Methods and systems for establishing a system specific trust system are provided. The methods and systems establish a secure channel between a first device and a second device using a system specific trusted authority. The methods and systems determine, by the first device, using a first certificate associated with the second device, a first set of access rights of the second device and determine, by the second device, using a credential associated with the first device, a second set of access rights of the first device.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
Techniques for detecting tapering of a physical access control device or a barrier secured by the physical access control device are provided. In an example, an apparatus to control physical access to a secure area via an opening can include multiple tamper sensors. The controller can generate a tamper signal based on a discrepancy between signals received form the multiple tamper sensors and one or more profile signals.
A verifier device of an authentication system comprises physical layer circuitry and processing circuitry coupled to the physical layer circuitry. The processing circuitry is configured to encode an authentication command for sending to a credential device; decode a response communication received from the credential device, wherein the response communication includes a first random number; encrypt the first random number, a second random number, and verifier keying material for sending to the credential device; decrypt encrypted information received from the credential device, wherein the encrypted information includes the first random number, the second random number, and receiver keying material; and calculate a session encryption key using the verifier keying material and the receiver keying material.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
Methods and systems for securely communicating with an access control system are provided. The methods and systems establish, between first and second devices, a communication session based on a plurality of ephemeral keys. The methods and systems compute, by the first device, a shared session key as a function of a second public key of the second device and a sum of a first private key of the first device and a first ephemeral key of the plurality of ephemeral keys; and compute, by the second device, the shared session key as a function of a second private key of the second device and a sum of a first public key of the first device and a second ephemeral key of the plurality of ephemeral keys. The methods and systems exchange one or more messages securely between the first device and the second device using the shared session key.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
Methods and systems for protecting user credentials from swapping attacks are provided. The methods and systems establish, between a first device and a second device, a communication session and receive, by the second device from the first device, a certificate associated with the first device. The methods and systems obtain credential selection information from the certificate associated with the first device and transmit a credential corresponding to the credential selection information from the second device to the first device.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
An RFID assembly (10) includes an RFID chip (14) having a coupling loop (15) formed as part of the RFID chip (14). In this manner, the RFID chip (14) can be inductively coupled to a far-field antenna (16) for RFID communications, without any physical connections between the RFID chip (14) and the coupling loop (15) and/or the far-field antenna (16). This results in a high temperature resistance of the RFID assembly (10), which can be advantageously used, in particular, during tracking of parts in assembly processes requiring higher temperatures.
Methods and systems for communicating with an access control system preserving privacy are provided. The methods and systems establish, between a first device and a second device, a privacy key pair using a group generator, the privacy key pair comprising a privacy public key and a privacy private key, and compute, by the first and second devices, ephemeral key pairs based on the privacy key pair. The methods and systems establish a shared session key based on the ephemeral key pairs and transmit, by the first device to the second device, a message comprising a certificate of the first device using the shared session key that has been established based on the ephemeral key pairs.
Methods and systems for trajectory and intent prediction are provided. The methods and systems include operations comprising: receiving an observed trajectory of a user and user behavior information; processing the observed trajectory by a machine learning technique to generate a plurality of predicted trajectories, the machine learning technique being trained to establish a relationship between a plurality of training observed trajectories and training predicted trajectories; adjusting the plurality of predicted trajectories based on the user behavior information to determine user intent to operate a target access control device; determining that the target access control device within a threshold range of a given one of the plurality of predicted trajectories; and in response to determining that the target access control device is within the threshold range of the given one of the plurality of predicted trajectories, performing an operation associated with the target access control device.
Methods and systems (100) for trajectory prediction are provided. The methods and systems (100) include operations comprising: receiving (501) a plurality of observed speed points; processing (502) the plurality of observed speed points corresponding to the observed trajectory by a machine learning technique to generate a plurality of predicted speed points, the machine learning technique being trained to establish a relationship between a plurality of training observed speed points and training predicted speed points; determining (503) a future trajectory based on the plurality of predicted speed points, each of the plurality of predicted speed points corresponding to a different slice of a plurality of slices of the future trajectory; determining (504) that a target access control device is within a threshold range of the future trajectory; and performing (505) an operation associated with the target access control device (110).
G01C 21/20 - Instruments for performing navigational calculations
G01C 21/12 - Navigation; Navigational instruments not provided for in groups by using measurement of speed or acceleration executed aboard the object being navigated; Dead reckoning
G07C 9/00 - Individual registration on entry or exit
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
H04W 4/33 - Services specially adapted for particular environments, situations or purposes for indoor environments, e.g. buildings
10.
ULTRA-WIDE BAND DEVICE FOR ACCESS CONTROL READER SYSTEM
A device connectable to a reader of an access control system includes an antenna, an ultra-wide band (UWB) front end circuit, a controller, and a communication link. The (UWB) front end circuit is connected to the antenna to facilitate UWB communication with a credential device. The controller is connected to the UWB front end and configured to perform ranging for the credential device using the UWB communication. The communication link is configured to interface with the reader.
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
G07C 9/00 - Individual registration on entry or exit
H01Q 5/25 - Ultra-wideband [UWB] systems, e.g. multiple resonance systems; Pulse systems
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
11.
BRAKE DEVICE, ARRANGEMENT FOR CONTROLLING MOVEMENTS OF ACCESS MEMBER, AND ACCESS MEMBER SYSTEM
A brake device (12a, 12b) comprising a hard magnet (20); a soft magnet (22) configured to switch polarity between a first polarity and a second polarity when being subjected to a magnetic field and configured to maintain the polarity when the magnetic field is removed; an electric coil (24) located around the soft magnet; an electric control system (16) configured to apply a current pulse to the electric coil to generate the magnetic field for changing the polarization of the soft magnet; and a brake element (18) comprising a magnetic target section (28), the brake element being arranged to move to a released position (40) when the soft magnet adopts the first polarity, and arranged to move to a braking position (64) due to a magnetic field generated by the hard magnet and the soft magnet in combination and acting on the magnetic target section when the soft magnet adopts the second polarity.
