US20050138380A1 - Entry control system - Google Patents
Entry control system Download PDFInfo
- Publication number
- US20050138380A1 US20050138380A1 US10/740,518 US74051803A US2005138380A1 US 20050138380 A1 US20050138380 A1 US 20050138380A1 US 74051803 A US74051803 A US 74051803A US 2005138380 A1 US2005138380 A1 US 2005138380A1
- Authority
- US
- United States
- Prior art keywords
- security
- secure
- access module
- authentication
- life cycle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Definitions
- the present invention relates generally to a data processing method AND system and more specifically to a wireless communications physical access control system which merges physical and logical access controls using the security features afforded by implementation of security tokens with standardized authentication protocols.
- HID Corporation offers an advanced contactless smart card driven door controller MIFARE® (6055B).
- MIFARE® 6055B
- the advanced implementation of a contactless smart card provides a convenient and secure medium for use with both physical and logical security systems.
- a major drawback of this security controller is the lack of a standard network interface. Instead, the controller is provided with an RS-232C interface for local connection with a standard personal computer system using. (See HID MIFARE® (6055B) Reference Sheet, MRG-EN-US, Rev. 10-02 which is herein incorporated by reference.)
- the RS-232C interface is used to locally load or update a memory cache associated with the security controller with authorized smart card codes using proprietary software and communication protocols running on a personal computer. This arrangement limits scalability, requires that remote security controllers be managed individually and prevents dynamic and centralized changes to be made to authorized smart card codes.
- security controller vendors do offer standard network interface capabilities but usually incorporate weak static passwords and/or proprietary authentication coding which is less than ideal, particularly in evolving wireless security controller implementations where communications with a centralized security system may be more easily intercepted.
- the security controllers are usually routed to a centralized control panel using a serial link which is then connected to a standard network.
- an ideal security controller would include standard network interface capabilities, ensures secure communications with an integrated security system even over wireless telecommunications links, takes advantage of the convenience and security offered by smart cards and seamlessly integrates with current generation logical security systems.
- the security system incorporates a security controller having standard network interface capabilities and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes.
- critical security parameter as referred to herein incorporate the U.S. National Institute of Standards and Technology (NIST) definition specified in FIPS PUB 140-2, “Security Requirements For Security tokens,” and includes authentication data and attributes, passwords, PINs, biometric samples, asymmetric and symmetric cryptographic keys.
- NIST National Institute of Standards and Technology
- security token referred to herein include hardware based security devices such as cryptographic modules, smart cards, integrated circuit chip cards, portable data carriers (PDC), personal security devices (PSD), subscriber identification modules (SIM), wireless identification modules (WIM), USB token dongles, identification tokens, secure application modules (SAM), hardware security modules (HSM), secure multi-media token (SMMC), trusted platform computing alliance chips (TPCA) and like devices.
- hardware based security devices such as cryptographic modules, smart cards, integrated circuit chip cards, portable data carriers (PDC), personal security devices (PSD), subscriber identification modules (SIM), wireless identification modules (WIM), USB token dongles, identification tokens, secure application modules (SAM), hardware security modules (HSM), secure multi-media token (SMMC), trusted platform computing alliance chips (TPCA) and like devices.
- PDC portable data carriers
- PSD personal security devices
- SIM subscriber identification modules
- WIM wireless identification modules
- USB token dongles identification tokens
- SAM secure application modules
- HSMMC hardware security modules
- the method portion of the invention comprises establishing a secure communications connection over a network between a security controller and at least an authentication server, operatively coupling a security token to the security controller, sending a critical security parameter from the security token to the security controller for authentication, sending the critical security parameter to the authentication server via the secure communications connection, performing an authentication transaction by the authentication server for the critical security parameter and sending a result of the authentication transaction from the authentication server to the security controller via the secure communications connection.
- the final action of the method portion of the invention energizes an electromechanical circuit controlled by the security controller if the result is affirmative of the authentication transaction being successful.
- the electromechanical circuit is associated with a physical access gateway, where energizing the electromechanical circuit opens the physical access gateway
- the duration in which the electromechanical circuit is energized may have a pre-established duration specific to the security token. This allows for controlling the opening of a gateway such as a door to accommodate deliveries or allow physically disabled persons to transit the doorway.
- the secure communications connection includes a shared secret established between the security controller which is securely maintained by a secure access module operatively coupled to the security controller.
- the security controller is one of a plurality of security controllers, all of which are networked clients of the authentication server.
- at least a portion of the secure communications connection is established over a wireless telecommunications link which incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- the security controller is further in secure communications over the network with a life cycle management server.
- the life cycle management server is adapted to perform life cycle management functions related to applications, critical security parameters or user data installed in either the security token or the secure access module.
- the invention comprises establishing a secure communications connection over a network between at least an authentication server and a secure access module associated with a security controller, operatively coupling a security token to the secure access module via an interface coupled to the security controller, sending a critical security parameter from the security token to the secure access module, sending the critical security parameter to the authentication server via the secure communications connection, performing an authentication transaction by the authentication server via a process which incorporates the critical security parameter, sending a result of the authentication transaction from the authentication server to the security controller via the secure communications connection and energizing an electromechanical circuit controlled by the security controller if the result is affirmative of the authentication transaction being successful. Energizing the electromechanical circuit opens a physical access gateway.
- the secure communications connection incorporates a shared secret which is maintained by the authentication server and the secure access module.
- the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- the invention comprises performing one or more life cycle management transactions with a secure access module coupled to a security controller and a life cycle management by establishing a secure communications connection between a secure access module and at least a life cycle management server and performing one or more life cycle management transactions with the secure access module in conjunction with the at least a life cycle management server.
- the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- the invention comprises physically controlling access to a protected location by sending one or more critical security parameters from one or more security tokens to a secure access module operatively coupled to a security controller for authentication, performing one or more authentication transactions by the secure access module using the one or more critical security parameters, temporarily maintaining a local access list of the one or more critical security parameters which have been authenticated by the secure access module, sending the local access list to an authentication server, and updating a master access list maintained by the authentication server.
- the local access list is sent over an IEEE 802.x standard network arrangement.
- the secure access module is further in secure communications over the network with a life cycle management server.
- the life cycle management server is adapted to perform life cycle management functions related to applications, critical security parameters or user data installed in either the security token or the secure access module.
- the embodiment includes a security token operatively coupled to a security controller and includes the means for sending a critical security parameter to the security controller for authentication; a secure access module (SAM) is likewise operatively coupled to the security controller and includes the means for securely maintaining a shared secret established by an authentication server and incorporating the shared secret into a secure communications connection established with at least an authentication server.
- SAM secure access module
- An electromechanical control means is further likewise operatively coupled to the security controller means and includes the means for opening a physical access gateway when energized.
- the security controller includes means for establishing the secure communications connection with the authentication server, sending the critical security parameter to the authentication server via the secure communications connection and energizing the electromechanical control means in response to an affirmative authentication result received from the authentication server; and,
- the authentication server includes means for establishing the secure communications with the security controller, performing an authentication transaction in response to receiving the critical security parameter from the security controller and supplying the affirmative authentication result to the security controller via the secure communications connection following a successful authentication of the critical security parameter.
- a portion of the secure communications connection is established over a wireless telecommunications link.
- the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- the secure access module further includes means for locally performing the authentication transaction.
- the security controller or the secure access module further includes means for maintaining an access list of locally authenticated critical security parameters and the authentication server further includes means for receiving the access list of locally authenticated critical security parameters and updating a master access associated with the authentication server.
- a life cycle management server in another embodiment, includes means for establishing a secure communications connection between either the secure access module or the security, and performing one or more life cycle management transactions with the secure access module in conjunction with the life cycle management server.
- the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- the invention comprises a security apparatus for physically controlling access to a protected location including a security controller having a processor, a memory coupled to the processor, a security token interface coupled to the processor, a network transceiver coupled to the processor, a secure access module coupled to the processor, an electromagnetic control circuit coupled to the processor and at least application installed in a portion of the memory having logical instructions executable by the processor to establish a secure communications connection over a network with an authentication server over a network via the network transceiver, perform an authentication transaction in conjunction with the authentication server for a critical security parameter received via the security token interface, receive and maintain a shared secret in the secure access module, incorporate the shared secret into the secure communications connection and energize the electromechanical control circuit upon receipt of an affirmative authentication result associated with the authentication transaction.
- the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- energizing the electromechanical control circuit opens a physical access gateway.
- the secure access module includes means for performing one or more life cycle management transactions in conjunction with either the authentication server or a life cycle management server, where the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- the invention comprises a system for performing one or more life cycle management transactions with a secure access module coupled to a security controller and a life cycle management server.
- the system includes a secure access module operatively coupled to a security controller and provided with means for securely performing life cycle management functions in conjunction with a life cycle management server.
- the security controller is provided with means for exchanging communications between the secure access module and the life cycle management server and the life cycle server is provided with means for securely performing one or more life cycle management transactions in conjunction with the secure access module.
- the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- the security controller and the life cycle server are in processing communications over a wireless telecommunications link.
- FIG. 1 is a generalized block diagram of a security token enabled authentication server.
- FIG. 1A is a generalized block diagram of a security controller.
- FIG. 1B is a generalized block diagram of a security token.
- FIG. 2 is a detailed block diagram of one embodiment of the invention where a security token enabled authentication server is in processing communications with a security controller over a wireless telecommunications link.
- FIG. 2A is a detailed block diagram of the invention where a shared secret is established between the authentication server and the security controller as part of the RADIUS authentication protocol.
- FIG. 2B is a detailed block diagram of the invention where a critical security parameter is securely sent to the authentication server for authentication.
- FIG. 2C is a detailed block diagram of the invention where the authentication server performs an authentication transaction using the received critical security parameter.
- FIG. 2D is a detailed block diagram of the invention where an affirmative result is generated from the authentication transaction and securely sent to the security controller.
- FIG. 2E is a detailed block diagram of the invention where a life cycle management transaction is performed between the secure access module and the authentication server.
- FIG. 2F is a detailed block diagram of another embodiment of the invention where a critical security parameter is locally authenticated by a secure access module associated with a security controller.
- FIG. 2G is a detailed block diagram of another embodiment of the invention where one or more life cycle management transactions are performed between a life cycle management server, the authentication server, the secure access module and the security token.
- FIG. 3 is a flow diagram illustrating the major steps associated with physically controlling access to a protected location using the invention.
- FIG. 3A is a flow diagram illustrating the major steps associated with performing a critical security parameter management transaction between the secure access module and the authentication server.
- FIG. 3B is a flow diagram illustrating the major steps associated with locally performing a critical security parameter authentication and sending an access list to the authentication server.
- This present invention provides an integrated security system which seamlessly assimilates with current generation logical security systems.
- the integrated security system incorporates a security controller having standard network interface capabilities and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes.
- the invention is based on, but not limited to standard secure communications technologies known in the relevant art including secure socket layer (SSL), transport layer security (TLS), private communications technology (PCT, internet protocol security (IPsec) or remote authentication and dial in service (RADIUS) protocols.
