Search

EP-3489914-B1 - ACCESS CONTROL METHOD AND ACCESS CONTROL SYSTEM

EP3489914B1EP 3489914 B1EP3489914 B1EP 3489914B1EP-3489914-B1

Inventors

  • WOLF, MARTIN
  • FANARJI, Alexander
  • SCHMIDT, ANDREAS
  • RAIANO, Adriano
  • MEIER, Tom
  • Bormuth, Phillip
  • GRAF, Fabien

Dates

Publication Date
20260513
Application Date
20171127

Claims (14)

  1. An access control method (100, 100a, 200, 300) for granting access to a physical region, wherein the method (100, 100a, 200, 300) is carried out at least by an access control device (3), which is assignable to the physical region, and by a mobile device (2), wherein the mobile device (2) comprises an item of access information (10) for the access control device (3), wherein the mobile device (2) wirelessly receives the access information (10), wherein the access information (10) comprises an access control device identifier and at least one access attribute, wherein the access attribute corresponds to a rule, data for a rule, an instruction and/or data for an instruction, wherein the access information (10) comprises an encrypted portion (11) which is not decryptable by the mobile device (2), wherein the encrypted portion (11) is provided to be transmitted to the access control device (3) during the method (100, 100a, 200, 300), wherein the access information (10) comprises a readable portion (12) which is unencrypted or decryptable by the mobile device, wherein the readable portion (12) comprises the first rule or data for the first rule, wherein the mobile device (2) comprises a processor which can be used by the mobile device (2) to verify the first rule, wherein the mobile device (2) contains at least the first rule for granting access, wherein the method (100, 100a, 200, 300) comprises the step (106, 207, 307): - Verifying (106, 207, 307) the first rule in the mobile device (2), wherein the first rule applies only in a predefined time window, wherein, during the method (100, 100a, 200, 300), a plurality of rules are verified, wherein a rule defines an access requirement, wherein, in the case of a negative result of the verification of the rule, access to the physical region is denied, wherein, while the method (100, 100a, 200, 300) is carried out, the access control device (3) obtains knowledge of a second rule or data for a second rule, wherein the mobile device (2) comprises the second rule or data for verifying the second rule and the mobile device (2) transmits the second rule or the data for verifying the second rule to the access control device (3) during the method (100, 100a, 200, 300), wherein the encrypted portion (11) comprises the second rule or the data for verifying the second rule, wherein the method (100, 100a, 200, 300) comprises the step (105, 205, 206, 305, 306): - Verifying (105, 205, 206, 305, 306) the second rule in the access control device (3).
  2. The method (100, 100a, 200, 300) according to claim 1, characterised in that the readable portion (12) comprises an item of information that can be displayed to the user on the mobile device (2).
  3. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the access control device (3) uses the second rule transmitted by the mobile device (2) or the data for verifying the second rule only during the current access control method (100, 100a, 200, 300) for granting access to the physical region.
  4. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the mobile device (2) transmits a comparison value, which is contained in particular in the encrypted portion (11), during the method (100, 100a, 200, 300) in a step (102, 202, 302) of the method (100, 100a, 200, 300) to the access control device (3), wherein the method (100, 100a, 200, 300) comprises the following steps (104, 204, 304, 105, 205, 305): - Transmitting (104, 204, 304) a verification value from the mobile device (2) to the access control device (3) - Comparing (105, 205, 305) the comparison value with the verification value in the access control device (3), in particular in that the comparison value and the verification value are always transmitted during the method (100, 100a, 200, 300) before a comparison of the comparison value with the verification value takes place, such that the access control device (3) always uses the transmitted comparison value and the transmitted verification value only in the current access control method (100, 100a, 200, 300).
  5. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the first and/or the second rule, in particular the second rule, corresponds to or comprises one of the following rules: a. Access is granted only after a positive result of the comparison of the comparison value with the verification value, b. Access is granted only in a certain time range, c. Access is granted only if a positive result of a further authentication, in particular by means of a code or biometric recognition, is present, d. Access is granted only if a mark identifying the user as a security guard is designed to be negative.
  6. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the first rule corresponds to or comprises at least one of the following rules: e. Access is granted only if the mobile device (2) carries out a further authentication, in particular by means of the input of a code or biometric recognition, with a positive result, f. Access is granted only if a location history of the mobile device (2) matches a specification of the location history, g. Access is granted only if a payment has been made in advance, h. Access is granted only if usage regulations for the physical region have been accepted, i. Access is granted only if training, in particular safety training, has been successfully completed.
  7. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the second rule applies only in a predefined time window.
  8. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the mobile device (2) comprises a time recording means and the first rule contains a time-dependent condition for granting access, wherein the first rule is verified by means of the time available to the mobile device (2) by means of the time recording means, wherein, in particular, the access control device (3) is designed to have no knowledge of a time.
  9. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the first rule contains an additional condition in addition to the second rule and/or contains a restriction of the second rule.
  10. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the mobile device (2) transmits the result of the verification of the first rule to the access control device (3), and the access control device (3) decides on the granting of access.
  11. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the access control device (3) comprises a programming interface (8), wherein the access control device (3) and the mobile device (2) communicate with one another via the programming interface (8) during the method (100, 100a, 200, 300), in particular during the access control method (100, 100a, 200, 300).
  12. The method (100, 100a, 200, 300) according to one of the preceding claims, characterised in that the access control device (3) opens the programming interface (8) during the method (100, 100a, 200, 300), wherein, in particular, the access control device (3) opens the programming interface (8) following a positive result of a verification of the rule, which is preferably verified in the access control device (3), particularly preferably following the comparison of the comparison value with the verification value.
  13. An access control system (1) for carrying out a method (100, 100a, 200, 300) according to one of claims 1 to 12, comprising an access control device (3), which is assignable to a physical region, and comprising a mobile device (2), wherein the mobile device comprises an item of access information for the access control device, wherein the mobile device is designed to receive the access information wirelessly, wherein the access information comprises an access control device identifier and at least one access attribute, wherein the access attribute corresponds to a rule, data for a rule, an instruction and/or data for an instruction, wherein the access information (10) comprises an encrypted portion (11) which is not decryptable by the mobile device (2), wherein the encrypted portion (11) is provided to be transmitted to the access control device (3) during the method (100, 100a, 200, 300), wherein the access information (10) comprises a readable portion (12) which is unencrypted or decryptable by the mobile device, wherein the readable portion (12) comprises the first rule or data for the first rule, wherein the mobile device comprises a processor which can be used by the mobile device to verify the first rule, wherein the mobile device (2) contains at least one first rule for granting access to the physical region, wherein the mobile device (2) verifies the first rule for granting access to the physical region, wherein the first rule applies only in a predefined time window, wherein, during the method, a plurality of rules are verified, wherein a rule defines an access requirement, wherein, in the case of a negative result of the verification of the rule, access to the physical region is denied, wherein, while the method (100, 100a, 200, 300) is carried out, the access control device (3) obtains knowledge of a second rule or data for a second rule, wherein the mobile device (2) comprises the second rule or data for verifying the second rule and the mobile device (2) transmits the second rule or the data for verifying the second rule to the access control device (3) during the method (100, 100a, 200, 300), wherein the encrypted portion (11) comprises the second rule or the data for verifying the second rule, wherein the access control device is designed to verify the second rule in the access control device (3).
  14. A computer program product for a mobile device (2) of an access control system (1) according to claim 13, for carrying out a method (100, 100a, 200, 300) according to one of claims 1 to 12.