Various systems and methods for providing discovering smart card slots in a device are described herein. A server device for discovering smart card slots in a client device may be implemented with a processor subsystem; and memory including instructions, which when executed by the processor subsystem, cause the processor subsystem to perform operations comprising: receiving, at the server device from the client device, over an established Bluetooth connection, smart card connector parameters, the client device having a plurality of smart card slots; iterating through the plurality of smart card slots; at each slot of the plurality of smart card slots, using a smart card protocol to attempt to access an application at each slot, the application pre-associated with the server device; and in response to identifying the application exists in a slot of the plurality of smart card slots, connecting with the application.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H04W 4/70 - Services for machine-to-machine communication [M2M] or machine type communication [MTC]
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
A method of provisioning an authentication device of an authentication system comprises sending an authentication application from an authentication system backend server to a backend network of a cellular network operator; verifying, by the backend network of the cellular operator, the authentication application and including the authentication application in an operator profile; sending the authentication application with the operator profile from the backend network of the cellular network operator to a local profile assistant (LPA) of the authentication device; and installing the authentication application in a secure zone of the authentication device using the LPA.
A method of encoding a credential device of an authentication system comprises sending credential device information to a backend server of the authentication system using a mobile device, verifying ownership of the credential device and the mobile device using the backend server, generating, using the backend server, a quick response (QR) code that includes encoding information for the credential device, generating using the backend server a quick response (QR) code that includes encoding information for the credential device, decoding the QR code to retrieve the encoding information, and encoding the credential device with the encoding information.
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
15.
ENABLING TRAINING OF AN ML MODEL FOR MONITORING A PERSON
It is provided a method for enabling training of a machine learning, ML, model, for monitoring a person based on a data feed capable of depicting a person. The method is performed by a training data provider (i). The method comprises: obtaining (40) a data feed capable of depicting the person; selecting (42) a level of anonymisation, from a plurality of levels of anonymisation; anonymising (44) the data feed according to the selected level of anonymisation, resulting in a processed data feed; and feed transmitting (47) the processed data feed as training data for training a central ML model in a central node.
It is provided a method for finding faults in firmware for a lock device. The method is performed by a test device. The method comprises the steps of: receiving data indicating an event that results in operation of the firmware in a test lock device, the test lock device being capable of performing at least some of the functions of the lock device; sampling a plurality of measurements that are indicative of power use by the test lock device over time, wherein the measurements are captured to cover at least part of the operation of the firmware by the test lock device based on the event; and determining that a potential fault occurs in the firmware for the event when the sampled measurements fail to correspond to the event, based on previously recorded data for the same type of event.
A method of operating an access control system comprises detecting one or more physical access portals using an application of a mobile device; displaying notifications for the one or more physical access portals on a display screen of the mobile device; receiving a selection of a physical access portal using a user interface of the mobile device; establishing a secure communication channel with a secure relay device associated with the selected physical access portal; sending an encrypted access token stored in the mobile device to the secure relay device; and granting access by the secure relay device to the selected physical access portal according to the encrypted access token.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method of operating an access control system comprises receiving, by a mobile device, an identification of a physical access portal; verifying access credential information stored in the mobile device using a verification application of the mobile device; establishing a secure communication channel with a secure relay device associated with the physical access portal; sending an encrypted access token stored in the mobile device to the secure relay device; and granting access by the secure relay device to the physical access portal according to the encrypted access token.
It is provided a method for providing training data for a machine learning model for monitoring a person based on video data. The method is performed by a training data provider (1). The method comprises: obtaining (40) a data feed of the person, wherein the data feed comprises a series of images that preserves a privacy of the person; generating (42) fake video data of a fictive person, such that a face of the fake video data is a computer-generated face; combining (44) the data feed with the fake video data, resulting in training data; and providing (46) the training data for training the machine learning model.
Coupling arrangement for a lock device, the coupling arrangement comprising an input and an output element rotatable about a rotation axis; an engaging member movable between a first and second position; an electric motor arranged to affect movement of the engaging member between the first and second positions; a coupling member rotationally locked to the input element and axially movable relative to the input element between a decoupled position, where a rotation of the input element is not transmitted by the coupling member to a rotation of the output element, and a coupled position where a rotation of the input element is transmitted by the coupling member to a rotation of the output element; and a transmission mechanism arranged to transmit a rotation of the coupling member to a movement of the coupling member from the decoupled position to the coupled position when the engaging member adopts the second position.
Systems and methods for providing secure execution of functions for edge devices include a plurality of edge devices, a controller, and an array of secure elements. The edge devices are each configured to obtain data for an application of the system. The controller is connected to communicate with the edge devices to receive the data from each of the edge devices. The array of secure elements is connected to the controller, and each secure element executes functions using the data received from the edge devices. The controller associates an identified secure element of the array of secure elements with a respective edge device to execute the functions for data received from the respective edge device, and the controller is connected to communicate a result of the executed functions to the respective edge device.
It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.
G07C 9/20 - Individual registration on entry or exit involving the use of a pass
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
23.
NEAR-FIELD WITH FAR-FIELD TO VERIFY THAT DEVICE IS CONNECTED OR SECURED
The present disclosure relates to a method to check if a connector system with a Connector Position Assurance (“CPA”) member is in closed position. The method includes providing an RFID-tag reader that is positioned at a distance D to the integrated circuit enabling far-field RFID communication and not permitting near-field RFID communication. Further, the method includes checking the readability of the integrated circuit with the RFID-tag reader and issuing an alert signal if the integrated circuit is not readable by the RFID-tag reader indicating that the CPA member is not in the closed position.
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
24.
SECURE ELEMENT ARRAYS IN INTERNET-OF-THINGS SYSTEMS
Systems and methods for providing secure execution of functions for edge devices include a plurality of edge devices, a controller, and an array of secure elements. The edge devices are each configured to obtain data for an application of the system. The controller is connected to communicate with the edge devices to receive the data from each of the edge devices. The array of secure elements is connected to the controller, and each secure element executes functions using the data received from the edge devices. The controller associates an identified secure element of the array of secure elements with a respective edge device to execute the functions for data received from the respective edge device, and the controller is connected to communicate a result of the executed functions to the respective edge device.
It is provided a method for controlling access to a physical space secured by an electronic lock. The method is performed in an access evaluator and comprises: obtaining one or more input parameters relating to a user requesting access to the restricted physical space; evaluating a first access condition based on a credential presented by the user; evaluating a second access condition using a machine-learning model, based on the one or more input parameters; and unlocking the electronic lock when both the first access condition and the second access condition are evaluated to be true.