- the authentication server 105 includes a processor 5 , a main memory 10 , a display 20 electrically coupled to a display interface 15 , a secondary memory subsystem 25 electrically coupled to a hard disk drive 30 , a removable storage drive 35 electrically coupled to a removable storage unit 40 and an auxiliary removable storage interface 45 electrically coupled to an auxiliary removable storage unit 50 .
- a communications interface 55 subsystem is coupled to a network transceiver 60 and a network 65 , an optional security token 75 such as a hardware security module (HSM) is electrically coupled to a security token interface 70 and a user input interface 80 including a mouse and a keyboard 85 , and an optional biometric scanner 95 electrically coupled to an optional biometric scanner interface 90 .
- HSM hardware security module
- the processor 5 , main memory 10 , display interface 15 secondary memory subsystem 25 and communications interface system 55 are electrically coupled to a communications infrastructure 100 .
- the authentication server 105 includes an operating system, authentication software, secure communications applications, other applications software, cryptography software capable of performing symmetric and asymmetric cryptographic functions, secure messaging software and device interface software.
- authentication server is intended to generically describe an authentication server which provides authorization and authentication information to a an IEEE 802.x network in which a user is attempting to connect or access, rather than being restricted to dialup or serial communications services.
- the basic arrangement of the authentication server 105 is also applicable to a life cycle management server shown in FIG. 2G .
- the security controller 110 includes a processor 5 n , a security token 75 n coupled to the processor 5 n and a communications infrastructure 100 n .
- the security token 75 n is generally referred to as a secure access module (SAM).
- the security controller further includes a display 20 n , such as an LCD screen and/or LEDs which is electrically coupled to a display interface 15 n , volatile memory 10 a , non-volatile memory 10 b which includes flashable RAM, an electrically erasable programmable read only memory (EEPROM) 10 c and a communications interface subsystem 55 n.
- EEPROM electrically erasable programmable read only memory
- the communications interface subsystem 55 n is coupled to security token interface 70 n and includes both contact and contactless connectability 701 with a removable security token 75 r .
- the communications interface subsystem 55 n is further coupled to a network transceiver 60 n , a user input interface 80 n including an optional keypad 85 n , an optional biometric scanner 95 n electrically coupled to an optional biometric scanner interface 90 n and an electromechanical control circuit 130 .
- the electromechanical control circuit 130 when energized allows physical access to a protected location. Examples of which include electromagnetically controlled door locks, door strikes, gates and turnstiles.
- the electromagnetic circuit is generally arranged to momentarily energize an electical solenoid to allow a person access into a controlled area.
- the processor 5 n , security token 75 n , display interface 15 n , volatile memory 10 a , non-volatile memory 10 b , EEPROM 10 c and communications interface subsystem 55 n are electrically coupled to a communications infrastructure 100 n .
- the security controller includes an embedded operating environment, security applications compatible with those controlled by the authentication server 105 , secure communications applications, other applications software, cryptography software capable of performing symmetric and asymmetric cryptographic functions, secure messaging software and device interface software.
- the secure access module 75 n further includes at least one asymmetric key pair and related applications software to support secure key exchanges with the authentication server.
- the applications, cryptographic keys and any user data stored inside the security token 75 r may be exchanged, modified, added or removed in a life cycle management transaction with either the authentication server 105 or a life cycle management server 105 L shown in FIG. 2G .
- the security token 75 r includes a wireless, optical and/or electrical interface 60 t , 60 w compatible with the security token interface 70 n , a processor St, an optional cryptographic co-processor 5 tc coupled to the processor 5 t and a communications infrastructure 100 t , volatile memory 10 vm , non-volatile memory 10 nvm , an electrically erasable programmable read only memory (EEPROM) 10 eeprom and a communications interface 55 t coupled to the interface 60 t , 60 w.
- EEPROM electrically erasable programmable read only memory
- the processor 5 t optional cryptographic co-processor 5 tc , volatile memory 10 vm , non-volatile memory 10 nvm , electrically erasable programmable read only memory (EEPROM) 10 eeprom and communications interface 55 t are electrically coupled to the communications infrastructure 100 t .
- the EEPROM 10 eeprom further includes a runtime operating environment, cryptography extensions incorporated into the operating system and capable of performing symmetric and asymmetric cryptographic functions compatible with the security controller and security token enabled cryptography software, at least one critical security parameter protected secure resource coupled to at least one token remote authentication application and a asymmetric public key infrastructure (PKI) key pair functionally coupled to the at least one token remote authentication application.
- PKI public key infrastructure
- the non-volatile memory 10 nvm has operatively stored therein one or more reference critical security parameters which are verified against a user supplied critical security parameter by the at least one token remote authentication application to allow access to the one or more one or more critical security parameter protected secure resources.
- the invention includes a security controller SC 110 in processing communications over a network 65 with an authentication server AS 105 .
- a removable security token ST 75 r is operatively coupled to the security controller SC 110 .
- the security controller SC 110 includes a processor 5 n operatively coupled to a network transceiver T/R 2 60 n , a memory which includes at least one authentication transaction application NA 210 , an electromechanical circuit which when energized allows physical access to a protected area, a secure access module (SAM) 75 n for at least storing a shared secret required by a secure communications protocol, an optional user interface UI 85 n and a display DI 20 n .
- the user interface UI 85 n and the display DI 20 n are provided in situations having high security area requirements. For example, depending on the security requirements for physically accessing a protected area, an entity may be required to locally authenticate to the security token 75 r by providing a biometric sample and/or a personal identification number (PIN) before transactions with authentication server AS 105 are performed.
- PIN personal identification number
- the removable security token ST 75 r such as a smart card is associated with the entity and operatively coupled to the security controller 110 via the contact or contactless interface 70 n shown in FIG. 1A .
- the removable security token ST 75 r includes at least one critical security parameter CSPr 235 r which is retrievably stored inside the security token ST 75 r.
- the removable security token ST 75 r includes at least one token remote access application operatively installed in token memory (not shown).
- the at least one token remote access application TRA 215 allows the security token ST 75 r to send the critical security parameter CSPr 235 r to the security controller SC 110 for authentication by the authentication server AS 105 .
- the authentication server AS 105 includes a server processor 5 coupled to a network transceiver T/R 1 60 c which is compatible with the network transceiver T/R 2 60 n installed on the security controller SC 110 , a database 30 including a plurality of reference critical security parameters CSPs 235 s required to authenticate critical security parameter received from the security controller SC 110 .
- the reference critical security parameters CSPs 235 s may be operatively stored inside a hardware security module HSM 75 s .
- a memory is coupled to the server processor 5 which includes at least one authentication transaction application SA 205 .
- the at least one authentication transaction application SA 205 allows the authentication server AS 105 to authenticate the critical security parameter CSPr 235 provided by the security token ST 75 r.
- the messaging protocol used to communicate with the security token ST 75 r and secure access module 75 n includes an ISO 7816 compliant communications protocol. Protocol conversion between higher level packet communications protocols and the lower level ISO 7816 communications protocol may be accomplished by either the remote access application SA 205 installed on the authentication server AS 105 or by the applications software NA 210 installed on the security controller SC 110 .
- An access request AR 265 R is generated and submitted by the security controller SC 110 to the authentication server AS 105 in accordance with an established authentication protocol. Attributes included in the access request AR 265 R identify the entity's security token (usually a serial number) which may be verified against existing security policies established for the entity even before authentication is initiated (not shown) For example, if the entity is not permitted into the protected area in which access is being attempted, the transaction ends without further processing.
- a shared secret KSr 240 r , KSs 240 s is generated by the authentication server AS 105 , securely shared with the security controller and maintained by the secure access module 75 n .
- the secure secret exchange is provided by the secure communications protocol being implemented over the network 65 . However, more robust secure secret exchanges may be substituted as is necessary to meet a particular security requirement.
- KSs 240 s has been established for the secure communications connection between the authentication server AS 105 and the security controller SC 110 .
- a critical security parameter CSPr 235 r is retrieved from the entity's security token ST 75 r , and securely sent 65 to the authentication server AS 105 for authentication.
- the entity's critical security parameter CSPr 235 r ′ is compared to a reference critical security parameter CSPs 235 s ′ retrieved from the database 30 or HSM 75 s . If the entity's critical security parameter CSPr 235 r ′ is not authenticated, an authentication rejection message is sent to the security controller and the entity will not be permitted to access the protected area. If the entity's critical security parameter CSPr 235 r ′ is successfully authenticated, an affirmative authentication result 265 , shown as a check mark, is generated by the authentication server application SA 205 .
- the affirmative authentication result 265 is then securely sent to the security controller SC 110 .
- the affirmative authentication result 265 is processed by the security controller application NA 210 resulting in energizing of the electromechanical control circuit EMC 130 .
- the duration in which the electromechanical control circuit EMC 130 is energized may be specifically adjusted for a particular entity's security token. This allows for controlling the opening of a gateway such as a door to accommodate deliveries or allow physically disabled persons to transit the doorway.
- FIG. 2E another embodiment of the invention is shown where a critical security parameter management transaction is performed between the authentication server AS 105 and the secure access module 75 n.
- a secure communications connection 65 is established between at least the security controller SC 110 and the authentication server AS 105 using for example, the shared symmetric keys KSr, KSs 240 r , 240 s.
- the secure communications connection provides end-to-end secure communications between the secure access module 75 n and the authentication server AS 105 . It will be appreciated by one skilled in the art that other secure communications channel arrangements may be used as well.
- a critical security parameter CSPs 235 s is being securely sent for storage inside the secure access module 75 n .
- the critical security parameter transaction may be a critical security parameter exchange, a critical security parameter replacement, a critical security parameter generation, a critical security parameter deletion or an attribute change to a cryptographic security parameter.
- the critical security parameter may be obtained from a datastore 30 or from a hardware security module HSM 75 s operatively coupled to the authentication server.
- FIG. 2F an alternate embodiment of the invention is shown where the secure access module 75 n coupled to the security controller SC 110 incorporates one or more critical security parameters CSPn 235 n for locally authenticating a user.
- This arrangement allows a local access list 280 of authenticated users granted access to the protected area without having to rely on the authentication server AS 105 to perform the authentications which is particularly advantageous during high traffic periods such as at shift changes or during periods when either the authentication server AS 105 and/or the communications network 65 becomes temporarily unavailable.
- the local access list 280 of authenticated users or indicia of authorized users is sent to the authentication server AS 105 when the local access list 280 becomes full, when requested by the authentication server AS 105 and/or communications with the authentication server AS 105 is restored.
- the local access list 280 is sent to the authentication server AS 105 via the secure communications mechanisms described above. This arrangement allows full CSP management including key management functions and updating of authorized access lists over standard IEEE 802.x network arrangements. The local access list is then used by the authentication server AS 105 to update a master access list 285 .
- a lifecycle management server LCS 105 L is operatively coupled to the network 65 .
- the life cycle management server LCS 105 L maintains the security applications and cryptographic information employed by the authentication server AS 105 A the security controller SC 110 , secure access module 75 n and optionally the security token ST 75 r .
- This arrangement allows the life cycle management server LCS 105 L to distribute, exchange, delete, add or modify one or more critical security parameters, applications or user data installed in these devices.
