01-29 Assa Abloy Ab First entry notification

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US6615350B1 (en) * 1998-03-23 2003-09-02 Novell, Inc. Module authentication and binding library extensions

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5506905A (en) * 1994-06-10 1996-04-09 Delco Electronics Corp. Authentication method for keyless entry system
SE517465C2 (en) * 2000-03-10 2002-06-11 Assa Abloy Ab Method of authorizing a key or lock device, electromechanical key and lock device and key and lock system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US6615350B1 (en) * 1998-03-23 2003-09-02 Novell, Inc. Module authentication and binding library extensions

Also Published As

Publication number Publication date
ATE451672T1 (en) 2009-12-15
EP1678683A1 (en) 2006-07-12
DE602004024567D1 (en) 2010-01-21
NO20062179L (en) 2006-05-15
SE0302733D0 (en) 2003-10-16
SE525847C2 (en) 2005-05-10
AU2004281437A1 (en) 2005-04-28
WO2005038728A1 (en) 2005-04-28
NO336212B1 (en) 2015-06-15
WO2005038727A1 (en) 2005-04-28
SE0302733L (en) 2005-04-17

Similar Documents

Publication Publication Date Title
EP1678683B1 (en) A lock system and a method of configuring a lock system.
US7904952B2 (en) System and method for access control
US8412927B2 (en) Profile framework for token processing system
US6134327A (en) Method and apparatus for creating communities of trust in a secure communication system
US5872847A (en) Using trusted associations to establish trust in a computer network
US5692124A (en) Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
AU2006278422B2 (en) System and method for user identification and authentication
US7685421B2 (en) System and method for initializing operation for an information security operation
CA2573101C (en) System and method for implementing digital signature using one time private keys
US6490679B1 (en) Seamless integration of application programs with security key infrastructure
US6212636B1 (en) Method for establishing trust in a computer network via association
US6931549B1 (en) Method and apparatus for secure data storage and retrieval
EP0936530A1 (en) Virtual smart card
EP1191743B1 (en) Method and device for performing secure transactions
US20060253702A1 (en) Secure gaming server
US20140089437A1 (en) Method and system for remote activation and management of personal security devices
US20060064582A1 (en) Method and system for license management
US20080005339A1 (en) Guided enrollment and login for token users
US20080209216A1 (en) Method and system for automated authentication of a device to a management node of a computer network
US6215872B1 (en) Method for creating communities of trust in a secure communication system
CN101816140A (en) Token-based management system for PKI personalization process
WO2009002963A1 (en) Method and apparatus for securing unlock password generation and distribution
EP1501238B1 (en) Method and system for key distribution comprising a step of authentication and a step of key distribution using a KEK (key encryption key)
GB2404535A (en) Secure transmission of data via an intermediary which cannot access the data
EP1185024B1 (en) System, method, and program for managing a user key used to sign a message for a data processing system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060510

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

17Q First examination report despatched

Effective date: 20061114

DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REF Corresponds to:

Ref document number: 602004024567

Country of ref document: DE

Date of ref document: 20100121

Kind code of ref document: P

REG Reference to a national code

Ref country code: NL

Ref legal event code: VDEP

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100409

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100320

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100309

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100310

26N No opposition filed

Effective date: 20100910

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101031

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101031

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101031

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101102

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20110630

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101012

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20100610

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20101012

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20091209

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20191010

Year of fee payment: 16

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20201012

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20201012

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20230912

Year of fee payment: 20