• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    In a method for access control, in particular in buildings (2), in which bidirectional data transmission takes place between an electronic identification medium (6) storing access data and an access control device (9) and a access authorization check is made in the access control device (9), depending on the detected Access authorization is a blocking means for selectively enabling or blocking the access is controlled, with access rights data stored in a central processing unit (1) and managed and the identification medium (6) is programmed with access rights data, wherein the programming of the identification medium (6) transmitting the access right data via a wireless telecommunications network (4) to a wireless mobile telecommunication device (5) and the transmission of the access data received from the mobile telecommunication device (5) to a memory (10) de s identification medium (6), the access rights data from the telecommunication device (5) to the identification medium (6) wirelessly via short range radio and the access rights data is stored in an electronic Sicherheitshardwaremodul (10) of the identification medium (6).
    公开号:AT513461A1
    申请号:T523/2013
    申请日:2013-06-25
    公开日:2014-04-15
    发明作者:
    申请人:Evva Sicherheitstechnologie;
    IPC主号:
    专利说明:

    •·································································· I
    The invention relates to a method for access control, in particular in buildings, in which bidirectional data transmission takes place between an electronic identification medium storing access data and an access control device, and in the access control device
    Access authorization check is made, depending on the established access authorization a blocking means for selectively enabling or blocking the access is controlled, with access rights data stored and managed in a central processing unit and the identification medium is programmed with access rights data, the programming of the identification medium sending the access right data via a wireless telecommunications network to a wireless mobile telecommunications device and the transmission of the data received from the mobile telecommunication device access rights data to a memory of the identification medium comprises.
    The invention further relates to an identification medium for use in such a method.
    A method of the aforementioned type is described in WO 2009/094683 Al. In the method described there, the programming of the electronic identification media with access rights data takes place via a wireless telecommunications network, so that the access right data is sent from the central processing unit to a wireless mobile telecommunication device of the respectively desired user or key holder. The access rights data received by the mobile telecommunication device may be sent to a suitable network. 2/22 • ······················································································· * ·· * 2 # · · #
    Identification medium are provided, which receives a key function in this way. This will create a kind of "online key". created because the identification medium can be reprogrammed via the mobile telecommunications network and the corresponding mobile terminal to change in this way the access right data and thus the access authorization of the key holder.
    Due to the possibility of remote programming of identification media, it is no longer necessary to change the access authorizations to obtain access directly to the individual locking units or access control devices. The access control devices can operate as autonomous units after installation and initialization, and in particular require no network connection. This is of particular advantage if, due to the local conditions, a crosslinking of closing units is not desired, for example, if the costs of networking would be too costly for smaller locking systems or if structural interventions in the door and in the area of the door are undesirable.
    As described in WO 2009/094683 Al, the access rights data are written to the external, separate from the telecommunication device identification medium after the transmission to the mobile telecommunication device using a separate read / write device. This naturally requires an additional writing process and a corresponding writing device, which involves a high handling effort. 3/22 • 9 0 · · * 9 0 0 9 · • 9 9 9 Ο «ο 9 0 9 0 0 • 9 0 * 9 9 0090 0 * 909« 000 90 09 OO930OOO OO 9 9
    Another problem of said identification media is the risk of unauthorized reading of the stored access right data, e.g. by means of a contact-type reading device for chip cards od. Like.
    The present invention therefore aims to avoid the above-mentioned disadvantages.
    To solve this problem, the invention essentially provides in a method of the above-mentioned type that the transmission of the access right data from the telecommunication device to the identification medium takes place wirelessly via short range radio and the access right data is stored in an electronic security hardware module of the identification medium.
    The fact that the access rights data are transmitted by the telecommunication device wirelessly and via short range radio to the identification medium, the security risks associated with contact write or read devices can be avoided. At the same time, the use of short-range radio ensures that the transmission of the sensitive access right data takes place only to an identification medium located in the immediate vicinity. Short-range radio is understood to be a wireless data transmission method in which signals are transmitted by means of electromagnetic waves. The maximum range is preferably 10m, more preferably 5m. To increase security, the data transmission between the telecommunication device and the identification medium can be secured by cryptographic authentication methods and / or by encryption methods.
