METHOD OF CONTROLLING ACCESS

Abstract

A method of controlling access to a zone 300a, 300b, 300c, the zone is accessed via a first access point 301a, 301b, 301c having an associated first set of access rights, the first set of access rights including permission for a first entity category to access the zone 300a, 300b, 300c, the method including: receiving a first signal including a first identifier indicating that a first entity 302 identified by the first identifier and belonging to the first entity category is at the first access point 301a, 301b, 301c; in response to receipt of the first signal, allowing the first entity entry into the zone 300a, 300b, 300c through the first access point 301a, 301b, 301c; and in response to receipt of the first signal, temporarily changing the access rights associated with the first access point 301a, 301b, 301c to a second set of access rights.

Claims

1. A method of controlling access to a zone, wherein the zone is accessed via a first access point having an associated first set of access rights, the first set of access rights including permission for a first entity category to access the zone, the method comprising: receiving a first signal including a first identifier indicating that a first entity identified by the first identifier and belonging to the first entity category is at the first access point; in response to receipt of the first signal, allowing the first entity entry into the zone through the first access point; and in response to receipt of the first signal, temporarily changing the access rights associated with the first access point to a second set of access rights; and reverting the access rights associated with the first access point to the first set of access rights on expiry of a predetermined time period since receipt of the first signal.

2. A method of controlling access to a zone as claimed in claim 1, wherein the first set of access rights include permission for a second entity category to access the zone, and the second set of access rights deny permission for the second entity category to access the zone.

3. A method of controlling access to a zone as claimed in claim 2, wherein the second set of access rights include permission for a third entity category to access the zone through the first access point and/or an emergency override for allowing any entity entry into the zone through the first access point in a state of emergency.

4. A method of controlling access to a zone as claimed in claim 1, wherein the second set of access rights deny permission for other entities in the first entity category to access the zone.

5. A method of controlling access to a zone as claimed in claim 1, wherein the first entity is identified by the first identifier and identified as belonging to the first entity category by a device in the possession of the first entity which is arranged to communicate with the first access point.

6. A method of controlling access to a zone as claimed in claim 1, wherein the method comprises: receiving an initiating signal indicating a desire to control access to the zone, the initiating signal including the first identifier, wherein the initiating signal is required before temporarily changing the access rights associated with the first access point to a second set of access rights.

7. A method of controlling access to a zone as claimed in claim 1, wherein the method comprises reverting the access rights associated with the first access point to the first set of access rights when it is determined that the first entity has reached a predetermined location.

8. A method of controlling access to a zone as claimed in claim 1, wherein the zone is exited via a second access point having an associated first set of access rights, the first set of access rights including permission for the first category of entity to exit the zone, the method comprising: receiving a second signal including the first identifier indicating that the first entity identified by the first identifier is at the second access point; in response to receipt of the second signal, allowing the first entity to exit the zone through the second access point; in response to receipt of the second signal, temporarily changing the access rights associated with the second access point to a second set of access rights.

9. A method of controlling access to a zone as claimed in claim 8, the method comprising: in response to receipt of the second signal, reverting the access rights associated with the first access point to the first set of access rights.

10. A method of controlling access to a zone as claimed in claim 8, wherein a second zone is accessed via the second access point and the method comprises controlling access to the second zone.

11. A method of controlling access to a zone as claimed in claim 1, wherein the zone is accessed via a plurality of access points, the plurality of access points including the first access point, wherein each access point has an associated first set of access rights, the first set of access rights including permission for a first entity category to access the zone, the method comprising: in response to receipt of the signal including a first identifier indicating that a first entity identified by the first identifier and belonging to the first entity category is at the first access point, temporarily changing the access rights associated with each of the plurality of access points to a second set of access rights.

12. A method of controlling access to a zone as claimed in claim 1, wherein the first access point is a door fitted with an electromechanical lock and/or the zone comprises an area of a building.

