A method of operating an access control system comprises detecting one or more physical access portals using an application of a mobile device; displaying notifications for the one or more physical access portals on a display screen of the mobile device; receiving a selection of a physical access portal using a user interface of the mobile device; establishing a secure communication channel with a secure relay device associated with the selected physical access portal; sending an encrypted access token stored in the mobile device to the secure relay device; and granting access by the secure relay device to the selected physical access portal according to the encrypted access token.
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method of operating an access control system comprises receiving, by a mobile device, an identification of a physical access portal; verifying access credential information stored in the mobile device using a verification application of the mobile device; establishing a secure communication channel with a secure relay device associated with the physical access portal; sending an encrypted access token stored in the mobile device to the secure relay device; and granting access by the secure relay device to the physical access portal according to the encrypted access token.
Methods and systems for trajectory and intent prediction are provided. The methods and systems include operations comprising: receiving an observed trajectory of a user and user behavior information; processing the observed trajectory by a machine learning technique to generate a plurality of predicted trajectories, the machine learning technique being trained to establish a relationship between a plurality of training observed trajectories and training predicted trajectories; adjusting the plurality of predicted trajectories based on the user behavior information to determine user intent to operate a target access control device; determining that the target access control device within a threshold range of a given one of the plurality of predicted trajectories; and in response to determining that the target access control device is within the threshold range of the given one of the plurality of predicted trajectories, performing an operation associated with the target access control device.
Methods and systems (100) for trajectory prediction are provided. The methods and systems (100) include operations comprising: receiving (501) a plurality of observed speed points; processing (502) the plurality of observed speed points corresponding to the observed trajectory by a machine learning technique to generate a plurality of predicted speed points, the machine learning technique being trained to establish a relationship between a plurality of training observed speed points and training predicted speed points; determining (503) a future trajectory based on the plurality of predicted speed points, each of the plurality of predicted speed points corresponding to a different slice of a plurality of slices of the future trajectory; determining (504) that a target access control device is within a threshold range of the future trajectory; and performing (505) an operation associated with the target access control device (110).
Systems and methods for providing secure execution of functions for edge devices include a plurality of edge devices, a controller, and an array of secure elements. The edge devices are each configured to obtain data for an application of the system. The controller is connected to communicate with the edge devices to receive the data from each of the edge devices. The array of secure elements is connected to the controller, and each secure element executes functions using the data received from the edge devices. The controller associates an identified secure element of the array of secure elements with a respective edge device to execute the functions for data received from the respective edge device, and the controller is connected to communicate a result of the executed functions to the respective edge device.
H04L 1/18 - Automatic repetition systems, e.g. Van Duuren systems
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
6.
PROVIDING DATA FOR TRAINING A MACHINE LEARNING MODEL
It is provided a method for providing data for training a machine learning model. The method is performed in a training data provider (l) and comprises the steps of: obtaining (40) a data structure comprising a chain of delegations, the chain of delegations covering a delegation path from a media capturing device (3) to the training data provider (1) such that, in the chain of delegations, each delegation is a delegation from a delegator to a receiver; sending (42) a key request to a delegation verifier (2), the key request comprising the data structure; receiving (44) a decryption key from the delegation verifier (2); obtaining (46) encrypted media data captured by the media capturing device (3); decrypting (48) the encrypted media data, resulting in decrypted media data; and providing (50) the decrypted media data for training the machine learning model.
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
G06F 21/10 - Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
G16H 50/20 - ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics for computer-aided diagnosis, e.g. based on medical expert systems
A test system comprises a radio frequency (RF) shielded container, the shielded container to house a UWB receiver device under test; an RF antenna arranged within the RF shielded container; and a UWB transmitter device operatively coupled to the RF antenna. The UWB transmitter device is configured to transmit a UWB signal within the RF shielded container using the antenna, wherein the transmitted UWB signal is representative of multi- path components (MPCs) of resulting signals in an end-use environment of the UWB receiver device resulting from transmitting a UWB ranging signal in the end-use environment.
A reader device of a physical access control system comprises an ultra-wide band (UWB) physical layer and processing circuitry. The processing circuitry is operatively coupled to the UWB physical layer and is configured to: receive access credential information from a separate second device; receive ranging information from the second device; grant access through a physical portal according to the access credential information and ranging information; determine a number of people intending to pass through the physical portal; and generate an indication according to the determined number.
The present disclosure relates to a method to check if a connector system with a Connector Position Assurance ("CPA") member (9) is in closed position. The method includes providing an RFID-tag reader (6) that is positioned at a distance D to the integrated circuit (10) enabling far-field RFID communication and not permitting near-field RFID communication. Further, the method includes checking the readability of the integrated circuit (10) with the RFID-tag reader (6) and issuing an alert signal if the integrated circuit (10) is not readable by the RFID-tag reader (6) indicating that the CPA member (9) is not in the closed position.