    Finally, the wireless data transmission makes handling much easier. In particular, the data transmission can take place automatically as soon as the telecommunication device has received updated access rights data from the central processing unit. This completely eliminates the need for a user action. The user only has to carry a telecommunication device ready to receive and carry the identification medium in the vicinity of the telecommunication device, for example in a trouser pocket or a handbag, wherein the communication-like coupling of the identification medium to the telecommunication device preferably takes place automatically.
    The use of the external identification medium instead of the telecommunication device as a carrier of the access rights data that communicates with the access control device has the advantage that the data communication between the identification medium and the access control device required for the access authorization check
    Communication interfaces or protocols can be made, with which conventional telecommunications equipment, such as. Mobile phones that are not equipped or compatible. Furthermore, this embodiment offers the advantage that access right data can be stored in an electronic security hardware module of the identification medium, which is the case
    Telecommunications equipment is not readily possible. 5/22 • · 9 9 ·· With • 9 9 9 9 · 99 · · «• 9 9 9 9 9 9« 9 9 99 9 9 9 9 · 9 9999 9 9999 [9 9 999 99 99 IMJ 9999 99 99
    The security hardware module used in the context of the invention is also described as "Secure Element" in the art. and characterized by the fact that access to the security hardware module and to the access rights data stored therein is ensured by cryptographic methods. A secure element is a trusted and secure hardware module that can be used as secure storage for security-critical data, for cryptographic operations, and as a secure environment for executing code. In most cases, Secure Elements are formed by their own integrated circuit, ensuring hardware isolation from other, less secure components.
    The security hardware module (secure element) can preferably be integrated in the communication module provided for the data exchange with the access control device. In this context, the invention is developed in such a way that the data communication between the identification medium and the access control device required for the access authorization check takes place via a first transceiver unit of the identification medium assigned to the security standard module, wherein the data communication by means of near field communication, in particular according to the RFID or NFC Standard is made. The fact that the data communication is preferably carried out according to the RFID or NFC standard, can be made of proven methods and components. In particular, because of the use of a separate from the telecommunication device identification medium communication interfaces, in particular RFID and NFC, 6/22 •······················································ * · · · «· * ·· ** ·· * · *« ^ ·· ·· ** * used in telecommunications equipment, such Mobile phones are usually less common.
    The use of the RFID or NFC standard allows a passive operation of the first transmitting / receiving unit of the identification medium, so that a query of the access authorization is guaranteed even without power or in case of power failure of the identification medium. A preferred embodiment in this context provides that the power supply of the first transmitting / receiving unit of the identification medium via an electromagnetic, preferably substantially magnetic alternating field of the access control device.
    In order to reduce the risk of unauthorized reading out or listening to sensitive data, it can preferably be provided that the identification medium in the security hardware module has stored at least one digital certificate in order to enable authentication of the electronic identification medium in the access control device. The data transmission between the identification medium and the access control device preferably comprises the use of a key exchange or derivation protocol, whereby the electronic identification medium and the access control device at least one secret common session key is accessed, after which the at least one session key for establishing a secure transmission channel between the electronic identification medium and the Access control device is used, and the access right data is transmitted via the secure channel from the electronic identification medium to the Access control device are transmitted. Preferably, the operations required in the identification medium for the key exchange or derivation protocol are performed in the security hardware module.
    The at least one digital certificate may in this case preferably be signed by the central processing unit.
    Preferably, the at least one session key is generated in the security hardware module and in the access control device based on an access control device individual access code, preferably further based on one of the identification medium and one of the
    Access control device generated random number and / or one of the identification medium and one generated by the access control device run number.
    Preferably, the key exchange or derivation protocol comprises generating a cryptogram using the session key in the access control device and transmitting it to the identification medium, wherein the cryptogram in the security hardware module is verified using the session key.