13. A server configured to control access to a zone and communicate with a first access controller associated with a first access point, wherein the zone is accessed via the first access point, the first access point having an associated first set of access rights, the first set of access rights including permission for a first entity category to access the zone, the server being configured to: receive a first signal including a first identifier indicating that a first entity identified by the first identifier and belonging to the first entity category is at the first access point; in response to receipt of the first signal, unlock the first access point; and in response to receipt of the first signal, temporarily change the access rights associated with the first access point to a second set of access rights; and reverting the access rights associated with the first access point to the first set of access rights on expiry of a predetermined time period since receipt of the first signal.

14. An access controller configured to control access to a zone that is accessed via an access point, wherein the access point has an associated first set of access rights, the first set of access rights including permission for a first category of entity to access the zone, the access controller being configured to: receive a first signal including a first identifier indicating that a first entity identified by the first identifier and belonging to the first entity category is at the access point; in response to receipt of the first signal, unlock the first access point; and in response to receipt of the first signal, temporarily change the access rights associated with the access point to a second set of access rights; and reverting the access rights associated with the first access point to the first set of access rights on expiry of a predetermined time period since receipt of the first signal.

15. A network comprising a plurality of access controllers, the plurality of access controllers each being access controllers as claimed in claim 14, wherein the plurality of access controllers are configured to communicate with one another.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0063] Certain embodiments of the present invention will now be described, by way of example only, with reference to the accompanying drawings, in which:

[0064] FIG. 1 is a is a schematic diagram of an access control system;

[0065] FIG. 2 is a block diagram of an access control system;

[0066] FIG. 3 is a schematic diagram of a zone in which access via access points is controlled; and

[0067] FIG. 4 is a flowchart of a method of controlling access to a zone.

DETAILED DESCRIPTION

[0068] FIG. 1 schematically illustrates an access control system 10. The system 10 includes a device 12 in the possession of a user, a server 14, and a plurality of access points each having an access controller 16, schematically illustrated as 16a, 16b, . . . , 16n. One example of access points would be doors with electronic door readers acting as access point controllers.

[0069] It should be noted that the plurality of access controllers 16 may be configured to communicate with one another and thus form a network in place of, or in addition to the server 14. In this case, each access controller 16 can form a node of the network. Such a network may perform any or all of the functions of the server described in more detail below.

[0070] The device 12 is a wireless-capable handheld device such as a smartphone, which is operable to communicate with the server 14 and the access controllers 16 of the access points. Alternatively the device 12 could be a badge or card, e.g. an RFID smartcard. The device 12 can be configured to store credentials of particular categories and a unique identifier associated with the device. The server 14 may configure the device 12 to store credentials of particular categories and other data. For example, the server can provide one of three categories of credential to the device 12: a first category (e.g. for VIPs); a second category (e.g. for press); and a third category (e.g. for security staff). The device 12 can be reconfigured by the server 14 to store a different category of credential or a combination of categories.

[0071] Each access controller 16 is wireless-capable, such as a wireless lock or door reader for room entry. The device 12 submits credentials (of a particular category such as those described above, and including the unique identifier) to the access controllers 16, thereby selectively permitting a user to pass through the relevant access points if the credentials of the device 12 permit. A user may, for example, present a device in their possession to an access controller 16 for the device to communicate a particular category of credential stored upon the device to the access controller. In response to this, the access controller may allow the user access via an access point to an otherwise restricted room.

[0072] With reference to FIG. 2, a block diagram of an example electronic lock system 20 includes an access controller 16a, a device 12, and a server 14. The access controller 16a includes a lock actuator 22, a lock controller 24, a lock antenna 26, a lock transceiver 28, a lock processor 30, a lock memory 32, a lock power supply 34, and a credential module 36. The access controller 16a is responsive to credentials received from (and stored on) the device 12.