- the process is initiated 300 by establishing a secure communications connection which incorporates a shared symmetric key between an security controller and a authentication server 305 .
- the symmetric is securely stored and maintained by a secure access module associated with the security controller 310 .
- a critical security parameter is then sent from an entity's security token to the security controller 310 .
- the security controller sends the critical security parameter to the authentication server via the secure communications connection 320 for authentication.
- the authentication server performs an authentication transaction using the entity's critical security parameter 325 and generates a result of the authentication transaction 330 .
- the result of the authentication transaction is then sent to the security controller via the secure communications connection for evaluation 335 . If the entity's critical security parameter is not successfully authenticated 340 , processing ends 350 and the entity will not be permitted to access the protected area. If the entity's critical security parameter is successfully authenticated 340 , an electromechanical circuit is energized 345 which permit the entity physical access to the protected are for a pre-established duration, followed by access and processing termination 350 .
- the process is initiated 301 by establishing a secure communications channel between at least a secure controller but preferably between a secure access module coupled to the security controller and the authentication server 303 .
- the authentication server then conducts at least one life cycle management transaction in conjunction with the secure access module 307 . Once the life cycle management transaction has been completed, processing ends 309 .
- life cycle management transactions may be conducted with an operatively coupled security token as well.
- the process is initiated 302 by sending a critical security parameter (CSP) from a security token associated with an entity to a security controller equipped with a secure access module 304 .
- the secure access module attempts to locally authenticate the CSP 306 , the result of which is then recorded in a local access list 308 .
- the local access list is then sent to an authentication server via a secure communications connection 312 where a master access list is updated using the information included in the local access list 314 .
- the process ends after the master access list has been updated 322 .
Abstract
Description
- The present invention relates generally to a data processing method AND system and more specifically to a wireless communications physical access control system which merges physical and logical access controls using the security features afforded by implementation of security tokens with standardized authentication protocols.
- Recent world events and increasing global competition have accelerated efforts to merge physical and logical security systems, particularly for large commercial, industrial and governmental enterprises. However, these merger efforts have been significantly hampered by the large installed base of proprietary physical security systems. These priority physical security systems often utilize proprietary networking architectures, communications protocols, databases and file systems which are difficult to integrate into modem networking security systems. An example of a proprietary security system is described in U.S. Pat. No. 5,682,142 to Loosmore, et al. The Loosmore reference discloses an integrated security system which is intended to be operated as a separate standalone security system.
- Incompatibilities between the physical and logical security systems frequently leads to serious deficiencies for either or both the physical and logical security systems. In a recently cited example, a human resources database indicated that an employee had been terminated, but the former employee's e-mail and network access still had the former employee shown as active, which would have allowed the former employee logical access to corporate resources. This example is described by D. Smith, in the journal esecure, September 2002; (22) which is herein incorporated by reference. While this example is more illustrative of logical incompatibilities between different organizational databases, it is not difficult for one to imagine a similar situation where a physical access card is retained in an active status due to incompatibilities between physical and logical security systems. This concern is particularly important in sensitive facilities such as airports where a lost, stolen or improperly managed physical access card could allow the hijacking of an aircraft.
- Another impediment to the merger of physical and logical security systems is the lack of formal standards developed specifically for physical security systems.
- De facto standards are being promulgated by IT professionals who advocate the use of open computer system architectures, standardized networking protocols and standardized database arrangements such as ODBC. An example of an integrated physical and logical security system is described in U.S. Pat. No. 6,233,588 to Marchoili, et al. The Marchoili reference addresses the lack of standardization in centralized physical and logical security systems computing capabilities but does not address the lack of standardization of security controllers which must interact with the security systems.
- The lack of standardization in security controllers is still an important impediment to the merger of physical and logical security systems as many security clients still lack standard network interface capabilities. For example, HID Corporation offers an advanced contactless smart card driven door controller MIFARE® (6055B). The advanced implementation of a contactless smart card provides a convenient and secure medium for use with both physical and logical security systems. However, a major drawback of this security controller is the lack of a standard network interface. Instead, the controller is provided with an RS-232C interface for local connection with a standard personal computer system using. (See HID MIFARE® (6055B) Reference Sheet, MRG-EN-US, Rev. 10-02 which is herein incorporated by reference.)
- The RS-232C interface is used to locally load or update a memory cache associated with the security controller with authorized smart card codes using proprietary software and communication protocols running on a personal computer. This arrangement limits scalability, requires that remote security controllers be managed individually and prevents dynamic and centralized changes to be made to authorized smart card codes.
- Other security controller vendors do offer standard network interface capabilities but usually incorporate weak static passwords and/or proprietary authentication coding which is less than ideal, particularly in evolving wireless security controller implementations where communications with a centralized security system may be more easily intercepted. In many cases, the security controllers are usually routed to a centralized control panel using a serial link which is then connected to a standard network.
- As such, an ideal security controller would include standard network interface capabilities, ensures secure communications with an integrated security system even over wireless telecommunications links, takes advantage of the convenience and security offered by smart cards and seamlessly integrates with current generation logical security systems.
- This invention addresses many of the limitations described above and provides an integrated security system which seamlessly assimilates with current generation logical security systems. The security system incorporates a security controller having standard network interface capabilities and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes.
- The term critical security parameter as referred to herein incorporate the U.S. National Institute of Standards and Technology (NIST) definition specified in FIPS PUB 140-2, “Security Requirements For Security tokens,” and includes authentication data and attributes, passwords, PINs, biometric samples, asymmetric and symmetric cryptographic keys.
- The term security token referred to herein include hardware based security devices such as cryptographic modules, smart cards, integrated circuit chip cards, portable data carriers (PDC), personal security devices (PSD), subscriber identification modules (SIM), wireless identification modules (WIM), USB token dongles, identification tokens, secure application modules (SAM), hardware security modules (HSM), secure multi-media token (SMMC), trusted platform computing alliance chips (TPCA) and like devices.
- The method portion of the invention comprises establishing a secure communications connection over a network between a security controller and at least an authentication server, operatively coupling a security token to the security controller, sending a critical security parameter from the security token to the security controller for authentication, sending the critical security parameter to the authentication server via the secure communications connection, performing an authentication transaction by the authentication server for the critical security parameter and sending a result of the authentication transaction from the authentication server to the security controller via the secure communications connection.
- The final action of the method portion of the invention energizes an electromechanical circuit controlled by the security controller if the result is affirmative of the authentication transaction being successful. The electromechanical circuit is associated with a physical access gateway, where energizing the electromechanical circuit opens the physical access gateway The duration in which the electromechanical circuit is energized may have a pre-established duration specific to the security token. This allows for controlling the opening of a gateway such as a door to accommodate deliveries or allow physically disabled persons to transit the doorway.
- The secure communications connection includes a shared secret established between the security controller which is securely maintained by a secure access module operatively coupled to the security controller.
- The security controller is one of a plurality of security controllers, all of which are networked clients of the authentication server. In an embodiment of the invention, at least a portion of the secure communications connection is established over a wireless telecommunications link which incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- In an embodiment of the invention, the security controller is further in secure communications over the network with a life cycle management server. The life cycle management server is adapted to perform life cycle management functions related to applications, critical security parameters or user data installed in either the security token or the secure access module.
- In another method embodiment of the invention, the invention comprises establishing a secure communications connection over a network between at least an authentication server and a secure access module associated with a security controller, operatively coupling a security token to the secure access module via an interface coupled to the security controller, sending a critical security parameter from the security token to the secure access module, sending the critical security parameter to the authentication server via the secure communications connection, performing an authentication transaction by the authentication server via a process which incorporates the critical security parameter, sending a result of the authentication transaction from the authentication server to the security controller via the secure communications connection and energizing an electromechanical circuit controlled by the security controller if the result is affirmative of the authentication transaction being successful. Energizing the electromechanical circuit opens a physical access gateway.
- In this embodiment of the invention, the secure communications connection incorporates a shared secret which is maintained by the authentication server and the secure access module. As before, the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- In another method embodiment of the invention, the invention comprises performing one or more life cycle management transactions with a secure access module coupled to a security controller and a life cycle management by establishing a secure communications connection between a secure access module and at least a life cycle management server and performing one or more life cycle management transactions with the secure access module in conjunction with the at least a life cycle management server. As before, the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- In a final method embodiment of the invention, the invention comprises physically controlling access to a protected location by sending one or more critical security parameters from one or more security tokens to a secure access module operatively coupled to a security controller for authentication, performing one or more authentication transactions by the secure access module using the one or more critical security parameters, temporarily maintaining a local access list of the one or more critical security parameters which have been authenticated by the secure access module, sending the local access list to an authentication server, and updating a master access list maintained by the authentication server. In this embodiment of the invention, the local access list is sent over an IEEE 802.x standard network arrangement.
- In another method embodiment of the invention, the secure access module is further in secure communications over the network with a life cycle management server. In this embodiment of the invention, the life cycle management server is adapted to perform life cycle management functions related to applications, critical security parameters or user data installed in either the security token or the secure access module.
- In one systematic embodiment of the invention, the embodiment includes a security token operatively coupled to a security controller and includes the means for sending a critical security parameter to the security controller for authentication; a secure access module (SAM) is likewise operatively coupled to the security controller and includes the means for securely maintaining a shared secret established by an authentication server and incorporating the shared secret into a secure communications connection established with at least an authentication server.
- An electromechanical control means is further likewise operatively coupled to the security controller means and includes the means for opening a physical access gateway when energized.
- The security controller includes means for establishing the secure communications connection with the authentication server, sending the critical security parameter to the authentication server via the secure communications connection and energizing the electromechanical control means in response to an affirmative authentication result received from the authentication server; and,
- The authentication server includes means for establishing the secure communications with the security controller, performing an authentication transaction in response to receiving the critical security parameter from the security controller and supplying the affirmative authentication result to the security controller via the secure communications connection following a successful authentication of the critical security parameter.
- In an embodiment of the invention, a portion of the secure communications connection is established over a wireless telecommunications link. As before, the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS.
- In another embodiment of the invention, the secure access module further includes means for locally performing the authentication transaction. In this embodiment of the invention, the security controller or the secure access module further includes means for maintaining an access list of locally authenticated critical security parameters and the authentication server further includes means for receiving the access list of locally authenticated critical security parameters and updating a master access associated with the authentication server.
- In another embodiment of the invention, a life cycle management server is provided. The life cycle management server includes means for establishing a secure communications connection between either the secure access module or the security, and performing one or more life cycle management transactions with the secure access module in conjunction with the life cycle management server. As before, the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- In another systematic embodiment of the invention, the invention comprises a security apparatus for physically controlling access to a protected location including a security controller having a processor, a memory coupled to the processor, a security token interface coupled to the processor, a network transceiver coupled to the processor, a secure access module coupled to the processor, an electromagnetic control circuit coupled to the processor and at least application installed in a portion of the memory having logical instructions executable by the processor to establish a secure communications connection over a network with an authentication server over a network via the network transceiver, perform an authentication transaction in conjunction with the authentication server for a critical security parameter received via the security token interface, receive and maintain a shared secret in the secure access module, incorporate the shared secret into the secure communications connection and energize the electromechanical control circuit upon receipt of an affirmative authentication result associated with the authentication transaction.