A method of device authentication comprises transmitting a data stream from a first endpoint device to a second endpoint device. The data stream includes a first data stream portion including unencrypted data that includes an ephemeral public key of an ephemeral key pair, and an encryption algorithm identifier; a second data stream portion including encrypted data that includes a first counter value and an identity of the first endpoint device; and a third data stream portion including encrypted data that includes a second counter value and an identity of the second endpoint device. The method of device authentication further comprises the second endpoint device authenticating the first endpoint device using the first, second, and third data stream portions.
It is provided a method for enabling training a machine-learning, ML, model for trigger-word detection, the method being performed in a training data provider (1). The method comprises: receiving (40) sound-based data, the sound-based data being based on sounds captured in a space to be monitored; determining (42) that the sound-based data corresponds to a trigger word, and labelling this sound-based data to correspond to the trigger word; and providing (44) the labelled sound-based data to train the ML model.
It is provided a method for configuring access rights for an electronic key (2) forming part of an access control system (10) comprising a plurality of electronic locks (12a-c, 13a-c, 14a-c) for securing access to respective physical spaces. The method is performed in a configuration device (1) and comprising: setting (40) a baseline configuration of access rights for the electronic key (2); receiving (42) access data, indicating at least one instance of the electronic key (2) being granted access by one of the plurality of electronic locks (12a-c, 13a-c, 14a-c); and adjusting (44) the configuration of access rights for the electronic key to restrict access compared to the baseline configuration, based on the access data.
Release mechanism for an electronic locking system, wherein the release mechanism is configured such that an input member and an output member are locked against relative rotation and can rotate together within a locking ring opening when a locking member is located in an input member recess and in an output member recess, and such that the output member is released to rotate relative to the input member when the locking member is located in the output member recess and in a locking ring recess. A freewheel mechanism and assemblies for an electronic locking system are also provided.
Customizing an application on a mobile device includes storing at least a portion of customization data in a customization server that is independent of the mobile device, a user of the mobile device accessing the customization server independently of the mobile device, receiving authorization data from the customization server that enables the mobile device to securely receive customization data from the customization server, and the mobile device using the authorization data to cause the customization server to provide the customization data to the mobile device. The authorization data may be provided by postal message, email message, an SMS text message, and/or a visual code provided on a screen of a computer used to access the customization server. The user may use a computer to provide credential information to access the customization server. Customizing the application may allow the mobile device to access a user service on behalf of the user.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
31.
PHYSICAL ACCESS CONTROL SYSTEMS WITH LOCALIZATION-BASED INTENT DETECTION
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
It is provided a method for providing data for training a machine learning model. The method is performed in a training data provider (1) and comprises the steps of: obtaining (40) a data structure comprising a chain of delegations, the chain of delegations covering a delegation path from a media capturing device (3) to the training data provider (1) such that, in the chain of delegations, each delegation is a delegation from a delegator to a receiver; sending (42) a key request to a delegation verifier (2), the key request comprising the data structure; receiving (44) a decryption key from the delegation verifier (2); obtaining (46) encrypted media data captured by the media capturing device (3); decrypting (48) the encrypted media data, resulting in decrypted media data; and providing (50) the decrypted media data for training the machine learning model.
The use of multimodal face attributes in facial recognition systems is described. In addition, use of one or more auxiliary attributes, such as a temporal attribute, can be used in combination with visual information to improve the face identification performance of a facial recognition system. In some examples, the use of multimodal face attributes in facial recognition systems can be combined with the use of one or more auxiliary attributes, such as a temporal attribute. Each of these techniques can improve the verification performance of the facial recognition system.
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
G06V 10/80 - Fusion, i.e. combining data from various sources at the sensor level, preprocessing level, feature extraction level or classification level
G07C 9/00 - Individual registration on entry or exit
G07C 9/37 - Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
It is provided a method for determining whether a portable key device is located inside or outside a metal door. The method is performed by a credential communication device and comprises the steps of: obtaining a first time-of-flight, ToF, measurement between a first antenna and the portable key device, wherein the first antenna is located on the outside of the metal door; obtaining a second ToF measurement between a second antenna and the portable key device, wherein the second antenna is located on the inside of the metal door; and determining the portable key device to be located on the outside of the metal door when the first ToF measurement is less than the second ToF measurement by an amount which is greater than a threshold value.
An arrangement (10) for a lock device (88a, 88b), the arrangement (10) comprising an input member (12, 106); a coupling member (26) movable between an uncoupled position (34) and a coupled position (80); an electromechanical actuator (28) comprising an actuating member (42) linearly movable between an uncoupling actuating position (44) and a coupling actuating position (78); and a torsion spring (30) having a first leg (62) and a second leg (64) movable away from each other against a deformation of the torsion spring (30), wherein the actuating member (42) is arranged to engage the first leg (62) and the second leg (64) is arranged to engage the coupling member (26) when the coupling member (26) is in the uncoupled position (34) and the actuating member (42) moves from the uncoupling actuating position (44) to the coupling actuating position (78). A lock device (88a, 88b) comprising an arrangement (10) is also provided.
A method for maintaining a log of events in a shared computing environment is provided. One example of the disclosed method includes receiving one or more data streams from the shared computing environment that include transactions conducted in the shared computing environment by a first entity and a second entity that is different from the first entity. The method further includes creating a first blockchain entry for a first transaction conducted in the shared computing environment for the first entity, creating a second blockchain entry for a second transaction conducted in the shared computing environment for the second entity, where the second blockchain entry includes a signature that points to the first blockchain entry, and then causing the first and second blockchain entries to be written to a common blockchain data structure in a database that is made accessible to both the first entity and the second entity.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
According to a first aspect, it is provided a method for requesting access to a physical space secured by a lock. The method is performed in a mobile device of a user and comprises the steps of: authenticating the mobile device with an authentication server, resulting in a token, being a data item, indicating one or more access groups to which the user belongs, wherein the token is cryptographically signed by the authentication server; storing the token in the mobile device; obtain a lock identifier of the lock; and transmitting an access request to an access control device, the access request comprising the token and the lock identifier.