    A further preferred procedure provides that the transmission of the access right data from
    Telecommunication device to the identification medium via a second transmitting / receiving unit of the 8/22 · · · · · ·
    JS
    Identification medium takes place, in particular via a Bluetooth connection. The communication of the identification medium with the access control device and that with the telecommunication device thus takes place via different transmitting / receiving units, which preferably operate according to mutually different transmission protocols. Particularly preferred in the case of the second transceiver unit is the use of the Bluetooth standard. In particular, the Bluetooth 4.0 standard LE is advantageous because it has a very low power consumption.
    The two transceiver units are preferably designed as separate hardware units.
    The communication between the mobile
    Telecommunication device and the identification medium to update the access right data of the identification medium is triggered, for example by the user by pressing a corresponding button operation. However, this makes it possible for a user to deliberately undertake no update in order to continue to use an access authorization that has already been deleted or changed in the central processing unit. It is therefore preferably provided that the communication between the mobile telecommunication device and the identification medium takes place at regular, preset time intervals.
    In order to further reduce possibilities of abuse, it may be preferred in this connection for the identification medium to change to an inoperative or blocking mode if the time interval to the last 9/22 •••• * ♦ «· · · · · · ··· · 0 «$ · · C. · · · α · ·« «· β ^ * β · ^ * · · ·
    Communication between the mobile telecommunication device and the identification medium exceeds a predetermined limit. Such a case may occur, for example, if the identification medium is lost or stolen. In such a case, the identification medium is no longer in the proximity of the telecommunication device required for communication with the telecommunication device, so that connection establishment with the associated telecommunication device is not possible.
    Preferably, the telecommunication device and the identification medium are coupled to each other electronically (e.g., with Bluetooth) such that a data connection is only possible between the coupled entities. A stolen identification medium can therefore not be coupled to a foreign telecommunications device.
    Basically, the present invention is not limited to a particular embodiment of the telecommunication device. The telecommunication device only has to be able to perform a data communication on the one hand with the central processing unit and on the other hand with the identification medium. The telecommunications device therefore preferably has two mutually different data transmission interfaces. The one data transmission interface is preferably designed for the purpose of communication with the central processing unit for communication via a telecommunications network. The other communication interface is for the purpose of communicating with the identification medium via short range radio, e.g. Bluetooth, trained. The telecommunication device 10/22 is preferably a mobile telephone, in particular a GSM / UMTS mobile telephone, or a particularly portable personal computer. The telecommunication device can also be designed as a stationary device, e.g. as a bluetooth node that over the
    Telecommunications network data converted into the Bluetooth protocol.
    The data transmission between the central processing unit and the telecommunication device may be over a mobile telecommunication network, e.g. a GSM, GPRS, UMTS and / or LTE network, or via a wireless internet connection, e.g. Wi-Fi or the like done.
    The telecommunication device can take over the function of a relay or proxy unit between the central processing unit and the identification medium. In this case, the access right data will not be in the
    Telecommunications device cached, but it is made an end-to-end data connection between the central processing unit and the identification medium, so that the data only by the
    Telecommunications device to be passed. In the telecommunication device, only the conversion of the data from the transmission protocol used for the connection between the central processing unit and the telecommunication device then takes place on the transmission protocol used for the connection between the telecommunication device and the identification medium.
    Under a blocking agent is within the scope of the invention, e.g. a mechanically acting blocking element that can be moved between a blocking and a releasing position, a mechanical or magnetic coupling element comprising an actuating element, such as e.g. a handle coupled or decoupled with a locking member, or an electrically locking and / or releasable locking member, such as e.g. an electric door opener, to understand.
    To solve the problem underlying the invention, according to a further aspect of the invention, an electronic identification medium for
    Access control devices provided, comprising a first transmitting / receiving unit for the data communication between the identification medium and the access control device and a second transmitting / receiving unit for the wireless transmission of access rights data from a telecommunication device to the identification medium by short range radio, wherein the first transmitting / receiving unit an electronic Safety hardware module is assigned to store the access rights data.
    The first transceiver unit is preferably designed for wireless data communication by means of near-field communication, in particular according to the RFID or NFC standard.
    The second transceiver unit is preferably designed for data communication via the Bluetooth standard.