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H01R 13/639 - Additional means for holding or locking coupling parts together after engagement
H01R 13/641 - Means for preventing, inhibiting or avoiding incorrect coupling by indicating correct or full engagement
H01R 13/66 - Structural association with built-in electrical component
H01R 43/26 - Apparatus or processes specially adapted for manufacturing, assembling, maintaining, or repairing of line connectors or current collectors or for joining electric conductors for engaging or disengaging the two parts of a coupling device
This disclosure describes operations for operating a touch-sensitive keypad. The operations include: detecting, during a normal operating mode of the keypad, activation of one or more keys of the keypad, the normal operating mode causing the keypad to register a value corresponding to a given key when the given key is activated for a first amount of time; determining that the activation of the keys of the keypad satisfies a visual impaired mode criterion; in response to determining that the activation of the keys of the keypad satisfies the visual impaired mode criterion, transitioning the operating mode of the keypad from the normal operating mode to a visual impaired mode; and registering, during the visual impaired mode, the value corresponding to the given key in response to determining that the given key has been activated for a second amount of time that is longer than the first amount of time.
G06F 3/0488 - Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
11.
METHODS & PROCESSES TO SECURELY UPDATE SECURE ELEMENTS
This disclosure describes techniques for updating firmware of a secure element. The techniques include operations comprising: receiving, by a gateway device, from a remote source, a firmware file; receiving, by a processing element implemented on the gateway device, ephemeral session specific key material for a first secure element implemented on the gateway device; dividing the firmware file into a plurality of data chunks; applying, by the processing element, the ephemeral session specific key material to a first data chunk of the plurality of data chunks to generate a first data packet; and sending, by the processing element, the first data packet to the first secure element.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/77 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
12.
DYNAMIC FREQUENCY TUNING FOR INDUCTIVE COUPLING SYSTEMS
This disclosure describes techniques for operating an inductive coupling reader. The techniques include operations comprising: applying an excitation frequency to a resonance circuit of the inductive coupling reader; detecting a change to a resonance frequency of the resonance circuit of the inductive coupling reader; and in response to detecting the change to the resonance frequency of the inductive coupling reader, adjusting the excitation frequency being applied to the resonance circuit.
This disclosure describes techniques for operating an inductive coupling reader. The techniques include operations comprising: detecting a change in a resonance frequency of the inductive coupling reader; comparing the change in the resonance frequency to a threshold; determining that the change in the resonance frequency falls outside the threshold; and activating a compensation circuit to offset the change in the resonance frequency of the inductive coupling reader in response to determining that the change in the resonance frequency falls outside the threshold.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
14.
UPPER LAYER DEVICE ARCHITECTURE FOR ULTRA-WIDE BAND ENABLED DEVICE
A method of operating a seamless physical access control system comprises transferring communication session information using an out-of-band (OOB) communication channel of a smart ultra-wide band (UWB) capable device; establishing a secure OOB communication channel between the smart UWB capable device and a reader device using the communication session information; determining that a UWB enabled application of the smart UWB capable device needs secure ranging; establishing a secure UWB communication channel between the smart UWB capable device and the reader device; and transferring ranging information from a secure component of the smart UWB capable device to the reader device via the secure UWB communication channel.
Various systems and methods for providing discovering smart card slots in a device are described herein. A server device for discovering smart card slots in a client device may be implemented with a processor subsystem; and memory including instructions, which when executed by the processor subsystem, cause the processor subsystem to perform operations comprising: receiving, at the server device from the client device, over an established Bluetooth connection, smart card connector parameters, the client device having a plurality of smart card slots; iterating through the plurality of smart card slots; at each slot of the plurality of smart card slots, using a smart card protocol to attempt to access an application at each slot, the application pre-associated with the server device; and in response to identifying the application exists in a slot of the plurality of smart card slots, connecting with the application.
H04W 8/22 - Processing or transfer of terminal data, e.g. status or physical capabilities
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
16.
ULTRA-WIDE BAND ANTENNA CONFIGURATION FOR PHYSICAL ACCESS CONTROL SYSTEM
The present disclosure relates to a reader, such as a reader for a physical access control system. The reader can include first and second antennas, each designed or configured for receiving ultra-wide band (UWB) signals. The reader can also include a mounting plane configured for mounting the reader to a surface. An axis aligning the first and second antennas can be arranged substantially perpendicular relative the mounting plane. A material can be provided between the first and second antennas. The material can have a thickness that defines a distance between the first and second antennas of less than a half wavelength of the UWB signal through air (?A/2), the material configured to slow down electromagnetic waves passing therethrough such that the thickness of the material provides an effective separation distance of the first and second antennas of at least a half wavelength of the UWB signal through air (?A/2).