[0073] Upon receiving an appropriate credential category from the device 12, and validating this credential category using the credential module 36, the lock controller 24 commands the lock actuator 22 to lock or unlock a mechanical or electronic lock. The lock antenna 26 and transceiver 32 are together capable of transmitting and receiving data to and from at least the device 12 (such as the credential category); for example, via near field communication (NFC), Bluetooth, or Wi-Fi. The lock antenna 26 and transceiver 32 may also be used to communicate with the server 14 and/or other access controllers.

[0074] The device 12 includes an antenna 40, a transceiver 42, a processor 44, a memory 46, a GPS module 48, and a power supply 54. The transceiver 42 and antenna 40 are configured to communicate with those of the access controller 16a. The credential category of the device is stored in the memory 46 and transmitted to the access controller via the antenna 40 and transceiver 42.

[0075] In addition to the access controllers 16a, the transceiver 42 and the antenna 40 may also be used to communicate with the server 14. This allows the server to change the category of credential stored in the memory 46 of the device 12.

[0076] With reference to FIG. 3 and FIG. 4, a method of controlling access to a zone using the above system will be described.

[0077] FIG. 3 shows a schematic diagram of a zone 300, in this case a corridor of a backstage area, in which access is controlled. The corridor 300 is divided into three sub-zones 300a, 300b, 300c by a series of access points having access controllers 301a, 301b, 301c which control access to the sub-zones.

[0078] The access controllers 300a, 301b, 301c comprise the access controller features described above in relation to FIGS. 1 and 2 and are integrated into respective doors in the corridor 300. Each door is locked and unlocked by the respective lock actuator 22 of the access controller 300a, 301b, 301c and access is controlled via this locking and unlocking.

[0079] A first user 302 is shown in FIG. 3 and this first user is in possession of a device 12 being configured with a first category of credential (first entity category) and being identified by a first identifier. In this case, the first user 302 is a VIP (e.g. a music performer) and the first category of credential is reserved for VIPs only. The first user 302 is travelling to the right in FIG. 3.

[0080] A second user 303 is also shown in FIG. 3 and this second user 303 is also in possession of a device 12. However, their device 12 is configured with only a second category of credential (second entity category). In this case, the second 303 user is a member of the press and members of the press are only assigned devices with the second category of credential.

[0081] The access controllers 300a, 301b, 301c each have an associated first set of access rights and an associated second set of access rights. At any one time, the access controller is only set to one particular set of access rights (as discussed in more detail below) and at times, the access rights of each access controller 300a, 301b, 301c can be altered.

[0082] The first set of access rights includes permissions for users in possession of a device 12 having the first category of credential or the second category of credential to open the relevant door. However, the second set of access rights denies access to users in possession of a device 12 with the first category of security credential to open the relevant door, and denies access to users in possession of a device 12 having the second category of security credential (i.e. the second user 303 in this case).

[0083] The first and second set of access rights both also include permission for a third category of credential (third entity category) to open the relevant door. This third category is reserved for security staff in this case.

[0084] The second set of access rights deny permission for all entity categories (categories of credential) to access the zone, apart from the third category of credential (third entity category) mentioned above.

[0085] The first and second set of access rights are also configured to include an emergency override for allowing any entity entry into the zone through the first access point (i.e. door) in a state of emergency (e.g. when a fire alarm has been activated).

[0086] In the event that the first user 302 does not want to be followed by a second user 303, they may activate a secure-walk mode using their device 12. For example, this may be performed by the user using an application on their mobile telephone (as an example of a device 12). The device 12 then sends an initiating signal to the server 14 indicating that the secure-walk mode has been activated and the server 14 communicates this to each of the access controllers 300a, 301b, 301c. In response, the access controllers are placed in a secure-walk mode. It should be noted that this does not yet change the access rights of the access controllers. The initiating signal includes a first identifier (a unique identifier associated with the device) identifying the first user 302 as the user who has initiated the secure-walk mode. Optionally, only one user at any one time may activate a secure-walk mode.