    The first transmitting / receiving unit is advantageously designed as a passively operating RFID or NFC unit.
    The access to the security hardware module and to the access rights data stored therein is preferably protected by cryptographic methods. 12/22 • ··· · · ········ · ·
    The invention will be explained in more detail with reference to embodiments shown schematically in the drawing. 1 shows the schematic structure of an access control system, and FIG. 2 shows the structure of the individual components of the system according to FIG. 1.
    In Fig. 1, a central processing unit is denoted by 1. The objects to which the access is to be controlled by means of the access control system are designated 2 and schematically represented in the present case as houses. The objects 2 each have a door with a locking unit based on RFID or NFC. An administrator 3 manages the central processing unit 1 and can assign access authorizations. The central processing unit 1 is connected to a mobile, wireless telecommunications network 4, such as a GSM mobile phone network and can send via the telecommunications network 4 access rights data to mobile telecommunications equipment 5. The mobile telecommunication devices 5 are mobile phones which are equipped with a software application 7 (FIG. 2) which controls the data exchange between the central processing unit 1 and an identification medium 6. The software application 7 or the telecommunication device 5 functions as a router, which forwards the access rights data received from the central processing unit 1 to the identification medium 6. The access rights data to be transmitted are hereby encrypted in the central processing unit 1 and decrypted in the identification medium 6. In the telecommunication device 5 there is no decryption of the access right data. In the simplest case, the 13/22 • · • · • ·
    «• • • • • • • • * * *» »o · • · ·
    Access rights data sent as a lock identifier to the mobile telecommunications device 5. If, in a greatly simplified example, the closing units of the objects 2 shown in FIG. 1 have the identifiers 100, 101 and 102, the transmission of the access right data to a telecommunication device 5 in the form of the identifier 101 means that this is an access authorization for the closing unit the identifier 101 corresponds. Now, when the identification medium 6 used as a key is brought into the vicinity of a locking unit with the tag 101 and in the course of the access authorization check, the access right data, namely the lock tag "101 " is transmitted to the locking unit, the locking unit recognizes on the basis of a comparison of the transmitted key from the lock identifier with its own lock identifier in accordance with the same the presence of an access authorization, whereupon the lock is released.
    The construction of the identification medium 6 is shown in more detail in FIG. The identification medium 6 may be designed in the form of a chip card, as a key fob, in the manner of an RFID or NFC transponder or the like. The identification medium comprises a first transceiver module 8, which is e.g. is designed for data exchange 17 with the access control device 9 according to the RFID / NFC standard and has a corresponding antenna. The first transmitting / receiving module 8 is in this case designed as a passively operating RFID / NFC transponder whose power is supplied as required by the electromagnetic, preferably substantially magnetic alternating field of the reading unit of the access control device 9. The RFID / NFC transponder 8 comprises a security standard module (secure element) 10, in which the security device of the telecommunications device 14/22 • ο ·· ···· ·· · · · · · · · · · ······ * - ·, * • ο ο ο • ο · * * * * * * * * * * * * * * * * * * * erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenen erhaltenenΑ. The programming of the security hardware module 10 takes place by means of a microcontroller 11, which is connected on the one hand to the security hardware module 10 and on the other hand to the second transmission / reception module 12. The second transceiver module 12 is suitable for data communication via Bluetooth 4.0 LE and can be coupled to a corresponding transceiver module 13 of the telecommunication device 5. The microcontroller 11 is set up to set up a wireless communication link 15 between the identification medium 6 and the telecommunication device 5 (or via the
    Telecommunications device 5 with the central processing unit 1) to allow a data exchange. The connection can be started, for example by pressing a button 14 on the identification medium 6. Alternatively, the connection setup is controlled by the software application 7 of the telecommunication device 5. Preferably, the connection is established at predetermined time intervals in order to regularly update the access rights data stored in the identification medium 6.