Various systems and methods for using credentials are described herein. In an example, the system is configured to generate and issue electronic credentials that may include aggregate credentials from various issuers. In another example, a query statement is used to express relationships between credential data elements and obtain a subset of data corresponding to the query.
H04L 67/02 - Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
G06F 21/33 - User authentication using certificates
H04L 67/60 - Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
18.
ULTRA-WIDE BAND DEVICE FOR ACCESS CONTROL READER SYSTEM
A reader system for an access control system includes first and second antennas and first and second controllers. The first controller is configured to communicate with a credential device using a first communication protocol via the first antenna to exchange a credential with the credential device. The second controller is configured to communicate with the credential device using a second communication protocol via the second antenna to perform ranging for the credential device and is configured to communicate with the first controller via a communication link.
G01S 1/00 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G01S 13/76 - Systems using reradiation of radio waves, e.g. secondary radar systems; Analogous systems wherein pulse-type signals are transmitted
G07C 9/00 - Individual registration on entry or exit
H04W 4/02 - Services making use of location information
19.
ULTRA-WIDE BAND DEVICE FOR ACCESS CONTROL READER SYSTEM
A device connectable to a reader of an access control system includes an antenna, an ultra-wide band (UWB) front end circuit, a controller, and a communication link. The (UWB) front end circuit is connected to the antenna to facilitate UWB communication with a credential device. The controller is connected to the UWB front end and configured to perform ranging for the credential device using the UWB communication. The communication link is configured to interface with the reader.
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.
G01S 1/00 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential of a user from a key device associated with the user using a first wireless connection. The access control system may be further adapted to establish a second wireless connection with the key device. The access control system may be further adapted to determine the user intends to access the asset based on a data set generated derived from the second wireless connection. The access control system may be further adapted to use a trained machine learning model to determine the intent of the user to access the asset. The access control system may be further adapted to transmit a command to grant access to the asset.
G01S 1/00 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G01S 13/76 - Systems using reradiation of radio waves, e.g. secondary radar systems; Analogous systems wherein pulse-type signals are transmitted
G07C 9/00 - Individual registration on entry or exit
H04W 4/02 - Services making use of location information
22.
PHYSICAL ACCESS CONTROL SYSTEMS WITH LOCALIZATION-BASED INTENT DETECTION
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential from a key device associated with a user using a first wireless connection. The access control system may be further adapted to verify the credential with a preliminary authentication for the asset. The access control system may be further adapted to establish a second wireless connection with the key device in response to verifying the credential with the preliminary authentication. The access control system may be adapted to determine an intent of the user to access the asset. The access control system may identify the credential includes a pattern in the preliminary authentication. The access control system may be further adapted to provide a command to grant access to the asset.
G01S 1/00 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to receive a credential for the asset from a key device associated with a user using a first wireless connection. The access control system may be further adapted to store the credential in a cache of memory. The access control system may be further adapted to establish a second wireless connection with the key device. The access control system may be further adapted to request a validation of the credential from an authorization service in response to establishing the second wireless connection with the key device. The access control system may receive a validation token from the authorization service. The access control system may be further adapted to store the validation token in the cache.
G01S 1/00 - Beacons or beacon systems transmitting signals having a characteristic or characteristics capable of being detected by non-directional receivers and defining directions, positions, or position lines fixed relatively to the beacon transmitters; Receivers co-operating therewith
Systems and methods for access control systems includes first and second access facilities, and first and second readers. The first reader is configured to control access through the first access facility, receive a credential using a first communication protocol from a device that stores the credential, and establish a secret with the device using the credential. The second reader is configured to control access through the second access facility. The first reader is configured to provide the secret to the second reader, and the second device is further configured to perform ranging using the secret and a second communication protocol different than the first communication protocol to identify intent information. Access through one of the first facility or the second facility is coordinated using the intent information.
A method comprises transferring information that includes a response uniform resource locator (URL) between a primary device and a secondary device using a primary communication channel between the primary device and the secondary device; determining, using the secondary device, status of connectivity of a network separate from the primary communication channel; transmitting, by the secondary device, a response to a request from the primary device via the network using the response URL when the status indicates the network is available, and transmitting the response via the primary communication channel when the status indicates the network is unavailable.
H04L 69/40 - Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.
It is presented method for providing access to a lock for provision of a service. The method is performed in a lock manager and comprises the steps of: receiving a request for access to the lock, the request being based on the service consumer ordering a service requiring access to a physical space which is secured by the lock; sending a first consumer request to a service consumer device, asking whether to grant access to the lock for a service provider agent to provide the service; receiving a first positive consumer response from the service consumer device, indicating that the service consumer allows the service provider agent to access the physical space secured by the lock; generating a temporary credential for the service provider agent; providing the temporary credential to the service provider agent; and configuring the lock to accept the temporary credential.