- As before, the secure communications connection incorporates a security protocol including SSL, IPsec, PCT, TLS or RADIUS. Likewise, energizing the electromechanical control circuit opens a physical access gateway.
- In another embodiment of the invention, the secure access module includes means for performing one or more life cycle management transactions in conjunction with either the authentication server or a life cycle management server, where the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- In a final systematic embodiment of the invention, the invention comprises a system for performing one or more life cycle management transactions with a secure access module coupled to a security controller and a life cycle management server. The system includes a secure access module operatively coupled to a security controller and provided with means for securely performing life cycle management functions in conjunction with a life cycle management server.
- The security controller is provided with means for exchanging communications between the secure access module and the life cycle management server and the life cycle server is provided with means for securely performing one or more life cycle management transactions in conjunction with the secure access module. As before, the one or more life cycle management transactions comprises distributing, exchanging, deleting, adding or modifying one or more critical security parameters, applications or user data installed in the secure access module.
- In an embodiment of the invention, the security controller and the life cycle server are in processing communications over a wireless telecommunications link.
- The features and advantages of the invention will become apparent from the following detailed description when considered in conjunction with the accompanying drawings. Where possible, the same reference numerals and characters are used to denote like features, elements, components or portions of the invention. It is intended that changes and modifications can be made to the described embodiment without departing from the true scope and spirit of the subject invention as defined in the claims.
-
FIG. 1 —is a generalized block diagram of a security token enabled authentication server. -
FIG. 1A —is a generalized block diagram of a security controller. -
FIG. 1B —is a generalized block diagram of a security token. -
FIG. 2 —is a detailed block diagram of one embodiment of the invention where a security token enabled authentication server is in processing communications with a security controller over a wireless telecommunications link. -
FIG. 2A —is a detailed block diagram of the invention where a shared secret is established between the authentication server and the security controller as part of the RADIUS authentication protocol. -
FIG. 2B —is a detailed block diagram of the invention where a critical security parameter is securely sent to the authentication server for authentication. -
FIG. 2C —is a detailed block diagram of the invention where the authentication server performs an authentication transaction using the received critical security parameter. -
FIG. 2D —is a detailed block diagram of the invention where an affirmative result is generated from the authentication transaction and securely sent to the security controller. -
FIG. 2E —is a detailed block diagram of the invention where a life cycle management transaction is performed between the secure access module and the authentication server. -
FIG. 2F —is a detailed block diagram of another embodiment of the invention where a critical security parameter is locally authenticated by a secure access module associated with a security controller. -
FIG. 2G —is a detailed block diagram of another embodiment of the invention where one or more life cycle management transactions are performed between a life cycle management server, the authentication server, the secure access module and the security token. -
FIG. 3 —is a flow diagram illustrating the major steps associated with physically controlling access to a protected location using the invention. -
FIG. 3A —is a flow diagram illustrating the major steps associated with performing a critical security parameter management transaction between the secure access module and the authentication server. -
FIG. 3B —is a flow diagram illustrating the major steps associated with locally performing a critical security parameter authentication and sending an access list to the authentication server. - This present invention provides an integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes. The invention is based on, but not limited to standard secure communications technologies known in the relevant art including secure socket layer (SSL), transport layer security (TLS), private communications technology (PCT, internet protocol security (IPsec) or remote authentication and dial in service (RADIUS) protocols.
- The use of the standard secure communications technologies are supported by the IEEE 802.1x link layer, making these protocols well suited for secure when wireless communications networks such as 802.11a, 802.11b and 802.11g. Other arrangements which utilize wired or optical networks based on the IEEE 802.22 standard are clearly supported as well.
- Referring to
FIG. 1 , a block diagram of anauthentication server 105 is depicted. Theauthentication server 105 includes aprocessor 5, amain memory 10, adisplay 20 electrically coupled to adisplay interface 15, asecondary memory subsystem 25 electrically coupled to ahard disk drive 30, aremovable storage drive 35 electrically coupled to aremovable storage unit 40 and an auxiliaryremovable storage interface 45 electrically coupled to an auxiliaryremovable storage unit 50. - A
communications interface 55 subsystem is coupled to anetwork transceiver 60 and anetwork 65, an optional security token 75 such as a hardware security module (HSM) is electrically coupled to a securitytoken interface 70 and auser input interface 80 including a mouse and akeyboard 85, and an optionalbiometric scanner 95 electrically coupled to an optionalbiometric scanner interface 90. - The
processor 5,main memory 10,display interface 15secondary memory subsystem 25 andcommunications interface system 55 are electrically coupled to acommunications infrastructure 100. Theauthentication server 105 includes an operating system, authentication software, secure communications applications, other applications software, cryptography software capable of performing symmetric and asymmetric cryptographic functions, secure messaging software and device interface software. - One skilled in the art will appreciate that the term authentication server is intended to generically describe an authentication server which provides authorization and authentication information to a an IEEE 802.x network in which a user is attempting to connect or access, rather than being restricted to dialup or serial communications services. The basic arrangement of the
authentication server 105 is also applicable to a life cycle management server shown inFIG. 2G . - Referring to
FIG. 1A , a block diagram of asecurity controller 110 is depicted. Thesecurity controller 110 includes aprocessor 5 n, asecurity token 75 n coupled to theprocessor 5 n and acommunications infrastructure 100 n. Thesecurity token 75 n is generally referred to as a secure access module (SAM). The security controller further includes adisplay 20 n, such as an LCD screen and/or LEDs which is electrically coupled to adisplay interface 15 n,volatile memory 10 a,non-volatile memory 10 b which includes flashable RAM, an electrically erasable programmable read only memory (EEPROM) 10 c and acommunications interface subsystem 55 n. - The
communications interface subsystem 55 n is coupled to securitytoken interface 70 n and includes both contact andcontactless connectability 701 with aremovable security token 75 r. Thecommunications interface subsystem 55 n is further coupled to anetwork transceiver 60 n, auser input interface 80 n including anoptional keypad 85 n, an optionalbiometric scanner 95 n electrically coupled to an optionalbiometric scanner interface 90 n and anelectromechanical control circuit 130. Theelectromechanical control circuit 130 when energized allows physical access to a protected location. Examples of which include electromagnetically controlled door locks, door strikes, gates and turnstiles. The electromagnetic circuit is generally arranged to momentarily energize an electical solenoid to allow a person access into a controlled area. - The
processor 5 n,security token 75 n,display interface 15 n,volatile memory 10 a,non-volatile memory 10 b,EEPROM 10 c andcommunications interface subsystem 55 n are electrically coupled to acommunications infrastructure 100 n. The security controller includes an embedded operating environment, security applications compatible with those controlled by theauthentication server 105, secure communications applications, other applications software, cryptography software capable of performing symmetric and asymmetric cryptographic functions, secure messaging software and device interface software. Thesecure access module 75 n further includes at least one asymmetric key pair and related applications software to support secure key exchanges with the authentication server. The applications, cryptographic keys and any user data stored inside thesecurity token 75 r may be exchanged, modified, added or removed in a life cycle management transaction with either theauthentication server 105 or a lifecycle management server 105L shown inFIG. 2G . - Referring to
FIG. 1B , a block diagram of theremovable security token 75 r is depicted. Thesecurity token 75 r includes a wireless, optical and/orelectrical interface token interface 70 n, a processor St, anoptional cryptographic co-processor 5 tc coupled to theprocessor 5 t and acommunications infrastructure 100 t,volatile memory 10 vm,non-volatile memory 10 nvm, an electrically erasable programmable read only memory (EEPROM) 10 eeprom and acommunications interface 55 t coupled to theinterface - The
processor 5 t,optional cryptographic co-processor 5 tc,volatile memory 10 vm,non-volatile memory 10 nvm, electrically erasable programmable read only memory (EEPROM) 10 eeprom andcommunications interface 55 t are electrically coupled to thecommunications infrastructure 100 t. TheEEPROM 10 eeprom further includes a runtime operating environment, cryptography extensions incorporated into the operating system and capable of performing symmetric and asymmetric cryptographic functions compatible with the security controller and security token enabled cryptography software, at least one critical security parameter protected secure resource coupled to at least one token remote authentication application and a asymmetric public key infrastructure (PKI) key pair functionally coupled to the at least one token remote authentication application. - The
non-volatile memory 10 nvm has operatively stored therein one or more reference critical security parameters which are verified against a user supplied critical security parameter by the at least one token remote authentication application to allow access to the one or more one or more critical security parameter protected secure resources. - Referring to
FIG. 2 , a generalized arrangement of the invention is depicted. The invention includes asecurity controller SC 110 in processing communications over anetwork 65 with an authentication server AS 105. A removablesecurity token ST 75 r is operatively coupled to thesecurity controller SC 110. - The
security controller SC 110 includes aprocessor 5 n operatively coupled to a network transceiver T/R2 60 n, a memory which includes at least one authenticationtransaction application NA 210, an electromechanical circuit which when energized allows physical access to a protected area, a secure access module (SAM) 75 n for at least storing a shared secret required by a secure communications protocol, an optionaluser interface UI 85 n and adisplay DI 20 n. Theuser interface UI 85 n and thedisplay DI 20 n are provided in situations having high security area requirements. For example, depending on the security requirements for physically accessing a protected area, an entity may be required to locally authenticate to thesecurity token 75 r by providing a biometric sample and/or a personal identification number (PIN) before transactions with authentication server AS 105 are performed. - The removable
security token ST 75 r such as a smart card is associated with the entity and operatively coupled to thesecurity controller 110 via the contact orcontactless interface 70 n shown inFIG. 1A . The removablesecurity token ST 75 r includes at least one criticalsecurity parameter CSPr 235 r which is retrievably stored inside thesecurity token ST 75 r. - The removable
security token ST 75 r includes at least one token remote access application operatively installed in token memory (not shown). The at least one token remoteaccess application TRA 215 allows thesecurity token ST 75 r to send the criticalsecurity parameter CSPr 235 r to thesecurity controller SC 110 for authentication by the authentication server AS 105. - The authentication server AS 105 includes a
server processor 5 coupled to a network transceiver T/R1 60 c which is compatible with the network transceiver T/R2 60 n installed on thesecurity controller SC 110, adatabase 30 including a plurality of reference criticalsecurity parameters CSPs 235 s required to authenticate critical security parameter received from thesecurity controller SC 110. Alternately, the reference criticalsecurity parameters CSPs 235 s may be operatively stored inside a hardwaresecurity module HSM 75 s. A memory is coupled to theserver processor 5 which includes at least one authenticationtransaction application SA 205. The at least one authenticationtransaction application SA 205 allows the authentication server AS 105 to authenticate the critical security parameter CSPr 235 provided by thesecurity token ST 75 r. - The messaging protocol used to communicate with the
security token ST 75 r andsecure access module 75 n includes an ISO 7816 compliant communications protocol. Protocol conversion between higher level packet communications protocols and the lower level ISO 7816 communications protocol may be accomplished by either the remoteaccess application SA 205 installed on the authentication server AS 105 or by theapplications software NA 210 installed on thesecurity controller SC 110. - A secure arrangement for exchanging APDU commands and responses between the
security token ST 75 r,security application module 75 n and authentication server AS 105 is described in co-pending U.S. patent application Ser. No. 09/844,246, filed Apr. 9, 2002, entitled, “Method And System For Establishing A Remote Connection to A Personal Security Device,” to a common assignee and is herein incorporated by reference in its entity. - Referring to
FIG. 2A , physical access is initiated by an entity operatively coupling theirsecurity token ST 75 r to thesecurity controller SC 110. Anaccess request AR 265R is generated and submitted by thesecurity controller SC 110 to the authentication server AS 105 in accordance with an established authentication protocol. Attributes included in theaccess request AR 265R identify the entity's security token (usually a serial number) which may be verified against existing security policies established for the entity even before authentication is initiated (not shown) For example, if the entity is not permitted into the protected area in which access is being attempted, the transaction ends without further processing. - Discussions of security policies is described in co-pending U.S. patent application Ser. No. 10/402,960 to a common assignee filed on Apr. 1, 2003, entitled “Uniform Framework for Security Tokens,” and herein incorporated by reference in its entirety and co-pending U.S. patent application Ser. No. 10/425,028 to a common assignee filed on Apr. 29, 2003, entitled “Uniform Modular Framework For A Host Computer System,” and likewise herein incorporated by reference in its entirety.