    The decryption of the access rights data obtained from the central processing unit 1 preferably takes place in the security hardware module 10. This means that the microcontroller 11 transfers the data received via the second send / receive module 12 unchanged to the security hardware module 10, where they are first decrypted. 15/22 ο · * · · · H5. ' ** 4 ·
    The power supply of the identification medium is provided by an electrical energy store such as e.g. a rechargeable battery 16 ensured. For charging the energy storage, the identification medium 6 may have a suitable receptacle, such as a receptacle. a MicroüSB connection, have. Alternatively, the charging can also be made without contact, in particular inductively. 16/22
    权利要求:
    Claims (11)
    [1]
    1. A method for access control, especially in buildings, in which a bidirectional data transmission takes place between an electronic identification medium storing access data and an access control device and an access authorization check is made in the access control device, wherein Dependency on the established access authorization a blocking means for selectively enabling or blocking the access is controlled, wherein access rights data stored in a central processing unit and managed and the identification medium is programmed with access rights data, the programming of the identification medium sending the access right data via a wireless telecommunications network to wireless mobile telecommunication device and transmitting the access rights data received from the mobile telecommunication device to a S comprises the transmission of the access rights data from the telecommunication device to the identification medium wirelessly via Kurzreichenfernfunkfunk and the access rights data stored in an electronic Sicherheitshardwaremodul the identification medium.
    [2]
    2. Method according to claim 1, characterized in that the data communication between the identification medium and the access control device required for the access authorization check takes place via a first transmission associated with the security hardware module, the data communication by means of near field communication, in particular according to the RFID or NFC standard is made.
    [3]
    3. The method according to claim 1 or 2, characterized in that the transmission of the access right data from the telecommunication device to the identification medium via a second transmitting / receiving unit of the identification medium takes place, in particular via a Bluetooth connection.
    [4]
    4. The method according to claim 2 or 3, characterized in that the power supply of the first transmitting / receiving unit of the identification medium via an electromagnetic, preferably substantially magnetic alternating field of the access control device takes place.
    [5]
    5. The method according to any one of claims 1 to 4, characterized in that the communication between the mobile telecommunication device and the identification medium takes place at regular, preset intervals.
    [6]
    6. The method according to claim 5, characterized in that the identification medium changes to a non-operating or blocking mode when the time interval to the last communication between the mobile telecommunication device and the identification medium exceeds a predetermined limit.
    [7]
    7. An electronic identification medium (6) for access control devices (9) comprising a first transceiver unit (8) for data communication (17) '18/22 between the identification medium (6) and the access control device (9) and a second transmission / Receiving unit (12) for the wireless transmission (15) of access rights data from a telecommunication device (5) to the identification medium (6) by short-range radio, wherein the first transmitting / receiving unit (8) associated with an electronic security hardware module (10) for storing the access right data is.
    [8]
    8. identification medium according to claim 7, characterized in that the first transmitting / receiving unit (8) for wireless data communication (17) by means of near field communication, in particular according to the RFID or NFC standard is formed.
    [9]
    9. identification medium according to claim 7 or 8, characterized in that the second transmitting / receiving unit (12) for data communication (15) via the Bluetooth standard is formed.
    [10]
    10. Identification medium according to claim 7, 8 or 9, characterized in that the first transmitting / receiving unit (8) is designed as a passively operating RFID or NFC unit.
    [11]
    11. Identification medium according to one of claims 7 to 10, characterized in that the access to the security hardware module (10) and to the access rights data stored therein is secured by cryptographic methods. Vienna, 25 June 2013 Applicant

    19/22
    类似技术:
    公开号 | 公开日 | 专利标题
    AT513461B1|2014-08-15|Access control procedure
    AT506344B1|2015-06-15|METHOD AND DEVICE FOR CONTROLLING THE ACCESS CONTROL
    CH709804B1|2018-12-28|Electronic access control device and access control method.
