ACCESS AUTHORIZATION BY MEANS OF PERSONAL ACCESS MODULE

Abstract

Provided is a method for authenticating users on a packaging industrial system having at least two operator interfaces, including the following steps: login of a user to a personal portable item, wherein the personal item including a memory with login credentials of the user for the at least two operator interfaces, wherein login credentials for the operator interfaces being different from each other, activation of the memory for a period of time, detecting the user when he is in a predefined spatial area around the operator interfaces, connecting the personal item to an operator interface when the user is detected in the associated spatial area, authentication of the user at this operator interface with the login credentials stored in the memory via the connection of the personal item to the operator interface.

Claims

1. A method for authenticating users on a packaging industrial system comprising at least two operator interfaces, comprising the following steps: login of a user to a personal portable item, wherein the personal item comprising a memory with login credentials of the user for the at least two operator interfaces, wherein the login credentials for the operator interfaces being different from each other, activation of the memory for a period of time, detecting the user when he is in a predefined spatial area around the operator interfaces, connecting the personal item to an operator interface when the user is detected in the associated spatial area, authentication of the user at this operator interface with the login credentials stored in the memory via the connection of the personal item to the operators interface.

2. The method according to claim 1, wherein the user logs in to the personal item by a biometric verification procedure and/or a personal password.

3. The method according to claim 1, wherein the period during which the memory is activated ends when the user is no longer carrying the personal item.

4. The method according to claim 1, wherein the connection of the personal item to the operator interface and/or the authentication of the user with the login credentials located in the memory is contactless, in particular by Bluetooth.

5. The method according to claim 1, wherein the detection of whether a user is located in a predefined spatial area around the operator interfaces takes place contactlessly, in particular by near field communication.

6. The method according to claim 1, wherein at least two users can authenticate themselves on the packaging industrial system with a personal item each, wherein the users can be assigned different authorizations for the operator interfaces.

7. The method according to claim 1, wherein the login credentials stored on the memory are managed via synchronisation with a central rights management.

8. The method according to claim 1, wherein the activation of the memory is blocked if synchronisation with the central rights management has not taken place for a predefined period of time.

9. An apparatus for authenticating users on a packaging industrial system comprising at least two operator interfaces, wherein the apparatus comprising a memory with user log-in credentials for the at least two operator interfaces, wherein the login credentials for the operator interfaces are different from one another, wherein the memory can be activated for a period of time, wherein the apparatus has a detection device with which it can be detected when the user is within a predefined spatial range around the operator interface, wherein apparatus comprising a connection device via which a connection can be established between the apparatus and the operator interfaces when the user is detected by the detection device in the area belonging to the operator interface, wherein the user can authenticate itself at this operator interface by the login credentials stored on the memory for this operator interface.

10. The apparatus according to claim 9, wherein the apparatus is portable.

Description

BRIEF DESCRIPTION

[0061] Some of the embodiments will be described in detail, with reference to the following figures, wherein like designations denote like members, wherein:

[0062] FIG. 1 shows a representation of the authentication according to embodiments of the invention;

[0063] FIG. 2 shows a schematic representation of a method according to embodiments of the invention;

[0064] FIG. 3 shows a schematic representation of an apparatus according to embodiments of the invention; and

[0065] FIG. 4 shows a flow chart of the method according to embodiments of the invention.

DETAILED DESCRIPTION

[0066] In FIG. 1, it can be seen that a connection is established between the personal item 4 and the operator interface 20 since the personal item 4 is close to the operator interface 20. In this embodiment, the personal item 4 is, by way of example, a watch that is attached to the wrist of the user 1. The operator interface 20 is password protected, as symbolised by the lock shown. In the memory of the personal item 4, the login credentials belonging to this operator interface 20 are stored. If the connection between the operator interface 20 and the personal item 4 is successful, the operator interface 20 can be unlocked by the matching login credentials (symbolised by the key), i.e., the user 1 can authenticate himself at the operator interface 20.