An arrangement (10, 82) for locking and unlocking a lock device (58, 74), the arrangement (10, 82) comprising a transfer element (12) movable between a protruded position (42) and a retracted position (56); a core member (14) of soft magnetic material, the core member (14) comprising a coil section (20); an electric coil (16) wound around the coil section (20); and a blocking member (48) comprising a magnet (18), the blocking member (48) being movable between a blocking position (50), in which the magnet (18) establishes a magnetic circuit through the coil section (20) and the blocking member (48) blocks movement of the transfer element (12) to the retracted position (56), and an unblocking position (54), in which the magnet (18) establishes a magnetic circuit through the coil section (20) and the blocking member (48) unblocks movement of the transfer element (12) to the retracted position (56). A lock device (58, 74) comprising an arrangement (10, 82), and a method of controlling a lock device (58, 74), are also provided.
It is provided a system comprising a lock device and a key device for use in access control to a physical space. The key device comprises: an electronic key module configured to communicate with an electronic lock module of the lock device for access control; and a permanent magnet configured to close a magnetically controllable switch of the lock device to thereby power an electronic lock module of the lock device. The lock device comprises: the electronic lock module configured to communicate with the electronic key module to evaluate whether to grant access; a power source; and the magnetically controllable switch provided between the power source and the electronic lock module such that the magnetically controllable switch is closable by the permanent magnet of the key device to power the electronic lock module.
It is provided a sensor device comprising: a proximity sensor; a processor; a wireless communication module; and a memory. The memory stores instructions that, when executed by the processor, cause the sensor device to: receive a user input signal; determine when the received user input signal matches a signal template being associated with an event; store in the memory a record indicating an occurrence of the event associated with the user input signal; and transmit, once the wireless communication module is active, any stored records.
An arrangement (16) for controlling movements of an access member (12) relative to a frame (14), the arrangement (16) comprising abase section (18) for connection to either the access member (12) or the frame (14); a fixation part (20) for connection to the other of the access member (12) and the frame (14); a flexible elongated element (22) configured to be tensioned to thereby force the base section (18) and the fixation part (20) to move towards each other in a relative closing movement (86); and a braking device (82) arranged to brake a speed of the relative closing movement (86).
Authentication methods and systems are disclosed. In one non-limiting example, an authentication method may include detecting a user within an image, determining that the image further includes additional recognizable data, analyzing the additional recognizable data and one or more biometric features of the user, and determining that the additional recognizable data and the one or more biometric features of the user correspond to valid additional recognizable data and valid biometric features of an enrolled user, respectively. The method may further include enabling the user to access a protected asset based on determining that the additional recognizable data and the one or more biometric features of the user correspond to valid additional recognizable data and valid biometric features of an enrolled user, respectively.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06V 20/30 - Scenes; Scene-specific elements in albums, collections or shared content, e.g. social network photos or video
G06V 40/16 - Human faces, e.g. facial parts, sketches or expressions
An actuating device (12) comprising a stationary structure (20); an actuating element (22) rotatable relative to the stationary structure (20); an electric power source (24, 82); a spindle (26) arranged to be rotated by rotation of the actuating element (22); a locking member (28) movable between a locked position (66) and an unlocked position (86); an electromechanical transfer device (30, 84) arranged in the spindle (26), the transfer device (30, 84) being configured to adopt a locked state (68) and an unlocked state (78); a receiver device (34) fixed with respect to the spindle (26), the receiver device (34) being electrically connected 62 to the transfer device (30, 84); and a transmitter device (32) fixed with respect to the stationary structure (20) and arranged to be electrically powered by the power source (24, 82), the transmitter device (32) being configured to wirelessly transmit power to the receiver device (34).
It is provided a location determiner comprising: a first antenna; a radio signal modification device, wherein the radio signal modification device is configured to improve an ability to determine whether the portable key device is located on a back side or on a front side of the location determiner, based on obtaining a channel impulse response, CIR, of an impulse signal transmitted from the portable key device, wherein the location determiner is installable such that the back side is in a space being restricted by selectively unlockable a physical barrier and the front side is opposite the back side.
It is provided a method for determining when a portable key device is located on a front side or on a back side in relation to a barrier secured by an electronic lock. The method is performed in a location determiner and comprises the steps of: obtaining a channel impulse response, CIR, based on an impulse signal transmitted from the portable key device, the CIR being based on a plurality of samples of the impulse signal as received by an antenna being fixedly mounted in relation to the electronic lock; and determining, based on the CIR, whether the portable key device is located on the front side or on the back side.
A reader device of a physical access control system comprises an ultra-wide band (UWB) physical layer and processing circuitry. The processing circuitry is operatively coupled to the UWB physical layer and is configured to: receive access credential information from a separate second device; receive ranging information from the second device; grant access through a physical portal according to the access credential information and ranging information; determine a number of people intending to pass through the physical portal; and generate an indication according to the determined number.
G07C 9/15 - Movable barriers with registering means with arrangements to prevent the passage of more than one individual at a time
G01S 7/41 - RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES - Details of systems according to groups , , of systems according to group using analysis of echo signal for target characterisation; Target signature; Target cross-section
G01S 13/76 - Systems using reradiation of radio waves, e.g. secondary radar systems; Analogous systems wherein pulse-type signals are transmitted
G01S 13/02 - Systems using reflection of radio waves, e.g. primary radar systems; Analogous systems
A test system comprises a radio frequency (RF) shielded container, the shielded container to house a UWB receiver device under test; an RF antenna arranged within the RF shielded container; and a UWB transmitter device operatively coupled to the RF antenna. The UWB transmitter device is configured to transmit a UWB signal within the RF shielded container using the antenna, wherein the transmitted UWB signal is representative of multi-path components (MPCs) of resulting signals in an end-use environment of the UWB receiver device resulting from transmitting a UWB ranging signal in the end-use environment.
It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.
