Access control method, and associated lock device and administration server
Abstract
An access control method is disclosed in which a lock device provides conditional access to a protected environment by short-range wireless communication with a key device having a key device identifier (KD_ID). In the method, the lock device requests the key device to provide a challenge response to a challenge generated by the lock device based on a challenge code kept by the lock device. The lock device receives the challenge response from the key device. The challenge response is generated by a remote administration server and is based on the key device identifier of the key device. The generated response is sent to the key device and forwarded from the key device to the lock device. The lock device then verifies the received challenge response based on the challenge code and on the key device identifier of the key device.
Claims
exact text as granted — not AI-modified1 - 15 . (canceled)
16 . A lock device for use in an access control system which involves a plurality of lock devices, a plurality of key devices, each key device having a key device identifier, and an administration server having an associated system database which defines the conditions under which individual ones of the key devices may be granted access to protected environments by individual ones of the lock devices, the lock device comprising:
a transceiver for short-range wireless communication with a key device among said plurality of key devices; a memory; and a processing unit, the processing unit being configured for:
detecting the key device identifier of said key device during the short-range wireless communication with the key device;
generating a challenge code to be stored in said memory;
generating a challenge based on said challenge code;
causing said transceiver to send the generated challenge to said key device;
receiving, via said transceiver, a challenge response from the key device, wherein the challenge response originates from the administration server;
verifying the received challenge response based on the challenge code in said memory and on the detected key device identifier of said key device; and
determining whether conditional access may be given to the key device based on an output from said means for verifying.
17 . The lock device as defined in claim 16 , wherein the processing unit is configured for generating the challenge by encrypting the challenge code using a key which is based on at least one of a serial number and a lock device identifier of said lock device.
18 . The lock device as defined in claim 16 , wherein the processing unit is configured for:
receiving, via said transceiver, an encrypted challenge response from the key device; and decrypting the received encrypted challenge response by using a key which is based on at least one of the lock device serial number and the lock device identifier of said lock device.
19 . The lock device as defined in claim 16 , wherein the memory is for storing of lock access data, said lock access data including key device identifiers of key devices which are allowed to access the environment protected by the lock device, and wherein the processing unit is configured for:
when the key device approaches the lock device and seeks access, detecting the key device identifier for the key device; checking if the detected key device identifier matches the lock access data stored in the memory; and if no match is found, generating said challenge and causing sending of the generating challenge to the key device.
20 . The lock device as defined in claim 16 , the short-range wireless communication being Bluetooth® communication, wherein the processing unit is configured for detecting the key device identifier by reading a Bluetooth® address assigned to a Bluetooth® transceiver used by the key device for the Bluetooth® communication with the lock device.
21 . An administration server for use in an access control system which furthermore includes a plurality of lock devices and a plurality of key devices, each key device having a key device identifier, the administration server having a system database associated therewith, wherein the system database defines the conditions under which individual ones of the key devices may be granted access to protected environments by individual ones of the lock devices, and the administration server being configured for:
receiving a challenge from a key device among said plurality of key devices over a communication network, wherein the challenge originates from a lock device, among said plurality of lock devices, to which the key device has sought access; retrieving a copy of the key device identifier of said key device by searching the system database using information received from the key device; deriving a challenge code from the received challenge; generating a challenge response based on the derived challenge code and the retrieved copy of the key device identifier; and sending the generated challenge response to said key device over said communication network.
22 . The administration server as defined in claim 21 , further being configured for:
receiving the challenge from the key device; determining, from information received from the key device, the lock device from which the challenge originated; searching the system database associated with the administration server to retrieve at least one of a serial number and a lock device identifier of the lock device from which the challenge originated; and decrypting the received challenge to derive the challenge code using a key which is based on the retrieved serial number and/or lock device identifier.
23 . The administration server as defined in claim 22 , further being configured for:
encrypting the challenge response by using a key which is based on the retrieved serial number and/or lock device identifier; and sending the encrypted challenge response to the key device.
24 . The administration server as defined in claim 21 , wherein the challenge response generated by the remote administration server includes usage restriction data, defining at least one of an expiration date/time for the challenge response, and a maximum usage limit for the challenge response.
25 . The administration server as defined in claim 21 , wherein the challenge response generated by the remote administration server includes a part which is readable by the key device and which defines an expiration date/time for the challenge response, said part of the challenge response serving to cause the key device to prevent forwarding of the challenge response to the lock device if the expiration date/time has lapsed.
26 . An access control system which comprises a plurality of lock devices, a plurality of key devices, each key device having a key device identifier, and an administration server having an associated system database which defines the conditions under which individual ones of the key devices may be granted access to protected environments by individual ones of the lock devices, wherein each lock device comprises:
a transceiver for short-range wireless communication with a key device among said plurality of key devices; a memory; and a processing unit, the processing unit being configured for:
detecting the key device identifier of said key device during the short-range wireless communication with the key device;
generating a challenge code to be stored in said memory;
generating a challenge based on said challenge code;
causing said transceiver to send the generated challenge to said key device;
receiving, via said transceiver, a challenge response from the key device, wherein the challenge response originates from the administration server;
verifying the received challenge response based on the challenge code in said memory and on the detected key device identifier of said key device; and
determining whether conditional access may be given to the key device based on an output from said means for verifying.
27 . The access control system as defined in claim 26 , wherein the administration server is configured for:
receiving the challenge from the key device over a communication network; retrieving a copy of the key device identifier of the key device by searching the system database using information received from the key device; deriving a challenge code from the received challenge; generating a challenge response based on the derived challenge code and the retrieved copy of the key device identifier; and sending the generated challenge response to the key device over the communication network.
28 . The access control system as defined in claim 26 ,
wherein the processing unit of the lock device is configured for:
generating, in advance, one or more challenge codes,
storing the generated one or more challenge codes in local memory, and
communicating the generated one or more challenge codes to the administration server for storage in the system database;
wherein the key device is configured for:
requesting and receiving, in advance, a pre-generated challenge response from the administration server, and
storing the received pre-generated challenge response in local memory;
wherein the administration server is configured for:
retrieving any one of the one or more challenge codes of the lock device from the system database, and
using the retrieved challenge code when generating the requested pre-generated challenge response to be sent to the key device; and
wherein the key device is configured, when approaching the lock device and seeking access, and being requested by the lock device to provide a challenge response, for:
responding by retrieving the pre-generated challenge response from local memory, and
sending the retrieved pre-generated challenge response to the lock device.
29 . The access control system as defined in claim 28 , wherein the processing unit of the lock device is configured for:
verifying the received challenge response by producing a candidate challenge response from each challenge code stored in its local memory and the key device identifier of said key device, and matching the received challenge response against all produced candidate challenge responses.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.