- As part of the established authentication protocol, if not already pre-exisiting, a shared
secret KSr 240 r,KSs 240 s is generated by the authentication server AS 105, securely shared with the security controller and maintained by thesecure access module 75 n. The secure secret exchange is provided by the secure communications protocol being implemented over thenetwork 65. However, more robust secure secret exchanges may be substituted as is necessary to meet a particular security requirement. - Referring to
FIG. 2B , once the sharedsecrets KSr 240 r,KSs 240 s has been established for the secure communications connection between the authentication server AS 105 and thesecurity controller SC 110, a criticalsecurity parameter CSPr 235 r is retrieved from the entity'ssecurity token ST 75 r, and securely sent 65 to the authentication server AS 105 for authentication. - Referring to
FIG. 2C , upon receipt by the authentication server AS 105, the entity's criticalsecurity parameter CSPr 235 r′ is compared to a reference criticalsecurity parameter CSPs 235 s′ retrieved from thedatabase 30 orHSM 75 s. If the entity's criticalsecurity parameter CSPr 235 r′ is not authenticated, an authentication rejection message is sent to the security controller and the entity will not be permitted to access the protected area. If the entity's criticalsecurity parameter CSPr 235 r′ is successfully authenticated, anaffirmative authentication result 265, shown as a check mark, is generated by the authenticationserver application SA 205. - Referring to
FIG. 2D , theaffirmative authentication result 265 is then securely sent to thesecurity controller SC 110. Theaffirmative authentication result 265 is processed by the securitycontroller application NA 210 resulting in energizing of the electromechanicalcontrol circuit EMC 130. The duration in which the electromechanicalcontrol circuit EMC 130 is energized may be specifically adjusted for a particular entity's security token. This allows for controlling the opening of a gateway such as a door to accommodate deliveries or allow physically disabled persons to transit the doorway. - Referring to
FIG. 2E , another embodiment of the invention is shown where a critical security parameter management transaction is performed between the authentication server AS 105 and thesecure access module 75 n. - In this embodiment of the invention, a
secure communications connection 65 is established between at least thesecurity controller SC 110 and the authentication server AS 105 using for example, the shared symmetric keys KSr,KSs - In an embodiment of the invention, the secure communications connection provides end-to-end secure communications between the
secure access module 75 n and the authentication server AS 105. It will be appreciated by one skilled in the art that other secure communications channel arrangements may be used as well. - In this example, a critical
security parameter CSPs 235 s is being securely sent for storage inside thesecure access module 75 n. The critical security parameter transaction may be a critical security parameter exchange, a critical security parameter replacement, a critical security parameter generation, a critical security parameter deletion or an attribute change to a cryptographic security parameter. The critical security parameter may be obtained from adatastore 30 or from a hardwaresecurity module HSM 75 s operatively coupled to the authentication server. - Referring to
FIG. 2F , an alternate embodiment of the invention is shown where thesecure access module 75 n coupled to thesecurity controller SC 110 incorporates one or more criticalsecurity parameters CSPn 235 n for locally authenticating a user. This arrangement allows alocal access list 280 of authenticated users granted access to the protected area without having to rely on the authentication server AS 105 to perform the authentications which is particularly advantageous during high traffic periods such as at shift changes or during periods when either the authentication server AS 105 and/or thecommunications network 65 becomes temporarily unavailable. Thelocal access list 280 of authenticated users or indicia of authorized users (e.g., token unique identifiers) is sent to the authentication server AS 105 when thelocal access list 280 becomes full, when requested by the authentication server AS 105 and/or communications with the authentication server AS 105 is restored. - The
local access list 280 is sent to the authentication server AS 105 via the secure communications mechanisms described above. This arrangement allows full CSP management including key management functions and updating of authorized access lists over standard IEEE 802.x network arrangements. The local access list is then used by the authentication server AS 105 to update amaster access list 285. - Referring to
FIG. 2G , an another embodiment of the invention is shown where a lifecyclemanagement server LCS 105L is operatively coupled to thenetwork 65. In this embodiment of the invention, the life cyclemanagement server LCS 105L maintains the security applications and cryptographic information employed by the authentication server AS 105A thesecurity controller SC 110,secure access module 75 n and optionally thesecurity token ST 75 r. This arrangement allows the life cyclemanagement server LCS 105L to distribute, exchange, delete, add or modify one or more critical security parameters, applications or user data installed in these devices. - Referring to
FIG. 3 , the major steps for implementing the invention are depicted. The process is initiated 300 by establishing a secure communications connection which incorporates a shared symmetric key between an security controller and aauthentication server 305. The symmetric is securely stored and maintained by a secure access module associated with thesecurity controller 310. A critical security parameter is then sent from an entity's security token to thesecurity controller 310. The security controller sends the critical security parameter to the authentication server via thesecure communications connection 320 for authentication. - The authentication server performs an authentication transaction using the entity's
critical security parameter 325 and generates a result of theauthentication transaction 330. The result of the authentication transaction is then sent to the security controller via the secure communications connection forevaluation 335. If the entity's critical security parameter is not successfully authenticated 340, processing ends 350 and the entity will not be permitted to access the protected area. If the entity's critical security parameter is successfully authenticated 340, an electromechanical circuit is energized 345 which permit the entity physical access to the protected are for a pre-established duration, followed by access andprocessing termination 350. - Referring to
FIG. 3A , the major steps for implementing an alternate embodiment of the invention is depicted. The process is initiated 301 by establishing a secure communications channel between at least a secure controller but preferably between a secure access module coupled to the security controller and the authentication server 303. - The authentication server then conducts at least one life cycle management transaction in conjunction with the
secure access module 307. Once the life cycle management transaction has been completed, processing ends 309. One skilled in the art will appreciate that additional life cycle management transactions may be conducted with an operatively coupled security token as well. - Lastly, Referring to
FIG. 3B , the major steps for implementing another embodiment of the invention is depicted. In this embodiment of the invention, the process is initiated 302 by sending a critical security parameter (CSP) from a security token associated with an entity to a security controller equipped with asecure access module 304. The secure access module attempts to locally authenticate theCSP 306, the result of which is then recorded in alocal access list 308. The local access list is then sent to an authentication server via asecure communications connection 312 where a master access list is updated using the information included in thelocal access list 314. The process ends after the master access list has been updated 322. - The foregoing described embodiments of the invention are provided as illustrations and descriptions. They are not intended to limit the invention to precise form described. In particular, it is contemplated that functional implementation of the invention described herein may be implemented equivalently in hardware, software, firmware, and/or other available functional components or building blocks. No specific limitation is intended to a particular security token operating environment. Other variations and embodiments are possible in light of above teachings, and it is not intended that this Detailed Description limit the scope of invention, but rather by the claims following herein.
Claims (36)
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/740,518 US20050138380A1 (en) | 2003-12-22 | 2003-12-22 | Entry control system |
ES04293091T ES2388215T3 (en) | 2003-12-22 | 2004-12-22 | Input control system |
AT04293091T ATE554581T1 (en) | 2003-12-22 | 2004-12-22 | ACCESS CONTROL SYSTEM |
EP04293091A EP1549020B1 (en) | 2003-12-22 | 2004-12-22 | Entry control system |
US11/856,549 US9652911B2 (en) | 2003-12-22 | 2007-09-17 | Entry control system |
US15/485,274 US9898878B2 (en) | 2003-12-22 | 2017-04-12 | Entry control system |
US15/866,731 US10089803B2 (en) | 2003-12-22 | 2018-01-10 | Entry control system |
US16/112,990 US10417849B2 (en) | 2003-12-22 | 2018-08-27 | Entry control system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/740,518 US20050138380A1 (en) | 2003-12-22 | 2003-12-22 | Entry control system |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/856,549 Continuation US9652911B2 (en) | 2003-12-22 | 2007-09-17 | Entry control system |
Publications (1)
Publication Number | Publication Date |
---|---|
US20050138380A1 true US20050138380A1 (en) | 2005-06-23 |
Family
ID=34552796
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/740,518 Abandoned US20050138380A1 (en) | 2003-12-22 | 2003-12-22 | Entry control system |
US11/856,549 Active 2026-01-08 US9652911B2 (en) | 2003-12-22 | 2007-09-17 | Entry control system |
US15/485,274 Expired - Lifetime US9898878B2 (en) | 2003-12-22 | 2017-04-12 | Entry control system |
US15/866,731 Expired - Lifetime US10089803B2 (en) | 2003-12-22 | 2018-01-10 | Entry control system |
US16/112,990 Expired - Lifetime US10417849B2 (en) | 2003-12-22 | 2018-08-27 | Entry control system |
Family Applications After (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/856,549 Active 2026-01-08 US9652911B2 (en) | 2003-12-22 | 2007-09-17 | Entry control system |
US15/485,274 Expired - Lifetime US9898878B2 (en) | 2003-12-22 | 2017-04-12 | Entry control system |
US15/866,731 Expired - Lifetime US10089803B2 (en) | 2003-12-22 | 2018-01-10 | Entry control system |
US16/112,990 Expired - Lifetime US10417849B2 (en) | 2003-12-22 | 2018-08-27 | Entry control system |
Country Status (4)
Country | Link |
---|---|
US (5) | US20050138380A1 (en) |
EP (1) | EP1549020B1 (en) |
AT (1) | ATE554581T1 (en) |
ES (1) | ES2388215T3 (en) |
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060093149A1 (en) * | 2004-10-30 | 2006-05-04 | Shera International Ltd. | Certified deployment of applications on terminals |
US20070028300A1 (en) * | 2005-07-28 | 2007-02-01 | Bishop Ellis E | System and method for controlling on-demand security |
WO2007045051A1 (en) * | 2005-10-21 | 2007-04-26 | Honeywell Limited | An authorisation system and a method of authorisation |
US20070250922A1 (en) * | 2006-04-21 | 2007-10-25 | Microsoft Corporation | Integration of social network information and network firewalls |
US20070261111A1 (en) * | 2006-05-05 | 2007-11-08 | Microsoft Corporation | Distributed firewall implementation and control |
US20070271361A1 (en) * | 2006-05-18 | 2007-11-22 | Microsoft Corporation Microsoft Patent Group | Exceptions grouping |
WO2008027626A2 (en) * | 2006-04-25 | 2008-03-06 | Secure Network Systems, Llc | Logical and physical security |
US7752450B1 (en) * | 2005-09-14 | 2010-07-06 | Juniper Networks, Inc. | Local caching of one-time user passwords |
US7818783B2 (en) | 2006-03-08 | 2010-10-19 | Davis Russell J | System and method for global access control |
US20110038278A1 (en) * | 2007-05-28 | 2011-02-17 | Honeywell International Inc. | Systems and methods for configuring access control devices |
US20110071929A1 (en) * | 2008-01-30 | 2011-03-24 | Honeywell International Inc. | Systems and methods for managing building services |
US20110115602A1 (en) * | 2007-05-28 | 2011-05-19 | Honeywell International Inc. | Systems and methods for commissioning access control devices |
US20110153791A1 (en) * | 2009-12-17 | 2011-06-23 | Honeywell International Inc. | Systems and methods for managing configuration data at disconnected remote devices |
US20110167488A1 (en) * | 2010-01-07 | 2011-07-07 | Honeywell International Inc. | Systems and methods for location aware access control management |
US8185933B1 (en) | 2006-02-02 | 2012-05-22 | Juniper Networks, Inc. | Local caching of endpoint security information |
US20130031357A1 (en) * | 2010-03-29 | 2013-01-31 | Dieter Weiss | Method for secure transfer of an application from a server into a reading device unit |
US8787725B2 (en) | 2010-11-11 | 2014-07-22 | Honeywell International Inc. | Systems and methods for managing video data |
US8878931B2 (en) | 2009-03-04 | 2014-11-04 | Honeywell International Inc. | Systems and methods for managing video data |
US9019070B2 (en) | 2009-03-19 | 2015-04-28 | Honeywell International Inc. | Systems and methods for managing access control devices |
US9344684B2 (en) | 2011-08-05 | 2016-05-17 | Honeywell International Inc. | Systems and methods configured to enable content sharing between client terminals of a digital video management system |
US9705861B2 (en) | 2010-06-04 | 2017-07-11 | Ubiqu B.V. | Method of authorizing a person, an authorizing architecture and a computer program product |
US9704313B2 (en) | 2008-09-30 | 2017-07-11 | Honeywell International Inc. | Systems and methods for interacting with access control devices |
US9894261B2 (en) | 2011-06-24 | 2018-02-13 | Honeywell International Inc. | Systems and methods for presenting digital video management system information via a user-customizable hierarchical tree interface |
US10038872B2 (en) | 2011-08-05 | 2018-07-31 | Honeywell International Inc. | Systems and methods for managing video data |
US10362273B2 (en) | 2011-08-05 | 2019-07-23 | Honeywell International Inc. | Systems and methods for managing video data |
CN110198325A (en) * | 2018-02-26 | 2019-09-03 | 北京京东尚科信息技术有限公司 | Communication means, device and system, network server and storage medium |
US10417849B2 (en) | 2003-12-22 | 2019-09-17 | Assa Abloy Ab | Entry control system |
US20190340858A1 (en) * | 2018-05-04 | 2019-11-07 | Genetec Inc. | Secure Access Control |
US10489132B1 (en) * | 2013-09-23 | 2019-11-26 | Sprint Communications Company L.P. | Authenticating mobile device for on board diagnostic system access |
CN110519306A (en) * | 2019-10-09 | 2019-11-29 | 三星电子(中国)研发中心 | A kind of the equipment access control method and device of Internet of Things |
US10523903B2 (en) | 2013-10-30 | 2019-12-31 | Honeywell International Inc. | Computer implemented systems frameworks and methods configured for enabling review of incident data |
US10616863B2 (en) * | 2003-04-23 | 2020-04-07 | Canon Kabushiki Kaisha | Wireless communication system, device, and control method for searching multiple communication frequency channels and processing cryptographic communication in an infrastructure mode using a received communication parameter including information of an encrypted key |
US10750555B2 (en) | 2006-10-20 | 2020-08-18 | Canon Kabushiki Kaisha | Communication parameter setting method, communicating apparatus, and managing apparatus for managing communication parameters |
US20200304999A1 (en) * | 2009-01-06 | 2020-09-24 | Vetrix, Llc | Integrated physical and logical security management via a portable device |
US10992709B2 (en) * | 2015-07-28 | 2021-04-27 | Citrix Systems, Inc. | Efficient use of IPsec tunnels in multi-path environment |
US11354955B2 (en) | 2017-05-15 | 2022-06-07 | Amazon Technologies, Inc. | Universal access control device |
US11438732B2 (en) | 2009-03-06 | 2022-09-06 | Vetrix, Llc | Systems and methods for mobile tracking, communications and alerting |
US11438169B2 (en) * | 2017-09-25 | 2022-09-06 | Amazon Technologies, Inc. | Time-bound secure access |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ES2820351T3 (en) * | 2007-09-28 | 2021-04-20 | Iloq Oy | Lock management system |
US8156322B2 (en) * | 2007-11-12 | 2012-04-10 | Micron Technology, Inc. | Critical security parameter generation and exchange system and method for smart-card memory modules |
US8286883B2 (en) | 2007-11-12 | 2012-10-16 | Micron Technology, Inc. | System and method for updating read-only memory in smart card memory modules |
US8162227B2 (en) | 2007-11-12 | 2012-04-24 | Micron Technology, Inc. | Intelligent controller system and method for smart card memory modules |
US8370645B2 (en) | 2009-03-03 | 2013-02-05 | Micron Technology, Inc. | Protection of security parameters in storage devices |
CN103226853A (en) * | 2012-01-31 | 2013-07-31 | 联捷通股份有限公司 | Smart gate inhibition management and community service method |
AT512419A1 (en) * | 2012-01-31 | 2013-08-15 | Evva Sicherheitstechnologie | METHOD AND APPARATUS FOR ACCESS CONTROL |
WO2013173986A1 (en) * | 2012-05-23 | 2013-11-28 | Axalto Smart Cards Technology Co., Ltd. | A method for protecting data on a mass storage device and a device for the same |
CN104641594B (en) | 2012-09-26 | 2017-10-17 | 惠普发展公司,有限责任合伙企业 | Multicast message updates |
ES2486165B1 (en) * | 2013-02-14 | 2015-08-28 | Txperta High Tech, S.L. | DISTANCE CONTROL DEVICE BIOMETRICALLY ACTIVATED AND DISTANCE CONTROL PROCEDURE THROUGH BIOMETRIC DATA |
US10158618B2 (en) | 2013-03-06 | 2018-12-18 | Nuesoft Technologies, Inc. | System and method for securely accessing data through web applications |
US10607220B2 (en) * | 2016-08-25 | 2020-03-31 | Mastercard International Incorporated | Systems and methods for consolidated message processing |
US10348718B2 (en) * | 2016-09-14 | 2019-07-09 | Oracle International Corporation | Sharing credentials and other secret data in collaborative environment in a secure manner |
US11030328B2 (en) * | 2017-05-31 | 2021-06-08 | Entrust Corporation | Cryptographic object management across multiple remote sites |
US11639617B1 (en) | 2019-04-03 | 2023-05-02 | The Chamberlain Group Llc | Access control system and method |
US11463477B2 (en) * | 2019-05-22 | 2022-10-04 | Hewlett Packard Enterprise Development Lp | Policy management system to provide authorization information via distributed data store |
CN110706381A (en) * | 2019-09-30 | 2020-01-17 | 深圳市纳泽科技有限公司 | Apartment management system capable of automatically detecting house and automatically freezing door lock password |
Citations (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US1543750A (en) * | 1920-01-16 | 1925-06-30 | Cooney Henry | Method of blending light hydrocarbons |
US4945468A (en) * | 1988-02-01 | 1990-07-31 | International Business Machines Corporation | Trusted path mechanism for virtual terminal environments |
US4993068A (en) * | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
US5491752A (en) * | 1993-03-18 | 1996-02-13 | Digital Equipment Corporation, Patent Law Group | System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens |
US5655148A (en) * | 1994-05-27 | 1997-08-05 | Microsoft Corporation | Method for automatically configuring devices including a network adapter without manual intervention and without prior configuration information |
US5802176A (en) * | 1996-03-22 | 1998-09-01 | Activcard | System for controlling access to a function, using a plurality of dynamic encryption variables |
US5841868A (en) * | 1993-09-21 | 1998-11-24 | Helbig, Sr.; Walter Allen | Trusted computer system |
US5878142A (en) * | 1994-07-12 | 1999-03-02 | Information Resource Engineering, Inc. | Pocket encrypting and authenticating communications device |
US5887065A (en) * | 1996-03-22 | 1999-03-23 | Activcard | System and method for user authentication having clock synchronization |
US5937068A (en) * | 1996-03-22 | 1999-08-10 | Activcard | System and method for user authentication employing dynamic encryption variables |