G07C 9/20 - Individual registration on entry or exit involving the use of a pass
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
It is provided a wearable device for determining when a user has fallen down. The wearable device comprises: a first biometric sensor for obtaining first biometric data of the user, wherein the first biometric sensor is a first accelerometer configured to measure acceleration of a part of a first limb of the user; a second biometric sensor for obtaining second biometric data of the user comprising a finger pressure parameter; and a third biometric sensor for obtaining third biometric data, the third biometric sensor being a second accelerometer configured to measure acceleration of a body part of the user being distinct from the first limb. The wearable device is configured to determine an identity of the user is based on the first biometric data, the second biometric data and the third biometric data, the identity being used to control access to a physical space, and to determine when the user has fallen down.
B60R 25/01 - Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
G06F 17/14 - Fourier, Walsh or analogous domain transformations
51.
BUMPING PREVENTING ARRANGEMENT FOR LOCK DEVICE, LOCK DEVICE AND METHOD
A bumping preventing arrangement (10) for a lock device (38, 52, 68), the bumping preventing arrangement (10) comprising transfer member (12, 46, 64, 74) having a magnet (14), the transfer member (12, 46, 64, 74) being movable along an actuation axis (18) between a locked position (16) and an unlocked position (36); a plurality of electric conductors (20), each electric conductor (20) enclosing the actuation axis (18); and a plurality of switches (22), each switch (22) being associated with a respective electric conductor (20), and being arranged to selectively close an electric circuit comprising the associated electric conductor (20) such that eddy currents are induced in the electric conductors (20) when the magnet (14) moves along the actuation axis (18) from the locked position (16) towards the unlocked position (36). A lock device (38, 52, 68) and a method of controlling a lock device (38, 52, 68) are also provided.
It is provided a protection circuit for protecting a battery comprising a plurality of lithium primary cells. The protection circuit comprises: a switch configured to control when the battery supplies power to a load; and a control circuit being configured to: detect, at a first point in time, when a voltage across at least part of the battery falls below a threshold voltage; and open the switch when the voltage across at least part of the battery is remains below the threshold voltage during a preconfigured duration from the first point in time, wherein the opening of the switch is irreversible.
It is provided a method for enabling determination of proximity of a mobile device (2a, 2b) to a beacon device (3a). The method is performed by a proximity determiner (1) and comprises the steps of: determining a set of beacon devices (3a-e) being detectable from the mobile device; obtaining beacon measurements of one or two beacon devices in each pair; generating a two-dimensional graph based on the beacon measurements; obtaining device measurements of signal strength of beacons from the beacon devices in the set of beacon devices; finding an optimum in a space defined by the two- dimensional graph; and determining the most probable position of the mobile device in the graph based on the optimum.
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
G01S 5/14 - Determining absolute distances from a plurality of spaced points of known location
A method and system for in-field encoding of credentials to a credential device. An example method comprises receiving a request to at least one of add or update credentials to a credential device; providing an invitation code for an in-field device, the in-field device being separate from the credential device; receiving, from the in-field device, the invitation code along with information from the credential device for establishing a secure communication channel with the credential device; establishing a secure communication channel with the credential device using the in-field device as an intermediate; generating one or more commands for encoding credentials to the credential device based on the request; and sending the one or more commands, via the secure communication channel using the in-field device as an intermediate, to the credential device.
It is provided a method for enabling determination of proximity of a mobile device (2a, 2b) to a selected proximity determiner (3a). The method comprises the steps of: determining a base set of proximity determiners (3b-e) whereby an enlarged set of proximity determiners is defined as the selected proximity determiner and the base set of proximity determiners; receiving beacon measurements of signal strength of other proximity determiners in the enlarged set of proximity determiners; generating a two-dimensional graph based on the beacon measurements; receiving respective device measurements indicating signal strength of a signal from the mobile device at each proximity determiner in the enlarged set of proximity determiners; finding an optimum in a space defined by the two-dimensional graph; and determining the most probable position of the mobile device in the graph based on the optimum.
G01S 5/14 - Determining absolute distances from a plurality of spaced points of known location
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinations; Position-fixing by co-ordinating two or more distance determinations using radio waves
According to a first aspect, it is provided a method for processing an input media feed for monitoring a person. The method is performed by a media processing device comprising a media capturing device. The method comprises the steps of: obtaining an input media feed using the media capturing device; providing the input media feed to a local artificial, AI, intelligence engine, to extract at least one feature of the input media feed; and transmitting intermediate results comprising the extracted at least one feature to train a central AI model, while refraining from transmitting the input media feed. The local AI engine forms part of the media processing device. The intermediate results comprise a label of the extracted at least one feature. The label is obtained from an end result of another local AI engine.
G06V 10/774 - Generating sets of training patterns; Bootstrap methods, e.g. bagging or boosting
G06V 20/52 - Surveillance or monitoring of activities, e.g. for recognising suspicious objects
G06V 10/94 - Hardware or software architectures specially adapted for image or video understanding
G06V 10/82 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using neural networks
G06V 10/77 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using data integration or data reduction, e.g. principal component analysis [PCA] or independent component analysis [ICA] or self-organising maps [SOM]; Blind source separation
G01S 7/41 - RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES - Details of systems according to groups , , of systems according to group using analysis of echo signal for target characterisation; Target signature; Target cross-section
A method for creating a secure channel between devices for secure communication therebetween. The method comprises transmitting a first nonce from an initiator device to a responder device; receiving, at the initiator device, a second nonce and an identity of the responder device; transmitting an identity of the initiator device and a first set of one or more encrypted data objects from the initiator device to the responder device; receiving, at the initiator device, a second set of one or more encrypted data objects from the responder device; and generating, at the initiator device, a session key for secure communication between the initiator and responder devices.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/14 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
A method for offline delegation of authorization to access a secure asset. The method comprises receiving an offline delegation request from a delegating device at a receiving device while the receiving device is not in communication with a server of an authorization management system, the offline delegation request indicating a delegation of authorization from the delegating device to the receiving device for access to a secure asset; after establishing communication with the server, transmitting the offline delegation request from the receiving device to the server; and receiving, at the receiving device, authorization data from the server in exchange for the offline delegation request, the authorization data permitting access to the secure asset by the receiving device; wherein the offline delegation request comprises an identity of the receiving device or user of the receiving device and is digitally signed by the delegating device.
G06F 21/35 - User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
60.