[0087] In normal use (i.e. when the secure-walk mode has not yet been enabled by the first user 302) the access controllers 300a, 301b, 301c are all set to the first set of access rights and these access rights are not influenced or changed by the passage of a user through the relevant access controller. However, when placed in this secure-walk mode, the access rights of the access controllers 300a, 301b, 301c can be influenced by the passage of the first user 302 as described below.

[0088] Once the secure-walk mode has been enabled, if the first user 302 presents their device 12 to a first access controller 301a in order to gain access through the relevant access point, the device 12 sends a first signal including the first identifier and the first category of security credential to the access controller 301a, indicating that the first user 302 is at the relevant access point. The access controller 301a then checks and approves the credential category before unlocking the relevant door and allowing the first user to pass through, thus accessing a first sub-zone 300a. The access point closes behind the first user 302 after they have passed through, thus requiring any subsequent users to present their own device to the access controller 301a in order to gain access.

[0089] When in the secure-walk mode, in response to receiving the signal including the first identifier indicating that the first user 302 is at the first access point, the access controller 301a will switch the associated access rights to the second set of access rights for a predetermined time. The second set of access rights do not include permission for the second user 303 to pass through the first access point, thus preventing the second user 303 from following the first user 302 by passing through the first access point (during the predetermined time). In this example, the predetermined time is 30 s.

[0090] As discussed above, the second user 303 is one having a second category of credential (second entity category). However, entry to the zone for the second user 303 would also be denied if the second user 303 had the first category of credential (first entity category). Entities in the first entity category other than the first entity identified by the first identifier are denied entry to the zone, under the second set of access rights.

[0091] After the predetermined time has elapsed, the access rights of the first access controller revert back to the first set of access rights, thus allowing the second user 303 to pass through the relevant access point. However by this time, the first user 302 should have had time to exit the subzone 300a and so they cannot be followed.

[0092] It is important that the access rights are only changed to the second set of access rights temporarily in order to limit the detrimental effect this has on the movement of other users in the corridor.

[0093] Alternatively, or in addition to the use of a predetermined time, the access rights of the first access controller 301a may revert back to the first set of access rights based on the first user 302 reaching a predetermined location. For example, when it is known that the user has left the relevant sub-zone 300a. This could be determined by the server 14 when the first user 302 reaches another access point having an access controller 301b, 301c or by the server 14 monitoring a GPS location of the device 12 of the first user 302 and, using geofencing, establishing when the user has left the sub-zone 300a.

[0094] The first user 302 may also end the secure-walk mode using their device 12, for example using the application on their mobile telephone described earlier. The device 12 then sends a terminating signal to the server 14 indicating that the secure-walk mode has been de-activated and the server 14 communicates this to each of the access controllers 300a, 301b, 301c. In response, the access controllers 300a, 301b, 301c are removed from the secure-walk mode and placed in a normal mode, reverting back to the first set of access rights.

[0095] The sub-zone 300a may be accessed via a plurality of access points each having access controllers, for example via additional, similar doors from rooms along the corridor (not shown). In response to receiving the signal indicating that the first user 302 is at the first access point, each of the plurality of access controllers may switch the associated access rights to the second set of access rights for a predetermined time, thus preventing another user with the second category of credential (or in fact any category of credential other than the third category) from passing through any of the other access points within the predetermined time. In effect, this restricts access to the entire sub-zone 300a. This prevents the first user from not only being followed, but also being intercepted in the zone via a different access point into the zone.

[0096] Once the first user 302 has passed through the first access point and the first sub-zone 300a they may perform a similar process at a second access point having a second access controller 301b to access a second sub-zone 300b. A similar method is followed to that described above, thus changing the access rights of the second access controller 301b to the second set of access rights and restricting access to the second sub-zone 300b. The same applies to subsequent access points having access controllers 301c as long as the secure-walk mode is enabled. Thus, the same method can be applied for a number, or series of other zones. In this manner, the zone in which access is restricted can in essence follow the first user 302 through the corridor 300. As such, the overall zone in which access is controlled can be thought of as being dynamic, comprising a selection of a number of predetermined sub-zones 300a, 300b, 300c; the selection depending on the location and/or movement of the first user 302. Thus, the overall zone has no fixed borders and instead follows the first user.