It is presented a method for controlling a lock configured to control access to a restricted physical space, the method being performed in a lock controller. There is a respective active space associated with each lock. The method comprises the steps of: receiving an activation signal from an activation device, the activation signal being based on the portable key device being located within the active space associated with the lock; obtaining an indication that the portable key device is granted access to the lock; determining a second indication of position of the portable key device using a second positioning procedure, wherein the second positioning procedure is more accurate than the first positioning procedure; determining intent to open based on the second indication of position; and transmitting an unlock signal to the lock associated with the lock controller.
A door package includes a door frame, a door, a handle, and a pivot plate. The frame has a top portion that includes tracks in which door panels can slide. The door includes two or more equal size door panels. The handle protrudes in a direction essentially perpendicular to the door panels and is connected to a latch mechanism for positively engaging with a corresponding latch mechanism in the door frame when the door is in a closed position. The pivot plate is attached to the floor and allows the door panels to pivot from a retracted position to a broken open position essentially perpendicular to the plane of the door. At least two of the door panels separate from each other while the door is pivoting from the retracted position to the broken open position, to allow the handle to be accommodated between the two door panels.
The present invention is directed toward an RFID device that includes a motion sensing mechanism. The motion sensing mechanism is adapted to sense motion of the RFID device and then selectively allow or restrict the RFID device's ability to transmit messages, which may include sensitive data, when the RFID device is placed in an RF field. Thus, the motion sensing mechanism is utilized to control access to data on the RFID device to only instances when the holder of the RFID device moves the RFID device in a predefined sequence of motion(s).
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06F 21/35 - User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
G06K 11/00 - Methods or arrangements for graph-reading or for converting the pattern of mechanical parameters, e.g. force or presence, into electrical signals
G06K 19/073 - Special arrangements for circuits, e.g. for protecting identification code in memory
31.
METHOD AND APPARATUS FOR MAKING A DECISION ON A CARD
Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Sim access decisions are made by tho portable credential non-networked hosts or local boats can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure amass network.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
32.
SYSTEM AND METHOD FOR REMOTELY ASSIGNING AND REVOKING ACCESS CREDENTIALS USING A NEAR FIELD COMMUNICATION EQUIPPED MOBILE PHONE
The present invention is generally directed toward a mobile device that can be used in a secure access system. More specifically, the mobile device can have credential data loaded thereon remotely updated, enabled, disabled, revoked, or otherwise altered with a message sent from, for example, a control panel and/or controller in the system.
33.
DETECTION SIGNAL GENERATOR CIRCUIT FOR AN RFID READER
An RFID transponder detector is provided having a coupled oscillator system. Coupled first and second LC pairs of the system produce a detection signal each time a combination of pulses is applied to the LC pairs. Application of the pulses is repeated periodically to produce a sequence to detection signals having two different first and second detection frequencies. Transmitting the sequence of detection signals results in corresponding first and second response signals having the first and second detection frequencies at the LC pairs. Values of a preselected detection parameter for the detection signals are compared to the values of the detection parameter for the response signals to determine if a transponder having a transponder resonant frequency corresponding to the first or second detection frequency is present in a proximal space of the transponder detector.
G01V 3/12 - Electric or magnetic prospecting or detecting; Measuring magnetic field characteristics of the earth, e.g. declination or deviation operating with electromagnetic waves
G01S 13/75 - Systems using reradiation of radio waves, e.g. secondary radar systems; Analogous systems using transponders powered from received waves, e.g. using passive transponders
34.
ANTENNA ARRAY FOR AN RFID READER COMPATIBLE WITH TRANSPONDERS OPERATING AT DIFFERENT CARRIER FREQUENCIES
An antenna array is provided for an RFID reader, which includes a first reader antenna tuned to operate at a first frequency and a second reader antenna tuned to operate at a second frequency different from the first frequency. They first and second antennas are preferably arranged in an overlapping arrangement or an opposing magnetic flux arrangement to reduce the effect of antenna self resonance.
A reader for an RFID system includes an internal power source, a signal generator for generating a detection signal containing analog data and an excitation signal, a transmitting antenna for transmitting the detection and excitation signals, and a receiving antenna for receiving a transponder data signal from a transponder containing digital data. Receiver electronics are coupled with the receiving antenna for conditioning the transponder data signal before reading the digital data. The reader further includes a single-chip microcontroller coupled with the internal power source and the receiver electronics. The single-chip microcontroller has an analog to digital converter to measure the declining power level of the internal power source and to acquire the analog data from the detection signal and the digital data from the transponder data signal. The single-chip microcontroller also includes a firmware and/or software-based demodulator for demodulating the transponder data signal to read the digital data.
G01V 3/12 - Electric or magnetic prospecting or detecting; Measuring magnetic field characteristics of the earth, e.g. declination or deviation operating with electromagnetic waves
patents