METHODS AND DEVICES FOR PHYSICAL ACCESS CONTROL SYSTEMS
An access control system includes a plurality of physical access control readers that form a reader network which utilizes a first communication protocol. The system includes a plurality of mobile communication devices each having a first communication interface and a second communication interface. The first communication interface enables the mobile communication devices to access a mobile communication network which utilizes a second communication protocol, and the second communication interlace enables the mobile communication devices to communicate with the access control readers. The plurality of physical access control readers exchange status information for the plurality of physical access control readers and for the plurality of mobile communication devices over the reader network.
An access control system includes a plurality of physical access control readers that form a reader network which utilizes a first communication protocol. The system includes a plurality of mobile communication devices each having a first communication interface and a second communication interface. The first communication interface enables the mobile communication devices to access a mobile communication network which utilizes a second communication protocol, and the second communication interlace enables the mobile communication devices to communicate with the access control readers. The plurality of physical access control readers exchange status information for the plurality of physical access control readers and for the plurality of mobile communication devices over the reader network.
A method to check if a connector system with a Connector Position Assurance (“CPA”) member is in a closed position. The method includes providing an RFID-tag reader that is positioned at a distance D to the integrated circuit enabling far-field RFID communication and not permitting near-field RFID communication. Further, the method includes checking the readability of the integrated circuit with the RFID-tag reader and issuing an alert signal if the integrated circuit is not readable by the RFID-tag reader indicating that the CPA member is not in the closed position.
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
An actuating device (12) comprising an actuating element (14); an electric generator (16); and an electromechanical coupling device (18) configured to adopt a decoupled state, for decoupling the actuating element (14) from a locking member (22), and a coupled state, for coupling the actuating element (14) to the locking member (22); wherein the coupling device (18) comprises a blocker (26), a holder (38) and a release mechanism (40); wherein the holder (38) is arranged to adopt a holding position, in which the holder (38) holds the blocker (26), when the coupling device (18) adopts the coupled state; wherein the holder (38) is arranged to adopt a released position, in which the holder (38) does not hold the blocker (26), when the coupling device (18) adopts the decoupled state; and wherein the release mechanism (40) is arranged to mechanically force the holder (38) from the holding position to the released position by manual rotation of the actuating element (14) about the actuating axis (20).
Release mechanism for an electronic locking system, wherein the release mechanism is configured such that an input member and an output member are locked against relative rotation and can rotate together within a locking ring opening when a locking member is located in an input member recess and in an output member recess, and such that the output member is released to rotate relative to the input member when the locking member is located in the output member recess and in a locking ring recess. A freewheel mechanism and assemblies for an electronic locking system are also provided.
It is provided a method for enabling access control for access to a physical space secured by a lock device. The method is performed in a security device and comprises the steps of: obtaining at least one image captured using a first camera of a portable key device, the at least one image being captured in a vicinity of the lock device; receiving a template decryption key from a lock device over a short-range communication link; obtaining a credential associated with the lock device; matching the at least one image with a plurality of templates, each template being associated with a lock device, which comprises obtaining the plurality of templates by decrypting encrypted templates using the template decryption key; and wherein a positive match is a necessary condition for opening the lock device.
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Methods and systems are provided for performing operations comprising: receiving, by a credential gateway from a client device, a request to obtain a digital credential for accessing a secure resource, the credential gateway being configured to coordinate an exchange of digital credentials associated with different secure resource types with a plurality of client devices; communicating the request to a server associated with the secure resource; receiving, by the credential gateway from the server associated with the secure resource, a data object that includes the digital credential; selecting, by the credential gateway, based on the data object, a security protocol from a plurality of security protocols; and providing, by the credential gateway, the digital credential to the client device in accordance with the selected security protocol.
An RFID assembly that includes both a UHF patch antenna and an HF or LF loop antenna is provided. The patch antenna and the loop antenna are arranged inside a housing in such a manner that the loop antenna partially overlaps an end portion of the patch antenna, thereby forming an extension of the patch antenna. In this manner, a performance of the UHF patch antenna can be maintained despite decreasing the size of the same, while an interference between the patch antenna and the loop antenna can be suppressed, in particular, by providing a gap between the same.
It is provided a method for detecting people, the method being performed by a people detector provided by a doorway. The method comprises the steps of: receiving an open signal indicating that a door of the doorway is open; setting a people sensor of the people detector in an active mode based on receiving the open signal; detecting when a person passes through the doorway, using the people sensor; receiving a closed signal indicating that the door of the doorway is closed; transmitting a result of the step of detecting, wherein the step of transmitting is performed based on receiving the closed signal; and setting the people sensor in a power save mode based on receiving the closed signal.
Techniques for handling and reducing ink overspray of an ink jet printer are provided. In an example, an ink overspray collector for an ink jet printer can include a first opening defining a first print area of the ink jet printer, and a frame about the first opening. The frame is configured to receive overspray from operation of the ink jet printer and can be formed of a woven material. In some examples, a controller of the ink jet printer can reduce an amount of ink ejected near the edges of the print media to reduce overspray.
B41J 2/045 - Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
It is provided a method for configuring a target device. The method comprises the steps of: transmitting a configuration request message to the target device, the configuration request message comprising a configuration request and a request signature, wherein the request signature is based on the configuration request; receiving a configuration response message from the target device, the configuration response message comprising a configuration response and a response signature, wherein the response signature is based on the configuration response and the request signature; verifying the response signature to determine whether the configuration response message is valid, based on the configuration response, the request signature and a public key for the target device; and transmitting a configuration commit message to the target device only when the configuration response message is valid, the configuration commit message comprising a configuration commit indicator and a commit signature.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 67/133 - Protocols for remote procedure calls [RPC]
72.
METHODS & PROCESSES TO SECURELY UPDATE SECURE ELEMENTS
This disclosure describes techniques for updating firmware of a secure element. The techniques include operations comprising: receiving, by a gateway device, from a remote source, a firmware file; receiving, by a processing element implemented on the gateway device, ephemeral session specific key material for a first secure element implemented on the gateway device; dividing the firmware file into a plurality of data chunks; applying, by the processing element, the ephemeral session specific key material to a first data chunk of the plurality of data chunks to generate a first data packet; and sending, by the processing element, the first data packet to the first secure element.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
It is provided a method for controlling camera-based supervision of a physical space. The method is performed in a supervision controller and comprises the steps of: determining that a person enters the physical space; deactivating camera-based supervision of the physical space based on the person entering the physical space, by turning off a video feed of the camera-based supervision; determining that a person exits the physical space; and activating camera-based supervision of the physical space based on the person exiting the physical space.