    EP2982046B1|2018-05-30|Device having communications means and a receptacle for a chip card
    EP2624223B1|2017-09-20|Method and apparatus for access control
    DE102014106727A1|2015-11-19|Method for sending / receiving a message by means of an encrypted wireless connection
    DE602005001395T2|2008-02-14|Checking the connection of a wireless smart card reader
    DE102010019467A1|2011-11-10|Contactless entry system for use in hotel to open door, has digital keys, where count contained in keys is compared with count stored in near-field enabled lock, and lock is released based on positive comparison result
    DE102016201786A1|2017-08-10|An accessory for use with a smart device and system and method with such an accessory
    WO2014190445A2|2014-12-04|Method for managing media for wireless communication
    EP3156980B1|2019-09-04|Method for programming ident media of an access control system
    AT512075A1|2013-05-15|METHOD OF ACCESS CONTROL
    DE202019005652U1|2021-07-06|A system and sensing for granting user access using a Bluetooth Low Energy | mesh
    EP2795832B1|2019-03-20|Method for reading an identification document in a contactless manner
    AT504633B1|2009-05-15|METHOD FOR AUTHENTICATING A MOBILE OPERATING DEVICE
    EP2613491B1|2020-02-05|Execution of cryptographic operations with data from a user terminal
    EP2009581B1|2011-09-07|Assembly and radio device for transmitting information
    EP3739554A1|2020-11-18|Access control system and method for operating an access control system
    DE102011112855A1|2013-03-14|Method for electronically conducting payment transaction in smart phone, involves transmitting authentication element of data connection to mobile unit, and utilizing authentication element as part of authentication data
    DE102013001733A1|2014-07-31|Method for accessing a service of a server via an application of a terminal
    AT13608U1|2014-04-15|Method and device for controlling access control
    EP3680797A1|2020-07-15|Tamper-proof data processing apparatus
    DE202016000599U1|2016-02-25|Wireless control of contact-bound electronic keys via smartphone
    CH714569A2|2019-07-31|Secure bidirectional near-field data transmission between a terminal and a mobile device without bidirectional near-field interface.
    DE102013012791A1|2015-02-05|Transmission of an access code
    同族专利:
    公开号 | 公开日
    AT513461B1|2014-08-15|
    EP2819103A1|2014-12-31|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    EP1752928A1|2005-07-28|2007-02-14|Inventio Ag|Access control method for an area accessible to persons, in particular for a room closed off by means of a door|
    US20110257817A1|2007-10-10|2011-10-20|Delphi Technologies, Inc.|System and method for communicating with a vehicle|
    DE102011011697A1|2011-02-18|2011-12-01|Daimler Ag|Locking system for car, has control device attached to receiver and controlling access authorization and/or driving authorization for vehicle, and supply device integrated in mobile communication apparatus or data processing apparatus|
    AT506344B1|2008-01-30|2015-06-15|Evva Sicherheitstechnologie|METHOD AND DEVICE FOR CONTROLLING THE ACCESS CONTROL|
    EP2348490B1|2009-12-22|2020-03-04|9Solutions Oy|Access control system|EP2821972B1|2013-07-05|2020-04-08|Assa Abloy Ab|Key device and associated method, computer program and computer program product|
    EP2821970B2|2013-07-05|2019-07-10|Assa Abloy Ab|Access control communication device, method, computer program and computer program product|
    AT517780A1|2015-10-08|2017-04-15|Evva Sicherheitstechnologie|Method for programming identification media of an access control system|
    EP3358534A1|2017-02-03|2018-08-08|dormakaba Deutschland GmbH|Delegation of access rights|
    DE102019100878A1|2019-01-15|2020-07-16|Insys Microelectronics Gmbh|Method and system for managing an open state of a safe|
    EP3757892A1|2019-06-26|2020-12-30|Gemalto Sa|Method for radiofrequency communication between a reader and a device connected to a peripheral, with radiofrequency field measurement|
    FR3110749A3|2020-05-20|2021-11-26|D-Home Smaart|Personalization of premises access badges.|
    EP3955221A1|2020-08-11|2022-02-16|BKS GmbH|Electronic key|
    法律状态:
    优先权:
    申请号 | 申请日 | 专利标题
    ATA523/2013A|AT513461B1|2013-06-25|2013-06-25|Access control procedure|ATA523/2013A| AT513461B1|2013-06-25|2013-06-25|Access control procedure|
    EP14450030.3A| EP2819103A1|2013-06-25|2014-06-05|Method for access control|
    [返回顶部]