Description

The invention relates to a method, in particular an access control method, for granting access to a physical area according to claim 1. The invention also relates to an access control system according to independent claim 14. A computer program product for a mobile device of the access control system according to the invention is also protected. Access control procedures for granting access to a physical area are, for example, derived from the WO2006/098690 A1 This process is known. An access code is transmitted to an access control device. The access control device has a tabular database to perform access verification. If the access verification is successful, the access control device grants access. For example, if access is permitted for the corresponding access code within a specific time period according to the tabular database, the access control device grants access to the physical area. In the WO2006/098690 A1 Granting access depends on the tabular database stored in the access control device. This tabular database contains a large amount of data. Therefore, extensive updates are necessary to ensure that access granting meets the current requirements of an access administrator. It is in the WO2006/098690 A1 It is not intended to carry out checks to grant access that are not stored in the database. The WO2017/180454 A1 discloses an access method by which a user's intent to grant access via a mobile device can be determined. WO2008/110589 A1 It reveals an access procedure in which a PIN is first verified on a mobile device before a certificate is sent to an access control device. WO 2015/124168 A1 reveals the forwarding of encrypted access information via a mobile device to an access control device. The object of the invention is therefore to provide a method and an access control system that improves at least one of the aforementioned disadvantages, in particular to make the granting of access partially independent of data stored in an access control device. The problem is solved by independent claim 1. Advantageous embodiments of the method are specified in the dependent method claims, the description, and the figures. Furthermore, the problem is also solved by the features of the access control system according to the invention as defined in independent claim 14. Advantageous further developments of the device are specified in the description and in the figures. Features and details described in connection with the method according to the invention also apply in connection with the access control system according to the invention, and vice versa. The features mentioned in the description and in the claims can be essential to the invention individually or in combination. In particular, an access control system is described under Protection is provided with which the inventive method, in particular the method according to one of claims 1 to 13, can be carried out, as well as a method that can be carried out with the inventive access control system, in particular with an access control system according to claim 14. According to the invention, the method serves to grant access to a physical area. The method according to the invention is carried out by at least one access control device attributable to the physical area and by a mobile device. The mobile device contains at least one first rule for granting access. The method includes the step of verifying the first rule in the mobile device. Because at least one initial rule is checked in the mobile device, access verification is partially independent of information stored in the access control device, particularly data stored there. This makes it possible, firstly, to reduce the amount of data in the access control device. Secondly, it allows access verification to be partially independent of data stored in the access control device. The procedure is, in particular, an access control procedure. The access control procedure is implemented specifically to grant a user access to the physical area. The physical area is blocked at the beginning of the access control procedure. Access to the physical area is denied at the beginning of the access control procedure. Checking whether access may be granted is an essential part of the access control procedure. At least the first rule is checked for this purpose. The access control procedure is carried out at least by means of the access control device and the mobile device, particularly if the mobile device is located near the access control device. The access control procedure can end, in particular, with the granting or termination of access. Specifically, the access control procedure can end with the granting or termination of access when the access requirements are met. If an access requirement is not met, the access control procedure can end prematurely, in which case access remains denied. The access control procedure preferably includes at least one step that the user must consciously perform. In particul