G06V 20/52 - Surveillance or monitoring of activities, e.g. for recognising suspicious objects
G08B 13/196 - Actuation by interference with heat, light, or radiation of shorter wavelength; Actuation by intruding sources of heat, light, or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems using television cameras
G08B 21/04 - Alarms for ensuring the safety of persons responsive to non-activity, e.g. of elderly persons
74.
RELAY ATTACK DETECTION FOR INTERFACES USING COMMAND-RESPONSE PAIR
A reader device of an access control system comprises physical layer circuitry and processing circuitry. The processing circuitry is operatively coupled to the physical layer circuitry and is configured to initiate transmission of a command to a credential device; determine a time duration from sending the command to the credential device to receiving a response to the command from the credential device; and generate an indication when the time duration exceeds a relay attack detection threshold time duration.
A laser marking system comprises a laser energy source that generates a laser beam, a laser controller configured to focus the laser beam over a field of view greater than a size of laser-markable items, and a start-up target that includes laser-safe material and is located within the field of view. The laser controller is further configured to point the laser beam at the start-up target during a start-up phase of the laser energy source and focus the laser beam on one of the laser-markable items after the start-up phase.
A storage device (10) for storing a key, the storage device (10) comprising a housing (12, 38); a blocking structure (40); a carrier (18) for carrying 76 a key, the carrier (18) being movable relative to the housing (12, 38) between a closed position (20), in which the carrier (18) is accommodated within the housing (12, 38), and an open position (26), in which the carrier (18) at least partly protrudes from the housing (12, 38) for retrieval of a key from the carrier (18), the carrier (18) comprising a blocking member (44) and a biasing device (42) arranged to bias the blocking member (44) into engagement with the blocking structure (40) in the closed position (20); and an actuator (52) comprising a locking structure (54), the actuator (52) being arranged to move the locking structure (54) between a 40 locking position (56) to lock the blocking member (44) when engaging the blocking structure (40), and an unlocking position (84) in which the blocking member (44) is not locked by the locking structure (54).
A method of operating a seamless physical access control system comprises transferring communication session information using an out-of-band (OOB) communication channel of a smart ultra-wide band (UWB) capable device; establishing a secure OOB communication channel between the smart UWB capable device and a reader device using the communication session information; determining that a UWB enabled application of the smart UWB capable device needs secure ranging; establishing a secure UWB communication channel between the smart UWB capable device and the reader device; and transferring ranging information from a secure component of the smart UWB capable device to the reader device via the secure UWB communication channel.
Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.
H04W 12/64 - Location-dependent; Proximity-dependent using geofenced areas
G07C 9/21 - Individual registration on entry or exit involving the use of a pass having a variable access code
G07C 9/25 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
G07C 9/10 - Movable barriers with registering means
G07C 9/00 - Individual registration on entry or exit
G07C 9/29 - Individual registration on entry or exit involving the use of a pass the pass containing active electronic elements, e.g. smartcards
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
G07C 9/27 - Individual registration on entry or exit involving the use of a pass with central registration
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
G07C 9/28 - Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
A lock device (12) comprising a bolt (22) movable between a retracted position (24) and an extended position (90); a bolt force device (26) arranged to force the bolt (22) from the retracted position (24) towards the extended position (90); a blocking member (28) movable between a blocking position (32) and an unblocking position (96); a lock device magnet (46) movable between a passive position (48) and an active position (94) in response to a repulsive magnetic force acting on the lock device magnet (46); and a release transmission (52) arranged to mechanically transmit a movement of the lock device magnet (46) from the passive position (48) to the active position (94), to a movement of the blocking member (28) from the blocking position (32) to the unblocking position (96). A system (10) comprising a lock device (12) and a strike plate (14) is also provided.
E05B 47/00 - Operating or controlling locks or other fastening devices by electric or magnetic means
E05B 63/20 - Locks with special structural characteristics with arrangements independent of the locking mechanism for retaining the bolt in the retracted position released automatically when the wing is closed
It is provided a method for enabling remote unlock of a lock securing access to a physical space. The method is performed in a server and comprises the steps of: receiving, from a first mobile device, an access request to unlock a lock, wherein the request comprises an identifier of the lock and a user identifier associated with an access requester, being a user of the first mobile device; finding a remote credential device being associated with the lock; and transmitting an access request to the remote credential device, the access request comprising an identifier based on the user identifier.
Systems and techniques for improving ink jet ink durability and adhesion to a substrate. The techniques may include applying a varnish to the surface of the substrate, curing, in an initial curing step, the varnish with an ultraviolet (UV) lamp, and applying a pigmented ink to at least a portion of the substrate. The initial curing step may comprise pinning the varnish with the UV lamp in a low-power state. The techniques may additionally or alternatively include applying a layer of pigmented ink and varnish at substantially the same time, allowing the pigmented ink and varnish to at least partially mix, then pinning or curing the ink/varnish combination.
Various systems and methods for securely sharing private information are described herein. A user device includes a memory device; and a processor subsystem, which when configured by instructions stored on the memory device, is operable to perform the operations comprising: receiving, at a verifier device, an indication of supported unclonable functions and a challenge value; identifying an unclonable function from the supported unclonable functions, to obtain a selected unclonable function; executing the selected unclonable function based on the challenge value, to obtain a result; and transmitting the indication of supported unclonable functions, the selected unclonable function, and the result to the verifier device to authenticate the user device.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
84.
Reader housing having a camera window and display screen
According to a first aspect, it is provided a method for providing access to a lock for provision of a service. The method comprises the steps of: receiving a request for access to the lock; sending a consumer request to a service consumer device, asking whether to grant access to the lock; receiving a positive consumer response from the service consumer device; determining validity time for a grant token; obtaining a grant token for the service provider, the grant token having the determined validity time; providing the grant token to the service provider; deleting the grant token in the access coordination server; receiving an agent request for access to the lock for a specific service provider agent device, the agent request comprising the grant token; obtaining a credential for the service provider agent device; and providing the credential to the service provider agent device.