[0067] FIG. 2 shows a packaging industrial system 2 comprising the operator interfaces 20 and 22. The operator interfaces are each surrounded by a predefined spatial area 80 or 82. The user 1 is located within the predefined spatial area 80. The user 100, on the other hand, is located outside the predefined spatial areas 80 and 82. The user 1 carries a personal item 4, the user 100 a personal item 400. Since the user 1 is located with his personal item 4 in the predefined spatial area 80, a connection can be established between the personal item 4 and the operator interface 20. In this way, the user 1 can authenticate itself at the operator interface 20. Since the user 100 is outside the predefined spatial areas 80 and 82, he cannot authenticate itself at any of the operator interfaces 20 or 22. The central rights management 14 can also be seen, which is used to manage all login credentials.

[0068] FIG. 3 shows a schematic representation of an apparatus 4 according to embodiments of the invention. The apparatus 4 has a memory 6 in which login credentials for various operator interfaces are stored. The apparatus 4 further comprises a detection device 10 for detecting when the user 1 is in a predefined spatial area 80 or 82 around an operator interface 20 or 22. In addition, the apparatus 4 has a connection device 12 via which a connection can be established between the apparatus 4 and the operator interfaces 20 or 22.

[0069] FIG. 4 shows a flow chart of a method according to embodiments of the invention. At the beginning, the user logs in to his personal item. This activates the memory for the time period t. If the user is detected in a predefined spatial area around an operator interface after this activation, the personal item connects to this operator interface. As long as the user is not detected in a predefined spatial area, no connection can take place. In this case, no change in the situation takes place until the user is detected in a predefined spatial area at some point (or the time period t has elapsed).

[0070] If the user is detected in a predefined spatial area and the personal item and the operator interface have connected, the user can authenticate at this operator interface with the login credentials in the memory via the connection of the personal item to this operator interface.

[0071] Although the present invention has been disclosed in the form of preferred embodiments and variations thereon, it will be understood that numerous additional modifications and variations could be made thereto without departing from the scope of the invention.

[0072] For the sake of clarity, it is to be understood that the use of “a” or “an” throughout this application does not exclude a plurality, and “comprising” does not exclude other steps or elements. The mention of a “unit” or a “module” does not preclude the use of more than one unit or module.

LIST OF REFERENCE SIGNS

[0073] 1, 100 user

[0074] 2 packaging industry system

[0075] 4, 400 apparatus/personal item

[0076] 6 memory

[0077] 10 detection device

[0078] 12 connection device

[0079] 14 central rights management

[0080] 20, 22 operator interface

[0081] 80, 82 predefined spatial area

[0082] T period for which the memory is activated

[0083] t2 period in which synchronisation with the central rights management must take place

ACCESS AUTHORIZATION BY MEANS OF PERSONAL ACCESS MODULE

Inventors

Cpc classification

Classification Explorer

H04L63/107

ELECTRICITY

Classification Explorer

G07C2209/08

PHYSICS

Classification Explorer

H04L63/0861

ELECTRICITY

Classification Explorer

G07C2209/06

PHYSICS

Classification Explorer

G06F2221/2111

PHYSICS

Classification Explorer

G07C2209/64

PHYSICS

Classification Explorer

G07C9/23

PHYSICS

Classification Explorer

G06F2221/2139

PHYSICS

Classification Explorer

H04L63/108

ELECTRICITY

Classification Explorer

G07C9/26

PHYSICS

Classification Explorer

G06F21/35

PHYSICS

Classification Explorer

G06F21/32

PHYSICS

Classification Explorer

H04L63/0853

ELECTRICITY

Classification Explorer

G07C9/27

PHYSICS

International classification

Classification Explorer

G06F21/35

PHYSICS

Classification Explorer

G06F21/32

PHYSICS

Classification Explorer

G07C9/26

PHYSICS

Classification Explorer

G07C9/27

PHYSICS

Abstract

Claims

Description