[0097] A flowchart of a method 400 of controlling access to a zone via an access point having an access controller 16, 301 is shown in FIG. 4. The method is similar to that described above in relation to FIG. 3. The method begins at step 401, with the user activating a secure-walk mode using their device 12. The device 12 sends an initiating signal to the server 14 indicating that the secure-walk mode has been activated and the server 14 communicates this to each of the access controllers 16, 301. In response, the access controllers 16, 301 are placed in a secure-walk mode.

[0098] When the user approaches an access point having an access controller 16, 301 and presents their device 12 to the access controller, the method proceeds to step 402 in which the device 12 sends a first signal including the first identifier and stored first credential category to the access controller 16, 301. This first signal indicates that the user is at the access point.

[0099] At step 403, the access controller checks the identifier and credential category and, if the category is associated with permission to unlock the door, approves the credential category before unlocking a respective door and allowing the user to pass through. The access controller 16, 301 closes behind the user after they have passed through, thus requiring any subsequent users to present their own device 12 to the access controller 16, 301 in order to gain access. At step 404, in response to receiving the first signal including the first identifier from the device 12 indicating that the user is at the access point, the access controller will also switch the associated access rights to the second set of access rights, thus restricting access as previously described.

[0100] The time that has elapsed from the moment at which the first signal is received at the access controller 16, 301 is monitored and at step 405 it is determined whether or not a predetermined time (e.g. 30s) has expired. If so, the method proceeds to step 408 and the access rights of the first access controller revert back to the first set of access rights. If the predetermined time has not expired the method proceeds to step 406.

[0101] In step 406, it is determined whether or not the user has reached a predetermined location. If the user has reached a predetermined location the method proceeds to step 408 and the access rights of the first access controller revert back to the first set of access rights. As discussed previously in relation to FIG. 3, this may occur when it is known that the user has left the relevant sub-zone 300a, 300b, 300c. This could be determined by the server 14 when the first user 302 reaches another access point having an access controller 16, 301 or alternatively, the server 14 could monitor a GPS location of the device 12 and, using geofencing, establishing when the user has left the relevant sub-zone 300a, 300b, 300c.

[0102] If the user has not reached a predetermined location the method proceeds to step 407, where it is checked whether or not the user has terminated the secure-walk mode using the device 12. If so, the method proceeds to step 408 and the access rights of the first access controller revert back to the first set of access rights. If not, the method returns to step 405 to check once again whether the predetermined time has expired. This cycle of steps 405 to 407 continues until one of the conditions is met (e.g., the user is at a predetermined location or the secure walk mode has been terminated by the user) and the method ends at step 408.

[0103] In some embodiments, steps 406 and 407 may be omitted, such that the access rights revert from the first set of access rights to the second set of access rights simply on expiry of the predetermined time.

METHOD OF CONTROLLING ACCESS

Inventors

Cpc classification

Classification Explorer

G07C2009/00507

PHYSICS

Classification Explorer

G07C9/00309

PHYSICS

Classification Explorer

G07C9/20

PHYSICS

Classification Explorer

G07C2009/00365

PHYSICS

Classification Explorer

G07C9/28

PHYSICS

Classification Explorer

G07C2209/04

PHYSICS

Classification Explorer

G07C9/25

PHYSICS

Classification Explorer

G07C2009/00341

PHYSICS

Classification Explorer

G07C2009/00412

PHYSICS

Classification Explorer

G07C9/27

PHYSICS

International classification

Classification Explorer

G07C9/25

PHYSICS

Classification Explorer

G07C9/00

PHYSICS

Abstract

Claims

Description