G07C 9/00 - Individual registration on entry or exit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
87.
ARRANGEMENT FOR ELECTRONIC LOCKING SYSTEM, AND ELECTRONIC LOCKING SYSTEM
An arrangement (10) for an electronic locking system (24), the arrangement (10) comprising an actuating element (12) arranged to perform an actuating procedure (18) by means of manual manipulation by a user; an electromagnetic generator (14) comprising a stator (20) and a rotor (22), the rotor (22) being arranged to be rotationally driven relative to the stator (20) at least temporarily during the actuating procedure (18) by movement of the actuating element (12) to thereby generate electric energy; and an electronic control system (16) arranged to be electrically powered by the generator (14); wherein the control system (16) is arranged to control a provision of feedback to the user; and wherein the feedback is a haptic feedback in the actuating element (12), a sound signal, a light signal, or combinations thereof. An electronic locking system (24) comprising the arrangement (10) is also provided.
Various systems and methods for providing discovering smart card slots in a device are described herein. A server device for discovering smart card slots in a client device may be implemented with a processor subsystem; and memory including instructions, which when executed by the processor subsystem, cause the processor subsystem to perform operations comprising: receiving, at the server device from the client device, over an established Bluetooth connection, smart card connector parameters, the client device having a plurality of smart card slots; iterating through the plurality of smart card slots; at each slot of the plurality of smart card slots, using a smart card protocol to attempt to access an application at each slot, the application pre-associated with the server device; and in response to identifying the application exists in a slot of the plurality of smart card slots, connecting with the application.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H04W 4/70 - Services for machine-to-machine communication [M2M] or machine type communication [MTC]
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
It is provided a sensor device comprising: a vibration detector configured to be provided in contact with a windowpane of a window; a sensor controller; and a cable between the vibration detector and the sensor controller; wherein the vibration detector comprises a piezoelectric sensor that is configured to wake up the sensor controller when a vibration is detected by the piezoelectric sensor.
G08B 13/04 - Mechanical actuation by breaking of glass
G01H 11/08 - Measuring mechanical vibrations or ultrasonic, sonic or infrasonic waves by detecting changes in electric or magnetic properties by electric means using piezoelectric devices
G01V 11/00 - Prospecting or detecting by methods combining techniques covered by two or more of main groups
G08B 13/16 - Actuation by interference with mechanical vibrations in air or other fluid
it is provided a method for performing a cryptographic signing operation of a data item. The method is performed in a server and comprises the steps of: receiving, from a smartcard reader, a request for a data item to be collectively signed, the request comprising an indication of the data item and an identifier of a smartcard, wherein the collective signing requires the use of both a smartcard secret key and a server secret key for the collective signature to be valid; establishing a secure channel with the smartcard; collaborating with the smartcard over the secure channel to provide a collective signature of the data item, wherein the server bases the signature on the data item and a server secret key, wherein the server secret key is specifically associated with the smartcard secret key, resulting in a collective signature; and sending the collective signature to the smartcard reader.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A computing device implemented method of identity authentication comprises receiving a biometric token; performing a biometric capture of a user; converting the biometric capture into a biometric bitstream; recovering a predictable seed of data using the biometric bitstream and the biometric token; using the recovered predictable seed of data to produce challenge response data sent to a verifier device in response to a challenge message received from the verifier device; and verifying the challenge response data using identity data of the user.
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.
G07C 9/22 - Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 12/0431 - Key distribution or pre-distribution; Key agreement
It is provided a lock assembly comprising: a striking plate assembly comprising an aperture and a magnetometer arranged in proximity of the aperture; a bolt being displaceable to enable movement through the aperture of the striking plate assembly, the bolt comprising a magnet; and a sensor device for detecting proximate presence of an object, wherein the sensor device is configured to power up the magnetometer when the sensor device detects proximate presence of an object; wherein the lock assembly is configured to detect, using the magnetometer and magnet when the bolt is in a protruded position through the aperture.
It is provided a lock assembly (1) comprising: a striking plate assembly (10) comprising an aperture (12a, 12b); a first communication module (20a); and a bolt (13,14) being displaceable to enable movement through the at least one aperture (12a, 12b) of the striking plate assembly (10), the bolt (13,14) comprising a second communication module (20b); wherein the first communication module (20a) is configured to receive an identity of the bolt (13, 14) by communicating with the second communication module (20b) and wherein wireless signals from one of the first and second communication modules (20a, 20b) powers the other.
An RFID device that can be connected to a piece of material, in particular, a piece of fabric (22), in an efficient manner and that is small and flexible is provided. A wire antenna (16) is coupled to an integrated circuit provided on a substrate (12) of the RFID device (10). The wire antenna (16) is attached to the substrate (12) by being laced with the substrate (12) via a pair of through holes. In this state, the wire antenna (16) is fixedly connected to the piece of material by heating a coating of the wire antenna (16), which coating includes a thermoset adhesive material. In this manner, the substrate (12) is connected to the piece of material via the wire antenna (16).
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
Methods and systems are provided for performing operations comprising: generating, on a publicly accessible server, a secure enclave, the secure enclave having isolated memory and processing resources of the server; installing, on the secure enclave, a virtual machine comprising a guest operating system of a first entity; installing, by the virtual machine, one or more cryptographic processes associated with the first entity; and encrypting and decrypting cryptographic keys associated with the first entity using the one or more cryptographic processes.
It is provided a method for enabling upgrading firmware of a target device. The method is performed in a portable updater and comprises the steps of: downloading a plurality of firmware sections from a server, the firmware sections collectively making up a complete firmware for deployment on the target device; determining that a connection with the target device is established over a short-range wireless link; determining a firmware section to transfer to the target device; and transferring the determined firmware section to the target device over the short-range wireless link. The steps of determining a firmware section and transferring are repeated until a predetermined number of firmware sections, being a strict subset of all firmware sections, have been transferred.
It is provided a method for controlling access to an access object. The method is performed in an electronic key device and comprises the steps of: communicating with an access control device to obtain an identity of the access control device; sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device; receiving a response from the server, the response comprising a key delegation to the electronic key device; and sending a grant access request to the access control device, the grant access request comprising the key delegation, to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 12/084 - Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol