Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-06-23
2002-04-16
Baderman, Scott (Department: 2184)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C340S870030, C235S382000
Reexamination Certificate
active
06374356
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to systems and methods for authorizing the execution of desired actions through validation of schedule data that provides a timetable during which the execution of one or more of such actions are authorized. In a specific example, the invention may be put in practical use in access control systems designed to control user access to a door, for example. The access control system determines on the basis of schedule data stored on a user card if the access to the premises may be granted to this particular user for that particular time of day.
BACKGROUND OF THE INVENTION
The basic architecture for well-known security systems uses a Central Access Control System Computer (CACSC) remotely managing one or more Standard Access Controller (SAC) that control a certain number of service areas. Each SAC, acting as a bridge between the CACSC and a number of local control devices, directly manages most of the functions of the local control device. Each local control device can be viewed as a collection of devices that provide the required services to a controlled access point (such as a door). Examples of those devices are a lock device, a lock status sensor, a door contact sensor, a request-to-exit device, a card reader device, a warning device, a manual pull-station, an intercom, and a video camera, among others.
Typically, the SAC is installed at a central location in the premises and the individual local control devices are connected to the SAC with wires. Each of the devices of a given local control device requires individual wiring over an appreciable length between the SAC and the local control device. In a typical example, a total of 22 wires and one coax cable may be required between each local control device and the SAC.
In use, when a user desires to access the premises, he or she inserts a portable memory device (i.e., an identification card) in the card reader of the local control device. The card reader extracts from the card the user identification number. This identification number is usually a 26 to a 32-bit data unit. This number is then transmitted to the remote SAC that contains a database of all the authorized user identification numbers. The SAC compares the received identification number with the valid numbers held in the database. In the event a match is found, the SAC invokes a scheduler that determines if the user can access the premises at that particular time. The scheduler is also a database mapping the valid identification numbers with schedule information. If the scheduler reports that the user is allowed to access the premises at that given time, the SAC issues a control signal to the electric lock of the local control device to unlock the door.
This implementation requires the SAC to store all the identification numbers, user information, schedules, door access information, etc. in its processor's memory.
A first drawback with present systems is related to the memory capacity of the SAC. Actual systems, for say 5000 users, are limited to 100-150 schedules. This means that the typical memory allocation does not even provide one unique schedule per user. Furthermore, with the advent of new services such as photo identification even more memory capacity will be required. One solution might be to increase the SAC's memory, however, this is expensive.
A second drawback is associated with the number of wires and their length between the SAC and the local control device. This requires the routing of a wire bundle from each Local control device to the SAC that is installed in a utility cabinet at a distance up to 500 feet away. This becomes a problem when troubleshooting of the system is necessary. When troubleshooting is performed, it may be necessary to inspect and/or test each of the individual wires. Furthermore, every time a new service is installed at a controlled access point (local control device), routing of additional wires from the CAP to the SAC is necessary. Troubleshooting and new service installation can therefore be quite time consuming.
Thus, there exists a need in the industry to provide an improved automated access control system that alleviates the drawbacks associated with prior art systems.
OBJECTIVES AND SUMMARY OF THE INVENTION
An object of this invention is to provide an improved system and method for authorizing the execution of desired actions through validation of schedule data.
Yet another object of the present invention is to provide an improved portable memory device, such as a hand held electronic card, that is capable of storing schedule data that can be processed at a local control device to determine if a desired action can be effected at least in part on the basis of the scheduled data.
As embodied and broadly described herein, the invention provides a portable memory device to enable execution of a desired action by a control device, said portable memory device including a machine readable storage medium holding a data structure including schedule data providing at least one time interval during which the execution of the desired action may potentially be authorized by the control device, said data structure being readable by the control device to acquire said schedule data and determine if the execution of the desired action is to be authorized on a basis at least in part of said schedule data.
For the purpose of this specification, the expression “schedule data” is intended to encompass any collection of data that constitutes or provides the functionality of a timetable. In a specific example, the schedule data may provide one or more time intervals during which a user may be authorized to access the premises of a building, or generally enable the execution of the certain function, such as unlocking the door.
In a most preferred embodiment of the present invention, the portable memory device is in the form of an access card including a machine-readable storage medium in which is stored the data structure providing the necessary data elements to complete a user validation transaction at a door of a premises. More specifically, three specific data elements are stored on the machine-readable storage medium, namely a user identification number, schedule data and schedule validation data. The user identification number is employed to validate the user against a known list of identification codes that are established as valid codes. In other words, if the identification code read from the card does not match any one of the codes in the list, access is denied. The schedule data element is used to determine the time frame of each day or of selected days during which access to the premises can be granted to the user. Finally, the schedule validation data is provided to authenticate the schedule data on the memory device through an interaction involving the control device.
In this example, the control device is capable of a much broader decision making process, since most of the information that is necessary to the control device to determine if access to the user is to be granted is locally available. Part of this information is held in the memory of the control device and part is acquired from the portable memory device. This feature limits the data exchange with the SAC during a transaction with a user. Accordingly, the number of wires that interconnect the control device with the SAC can be significantly reduced since the limited data exchange can be implemented by using a serial data transmission protocol.
In a specific example of the operation of the system, a user presents his access card to the card reader at the local control device. The card reader scans the card and extracts the information from the card and stores it to a temporary memory location in the local control device. The local control device will process the information (user identification number, schedule data and schedule validation data for this user) to determine if the action sought by the user can be authorized.
The decision making process is based on an analysis of the three data elements stored
Daigneault Benoit
Lemieux Pierre
AXS Technologies, Inc.
Baderman Scott
Fish & Richardson P.C.
LandOfFree
Shared intelligence automated access control system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Shared intelligence automated access control system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Shared intelligence automated access control system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2878968