US5991411A (en) * | 1996-10-08 | 1999-11-23 | International Business Machines Corporation | Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like |
US6005942A (en) * | 1997-03-24 | 1999-12-21 | Visa International Service Association | System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US6038551A (en) * | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
US6076075A (en) * | 1995-09-25 | 2000-06-13 | Cardis Enterprise International N.V. | Retail unit and a payment unit for serving a customer on a purchase and method for executing the same |
US6108789A (en) * | 1998-05-05 | 2000-08-22 | Liberate Technologies | Mechanism for users with internet service provider smart cards to roam among geographically disparate authorized network computer client devices without mediation of a central authority |
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
US6178504B1 (en) * | 1998-03-12 | 2001-01-23 | Cheyenne Property Trust C/O Data Securities International, Inc. | Host system elements for an international cryptography framework |
US20010024066A1 (en) * | 2000-01-20 | 2001-09-27 | International Business Machines Corporation | Handheld device, smart card interface device (IFD) and data transmission method |
US6308317B1 (en) * | 1996-10-25 | 2001-10-23 | Schlumberger Technologies, Inc. | Using a high level programming language with a microcontroller |
US20020002684A1 (en) * | 1998-05-01 | 2002-01-03 | Barbara L. Fox | Intelligent trust management method and system |
US20020040936A1 (en) * | 1998-10-27 | 2002-04-11 | David C. Wentker | Delegated management of smart card applications |
US20020089410A1 (en) * | 2000-11-13 | 2002-07-11 | Janiak Martin J. | Biometric authentication device for use with a personal digital assistant |
US6547150B1 (en) * | 1999-05-11 | 2003-04-15 | Microsoft Corporation | Smart card application development system and method |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US6657956B1 (en) * | 1996-03-07 | 2003-12-02 | Bull Cp8 | Method enabling secure access by a station to at least one server, and device using same |
US6694436B1 (en) * | 1998-05-22 | 2004-02-17 | Activcard | Terminal and system for performing secure electronic transactions |
US6738901B1 (en) * | 1999-12-15 | 2004-05-18 | 3M Innovative Properties Company | Smart card controlled internet access |
US6748532B1 (en) * | 1999-10-29 | 2004-06-08 | Sun Microsystems, Inc. | Universal smart card access system |
US6788956B2 (en) * | 1999-12-06 | 2004-09-07 | Alcatel | Terminal to execute a terminal application |
US7024689B2 (en) * | 2002-12-13 | 2006-04-04 | Intuit, Inc. | Granting access rights to unattended software |
US7152230B2 (en) * | 2000-11-09 | 2006-12-19 | Hitachi, Ltd. | Storage media storing data related to smart card, smart card system and smart card application loading method |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5276735A (en) | 1992-04-17 | 1994-01-04 | Secure Computing Corporation | Data enclave and trusted path system |
FR2695364B1 (en) * | 1992-09-04 | 1994-10-14 | Renault | Electronic anti-theft system for motor vehicle. |
US5577121A (en) | 1994-06-09 | 1996-11-19 | Electronic Payment Services, Inc. | Transaction system for integrated circuit cards |
US5682142A (en) * | 1994-07-29 | 1997-10-28 | Id Systems Inc. | Electronic control system/network |
FR2738436B1 (en) * | 1995-03-06 | 1997-11-21 | Novella Carmelo | PORTABLE ELECTRONIC KEY ACCESS CONTROL SYSTEM |
EP0733971A3 (en) | 1995-03-22 | 1999-07-07 | Sun Microsystems, Inc. | Method and apparatus for managing connections for communication among objects in a distributed object system |
US6169804B1 (en) | 1996-11-21 | 2001-01-02 | Pitney Bowes Inc. | Method for verifying the expected postage security device and its status |
US6397328B1 (en) | 1996-11-21 | 2002-05-28 | Pitney Bowes Inc. | Method for verifying the expected postage security device and an authorized host system |
DE19724901A1 (en) | 1997-06-12 | 1998-12-17 | Siemens Nixdorf Inf Syst | Mobile radio telephone and those with a coupled computer for Internet or network applications and method for operating such a combination of devices |
US6720745B2 (en) * | 1997-08-26 | 2004-04-13 | Color Kinetics, Incorporated | Data delivery track |
DE19748054A1 (en) * | 1997-10-30 | 1999-05-12 | Bosch Gmbh Robert | Method for operating a cell phone and cell phone |
US6061476A (en) * | 1997-11-24 | 2000-05-09 | Cognex Corporation | Method and apparatus using image subtraction and dynamic thresholding |
SG92632A1 (en) | 1998-03-30 | 2002-11-19 | Citicorp Dev Ct Inc | Method and system for managing applications for a multi-function smartcard |
SE512335C2 (en) | 1998-05-12 | 2000-02-28 | Sectra Communications Ab | Mobile and / or cordless telephone |
FR2790161A1 (en) | 1999-02-18 | 2000-08-25 | Schlumberger Systems & Service | Two network mobile telephone roaming subscriber identification technique having separate subscriber network interface modules corresponding regularly verifying/updating coverage and automatically returning correct network identity. |
ATE259086T1 (en) | 1999-06-18 | 2004-02-15 | Citicorp Dev Ct Inc | METHOD, SYSTEM AND APPARATUS FOR TRANSMITTING, RECEIVING AND DISPLAYING INFORMATION |
EP1208715A1 (en) | 1999-08-31 | 2002-05-29 | TELEFONAKTIEBOLAGET L M ERICSSON (publ) | Gsm security for packet data networks |
DE10009057A1 (en) * | 2000-02-28 | 2001-08-30 | Klaus Doebel | Access control system provides access to security object in form of mobile vehicle that transmits time, position and/or user dependent useful data to monitoring center after user access |
US6971021B1 (en) | 2000-03-08 | 2005-11-29 | Rainbow Technologies, Inc. | Non-wire contact device application for cryptographic module interfaces |
US6981281B1 (en) | 2000-06-21 | 2005-12-27 | Microsoft Corporation | Filtering a permission set using permission requests associated with a code assembly |
US6466804B1 (en) | 2000-08-25 | 2002-10-15 | Motorola, Inc. | Method and apparatus for remote multiple access to subscriber identity module |
JP2004513271A (en) * | 2000-10-20 | 2004-04-30 | ブルー ソルテック カンパニー リミティッド | Door control system and indoor home appliance control system using wireless communication |
US20020095587A1 (en) * | 2001-01-17 | 2002-07-18 | International Business Machines Corporation | Smart card with integrated biometric sensor |
ATE291319T1 (en) | 2001-04-30 | 2005-04-15 | Activcard Ireland Ltd | METHOD AND SYSTEM FOR AUTHENTICATING A PERSONAL SECURITY DEVICE AGAINST AT LEAST ONE REMOTE COMPUTER SYSTEM |
ATE366968T1 (en) * | 2001-04-30 | 2007-08-15 | Activcard Ireland Ltd | METHOD AND SYSTEM FOR REMOTE ACTIVATION AND MANAGEMENT OF PERSONAL SECURITY DEVICES |
US8141144B2 (en) | 2001-05-10 | 2012-03-20 | Hewlett-Packard Development Company, L.P. | Security policy management for network devices |
US20030154375A1 (en) | 2002-02-08 | 2003-08-14 | Weimin Yang | Universal crypto-adaptor system for supporting multiple APIs and multiple smart cards |
US20050138380A1 (en) | 2003-12-22 | 2005-06-23 | Fedronic Dominique L.J. | Entry control system |
-
2003
- 2003-12-22 US US10/740,518 patent/US20050138380A1/en not_active Abandoned
-
2004
- 2004-12-22 AT AT04293091T patent/ATE554581T1/en active
- 2004-12-22 ES ES04293091T patent/ES2388215T3/en active Active
- 2004-12-22 EP EP04293091A patent/EP1549020B1/en active Active
-
2007
- 2007-09-17 US US11/856,549 patent/US9652911B2/en active Active
-
2017
- 2017-04-12 US US15/485,274 patent/US9898878B2/en not_active Expired - Lifetime
-
2018
- 2018-01-10 US US15/866,731 patent/US10089803B2/en not_active Expired - Lifetime
- 2018-08-27 US US16/112,990 patent/US10417849B2/en not_active Expired - Lifetime
Patent Citations (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US1543750A (en) * | 1920-01-16 | 1925-06-30 | Cooney Henry | Method of blending light hydrocarbons |
US4945468A (en) * | 1988-02-01 | 1990-07-31 | International Business Machines Corporation | Trusted path mechanism for virtual terminal environments |
US4993068A (en) * | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
US5491752A (en) * | 1993-03-18 | 1996-02-13 | Digital Equipment Corporation, Patent Law Group | System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens |
US5841868A (en) * | 1993-09-21 | 1998-11-24 | Helbig, Sr.; Walter Allen | Trusted computer system |
US5655148A (en) * | 1994-05-27 | 1997-08-05 | Microsoft Corporation | Method for automatically configuring devices including a network adapter without manual intervention and without prior configuration information |
US5878142A (en) * | 1994-07-12 | 1999-03-02 | Information Resource Engineering, Inc. | Pocket encrypting and authenticating communications device |
US6076075A (en) * | 1995-09-25 | 2000-06-13 | Cardis Enterprise International N.V. | Retail unit and a payment unit for serving a customer on a purchase and method for executing the same |
US6657956B1 (en) * | 1996-03-07 | 2003-12-02 | Bull Cp8 | Method enabling secure access by a station to at least one server, and device using same |
US6038551A (en) * | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
US5802176A (en) * | 1996-03-22 | 1998-09-01 | Activcard | System for controlling access to a function, using a plurality of dynamic encryption variables |
US5887065A (en) * | 1996-03-22 | 1999-03-23 | Activcard | System and method for user authentication having clock synchronization |
US5937068A (en) * | 1996-03-22 | 1999-08-10 | Activcard | System and method for user authentication employing dynamic encryption variables |
US5991411A (en) * | 1996-10-08 | 1999-11-23 | International Business Machines Corporation | Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like |
US6308317B1 (en) * | 1996-10-25 | 2001-10-23 | Schlumberger Technologies, Inc. | Using a high level programming language with a microcontroller |
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
US6233683B1 (en) * | 1997-03-24 | 2001-05-15 | Visa International Service Association | System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6005942A (en) * | 1997-03-24 | 1999-12-21 | Visa International Service Association | System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US6178504B1 (en) * | 1998-03-12 | 2001-01-23 | Cheyenne Property Trust C/O Data Securities International, Inc. | Host system elements for an international cryptography framework |
US20020002684A1 (en) * | 1998-05-01 | 2002-01-03 | Barbara L. Fox | Intelligent trust management method and system |
US6108789A (en) * | 1998-05-05 | 2000-08-22 | Liberate Technologies | Mechanism for users with internet service provider smart cards to roam among geographically disparate authorized network computer client devices without mediation of a central authority |
US6694436B1 (en) * | 1998-05-22 | 2004-02-17 | Activcard | Terminal and system for performing secure electronic transactions |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US20020040936A1 (en) * | 1998-10-27 | 2002-04-11 | David C. Wentker | Delegated management of smart card applications |
US6547150B1 (en) * | 1999-05-11 | 2003-04-15 | Microsoft Corporation | Smart card application development system and method |
US6748532B1 (en) * | 1999-10-29 | 2004-06-08 | Sun Microsystems, Inc. | Universal smart card access system |
US6788956B2 (en) * | 1999-12-06 | 2004-09-07 | Alcatel | Terminal to execute a terminal application |
US6738901B1 (en) * | 1999-12-15 | 2004-05-18 | 3M Innovative Properties Company | Smart card controlled internet access |
US20010024066A1 (en) * | 2000-01-20 | 2001-09-27 | International Business Machines Corporation | Handheld device, smart card interface device (IFD) and data transmission method |
US7152230B2 (en) * | 2000-11-09 | 2006-12-19 | Hitachi, Ltd. | Storage media storing data related to smart card, smart card system and smart card application loading method |
US20020089410A1 (en) * | 2000-11-13 | 2002-07-11 | Janiak Martin J. | Biometric authentication device for use with a personal digital assistant |
US7024689B2 (en) * | 2002-12-13 | 2006-04-04 | Intuit, Inc. | Granting access rights to unattended software |
Cited By (63)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10616863B2 (en) * | 2003-04-23 | 2020-04-07 | Canon Kabushiki Kaisha | Wireless communication system, device, and control method for searching multiple communication frequency channels and processing cryptographic communication in an infrastructure mode using a received communication parameter including information of an encrypted key |
US10417849B2 (en) | 2003-12-22 | 2019-09-17 | Assa Abloy Ab | Entry control system |
US20060093149A1 (en) * | 2004-10-30 | 2006-05-04 | Shera International Ltd. | Certified deployment of applications on terminals |
US20070028300A1 (en) * | 2005-07-28 | 2007-02-01 | Bishop Ellis E | System and method for controlling on-demand security |
US8225102B1 (en) * | 2005-09-14 | 2012-07-17 | Juniper Networks, Inc. | Local caching of one-time user passwords |
US7752450B1 (en) * | 2005-09-14 | 2010-07-06 | Juniper Networks, Inc. | Local caching of one-time user passwords |
US20080272881A1 (en) * | 2005-10-21 | 2008-11-06 | Honeywell Limited | Authorisation System and a Method of Authorisation |
US8232860B2 (en) | 2005-10-21 | 2012-07-31 | Honeywell International Inc. | RFID reader for facility access control and authorization |
US8941464B2 (en) | 2005-10-21 | 2015-01-27 | Honeywell International Inc. | Authorization system and a method of authorization |
WO2007045051A1 (en) * | 2005-10-21 | 2007-04-26 | Honeywell Limited | An authorisation system and a method of authorisation |
US8185933B1 (en) | 2006-02-02 | 2012-05-22 | Juniper Networks, Inc. | Local caching of endpoint security information |
US7818783B2 (en) | 2006-03-08 | 2010-10-19 | Davis Russell J | System and method for global access control |
US8122492B2 (en) | 2006-04-21 | 2012-02-21 | Microsoft Corporation | Integration of social network information and network firewalls |
US20070250922A1 (en) * | 2006-04-21 | 2007-10-25 | Microsoft Corporation | Integration of social network information and network firewalls |
WO2008027626A3 (en) * | 2006-04-25 | 2008-05-02 | Secure Network Systems Llc | Logical and physical security |
EP2013810A2 (en) * | 2006-04-25 | 2009-01-14 | Secure Network Systems, LLC | Logical and physical security |
JP2009535711A (en) * | 2006-04-25 | 2009-10-01 | ベトリックス,エルエルシー | Application data related to logical and physical security |
US20190075135A1 (en) * | 2006-04-25 | 2019-03-07 | Vetrix, Llc | Converged logical and physical security |
US9400881B2 (en) | 2006-04-25 | 2016-07-26 | Vetrix, Llc | Converged logical and physical security |
JP2013242886A (en) * | 2006-04-25 | 2013-12-05 | Vetrix Llc | Application data relating to logical and physical securities |
US8108914B2 (en) * | 2006-04-25 | 2012-01-31 | Vetrix, Llc | Converged logical and physical security |
WO2008027626A2 (en) * | 2006-04-25 | 2008-03-06 | Secure Network Systems, Llc | Logical and physical security |
EP2013810A4 (en) * | 2006-04-25 | 2012-03-28 | Vetrix Llc | Logical and physical security |
AU2007290309B2 (en) * | 2006-04-25 | 2012-05-31 | Vetrix, Llc | Logical and physical security |
US20080109883A1 (en) * | 2006-04-25 | 2008-05-08 | Secure Network Systems, Llc | Logical and physical security |
US20070261111A1 (en) * | 2006-05-05 | 2007-11-08 | Microsoft Corporation | Distributed firewall implementation and control |
US8079073B2 (en) | 2006-05-05 | 2011-12-13 | Microsoft Corporation | Distributed firewall implementation and control |
US8176157B2 (en) | 2006-05-18 | 2012-05-08 | Microsoft Corporation | Exceptions grouping |
US20070271361A1 (en) * | 2006-05-18 | 2007-11-22 | Microsoft Corporation Microsoft Patent Group | Exceptions grouping |
US10750555B2 (en) | 2006-10-20 | 2020-08-18 | Canon Kabushiki Kaisha | Communication parameter setting method, communicating apparatus, and managing apparatus for managing communication parameters |
US8598982B2 (en) | 2007-05-28 | 2013-12-03 | Honeywell International Inc. | Systems and methods for commissioning access control devices |
US20110115602A1 (en) * | 2007-05-28 | 2011-05-19 | Honeywell International Inc. | Systems and methods for commissioning access control devices |
US8351350B2 (en) | 2007-05-28 | 2013-01-08 | Honeywell International Inc. | Systems and methods for configuring access control devices |
US20110038278A1 (en) * | 2007-05-28 | 2011-02-17 | Honeywell International Inc. | Systems and methods for configuring access control devices |
US20110071929A1 (en) * | 2008-01-30 | 2011-03-24 | Honeywell International Inc. | Systems and methods for managing building services |
US9704313B2 (en) | 2008-09-30 | 2017-07-11 | Honeywell International Inc. | Systems and methods for interacting with access control devices |
US20200304999A1 (en) * | 2009-01-06 | 2020-09-24 | Vetrix, Llc | Integrated physical and logical security management via a portable device |
US8878931B2 (en) | 2009-03-04 | 2014-11-04 | Honeywell International Inc. | Systems and methods for managing video data |
US11438732B2 (en) | 2009-03-06 | 2022-09-06 | Vetrix, Llc | Systems and methods for mobile tracking, communications and alerting |
US9019070B2 (en) | 2009-03-19 | 2015-04-28 | Honeywell International Inc. | Systems and methods for managing access control devices |
US9280365B2 (en) | 2009-12-17 | 2016-03-08 | Honeywell International Inc. | Systems and methods for managing configuration data at disconnected remote devices |
US20110153791A1 (en) * | 2009-12-17 | 2011-06-23 | Honeywell International Inc. | Systems and methods for managing configuration data at disconnected remote devices |
US20110167488A1 (en) * | 2010-01-07 | 2011-07-07 | Honeywell International Inc. | Systems and methods for location aware access control management |
US8707414B2 (en) | 2010-01-07 | 2014-04-22 | Honeywell International Inc. | Systems and methods for location aware access control management |
US20130031357A1 (en) * | 2010-03-29 | 2013-01-31 | Dieter Weiss | Method for secure transfer of an application from a server into a reading device unit |
US9325504B2 (en) * | 2010-03-29 | 2016-04-26 | Giesecke & Devrient Gmbh | Method for secure transfer of an application from a server into a reading device unit |
US9705861B2 (en) | 2010-06-04 | 2017-07-11 | Ubiqu B.V. | Method of authorizing a person, an authorizing architecture and a computer program product |
US8787725B2 (en) | 2010-11-11 | 2014-07-22 | Honeywell International Inc. | Systems and methods for managing video data |
US9894261B2 (en) | 2011-06-24 | 2018-02-13 | Honeywell International Inc. | Systems and methods for presenting digital video management system information via a user-customizable hierarchical tree interface |
US9344684B2 (en) | 2011-08-05 | 2016-05-17 | Honeywell International Inc. | Systems and methods configured to enable content sharing between client terminals of a digital video management system |
US10038872B2 (en) | 2011-08-05 | 2018-07-31 | Honeywell International Inc. | Systems and methods for managing video data |
US10362273B2 (en) | 2011-08-05 | 2019-07-23 | Honeywell International Inc. | Systems and methods for managing video data |
US10863143B2 (en) | 2011-08-05 | 2020-12-08 | Honeywell International Inc. | Systems and methods for managing video data |
US10489132B1 (en) * | 2013-09-23 | 2019-11-26 | Sprint Communications Company L.P. | Authenticating mobile device for on board diagnostic system access |
US11523088B2 (en) | 2013-10-30 | 2022-12-06 | Honeywell Interntional Inc. | Computer implemented systems frameworks and methods configured for enabling review of incident data |
US10523903B2 (en) | 2013-10-30 | 2019-12-31 | Honeywell International Inc. | Computer implemented systems frameworks and methods configured for enabling review of incident data |
US10992709B2 (en) * | 2015-07-28 | 2021-04-27 | Citrix Systems, Inc. | Efficient use of IPsec tunnels in multi-path environment |
US11354955B2 (en) | 2017-05-15 | 2022-06-07 | Amazon Technologies, Inc. | Universal access control device |
US11438169B2 (en) * | 2017-09-25 | 2022-09-06 | Amazon Technologies, Inc. | Time-bound secure access |
CN110198325A (en) * | 2018-02-26 | 2019-09-03 | 北京京东尚科信息技术有限公司 | Communication means, device and system, network server and storage medium |
US10970949B2 (en) * | 2018-05-04 | 2021-04-06 | Genetec Inc. | Secure access control |
US20190340858A1 (en) * | 2018-05-04 | 2019-11-07 | Genetec Inc. | Secure Access Control |
CN110519306A (en) * | 2019-10-09 | 2019-11-29 | 三星电子(中国)研发中心 | A kind of the equipment access control method and device of Internet of Things |
Also Published As
Publication number | Publication date |
---|---|
US20170287243A1 (en) | 2017-10-05 |
US9652911B2 (en) | 2017-05-16 |
EP1549020A2 (en) | 2005-06-29 |
US9898878B2 (en) | 2018-02-20 |
EP1549020A3 (en) | 2005-07-13 |
US10089803B2 (en) | 2018-10-02 |
ATE554581T1 (en) | 2012-05-15 |
US20190088049A1 (en) | 2019-03-21 |
EP1549020B1 (en) | 2012-04-18 |
ES2388215T3 (en) | 2012-10-10 |
US10417849B2 (en) | 2019-09-17 |
US20080059798A1 (en) | 2008-03-06 |
US20180218551A1 (en) | 2018-08-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10417849B2 (en) | Entry control system | |
US8689013B2 (en) | Dual-interface key management | |
EP2087690B1 (en) | Secure access to a protected network resource within a restricted area | |
EP1389752B1 (en) | System and method for privilege delegation and control | |
EP1549021A1 (en) | Access controlled by security token and mediated by sever | |
CN111464556B (en) | Portable user terminal | |
US20120074223A1 (en) | Card credential method and system | |
US20110010766A1 (en) | System and Method for Policy Enforcement and Token State Monitoring | |
US20070186106A1 (en) | Systems and methods for multi-factor authentication | |
CN102598577A (en) | Authentication using cloud authentication | |
EA012094B1 (en) | Security token and method for authentication of a user with the security token | |
CN100559752C (en) | The method and system of authentication server in the distributed application environment | |
US7281263B1 (en) | System and method for managing security access for users to network systems | |
CN109409041A (en) | A kind of server-side safety certifying method and system based on the application of more certificates | |
CN109801418A (en) | User autonomous controllable fining authorization management method and device | |
WO2010048350A1 (en) | Card credential method and system | |
JP4018450B2 (en) | Document management system, document management apparatus, authentication method, computer readable program, and storage medium | |
JP2023527862A (en) | Secure remote access to industrial control systems with hardware-based authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: ACTIVCARD IRELAND, LIMITED, IRELAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FEDRONIC, DOMINIQUE, LOUIS, JOSEPH;WEN, WU;REEL/FRAME:014824/0859 Effective date: 20031014 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: ACTIVCARD IRELAND, LIMITED, IRELAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ACTIVIDENTITY, INC.;REEL/FRAME:029444/0562 Effective date: 20120726 |
|
AS | Assignment |
Owner name: ACTIVIDENTITY, INC., CALIFORNIA Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ASSIGNOR AND ASSIGNEE NAMES PREVIOUSLY RECORDED ON REEL 029444 FRAME 0562. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ACTIVCARD IRELAND LIMITED;REEL/FRAME:029565/0770 Effective date: 20120726 |