Method and system for controlling a physical object to be shared by several potential users

Abstract

An embodiment method for controlling a physical object to be shared by several potential users and in an enclosure in an open state or in a closed state includes detecting a presence or an absence of the object in the enclosure in the closed state via a first wireless link between the object and a reader situated in the enclosure, the first wireless link being contained in the enclosure in the closed state. The method also includes transmitting a first information item representative of the presence or of the absence of the object in the enclosure to a computer server via a second link and an internet network, the computer server being accessible via a website configured to be managed by an administrator.

Claims

1. A method comprising: having a physical object to be shared by several potential users; having an enclosure that has an open state and a closed state, the enclosure allowing access to the physical object in the open state and prohibiting access to the physical object in the closed state; detecting a presence or an absence of the object in the enclosure in the closed state via a first link between the physical object and a reader situated in the enclosure, the first link being contained in the enclosure in the closed state, the first link being based on a low power short-range wireless communication network technology, wherein detecting the presence or the absence of the physical object comprises capturing an image of an internal content of the enclosure when the enclosure switches from the open state to the closed state and transmitting the image to a computer server; transmitting a first information item representative of the presence or of the absence of the physical object in the enclosure to the computer server that is remote from the enclosure, via a second link and an internet network, the computer server being accessible via a website configured to be managed by an administrator, the second link being based on a low power wide-area communication network technology; and managing access control of the enclosure from the website via the internet network and the second link and via a third channel between the administrator and an actual user of the physical object, wherein managing access control comprises: generating a reference opening code of the enclosure, the reference opening code comprising a period of validity preconfigured by the administrator; transmitting the reference code to the actual user by the administrator via the third channel; receiving an opening code on an input interface coupled to the enclosure; transmitting the opening code to the computer server via the second link and the internet network; comparing, at the computer server, the reference opening code transmitted and the transmitted opening code received by the computer server; obtaining an authorization or a refusal to open the enclosure as a function of a result of the comparing and a corporeal characteristic of an authorized user of the physical object, and wherein the corporeal characteristic comprises at a voice signature, a facial image, or an iris print; and transmitting, from the computer server to the enclosure, a second information item representative of the authorization or the refusal to the enclosure via the internet network and the second link.

2. The method according to claim 1, wherein the reference opening code comprises a password.

3. The method according to claim 1, wherein managing the access control comprises: storing a reference corporeal characteristic in the computer server via the website; collecting corporeal characteristic on a collection interface coupled to the enclosure; transmitting the collected corporeal characteristic to the computer server via the second link and the internet network; comparing the reference corporeal characteristic and the collected corporeal characteristic so as to obtain an authorization or a refusal to open the enclosure as a function of a result of the comparing; and transmitting a second information item representative of the authorization or the refusal to the enclosure via the internet network and the second link.

4. The method according to claim 1, wherein managing the access control further comprises detecting the open state or the closed state of the enclosure, and transmitting a third information item representative of the open state or the closed state after each change from the open state or the closed state of the enclosure to the computer server via the second link and the internet network.

5. The method according to claim 1, further comprising detecting a physical parameter of the enclosure, and transmitting a fourth information item representative of the physical parameter after each change of the physical parameter to the computer server via the second link and the internet network.

6. The method according to claim 5, wherein the physical parameter comprises temperature, position, humidity, or acceleration of the enclosure, or a level of charge of a battery of the enclosure.

7. The method according to claim 1, wherein the low power short-range wireless communication network technology comprises Bluetooth SMART, and wherein the low power wide-area wireless communication network technology comprises LoRa, or SigFox.

8. The method according to claim 1, wherein the reference opening code comprises a Bluetooth authentication code.

9. The method according to claim 1, wherein the reference opening code comprises an near field communication (NFC) identification code.

10. The method according to claim 1, wherein the reference opening code comprises a barcode.

11. The method according to claim 1, wherein the reference opening code comprises a quick response (QR) code.

12. A system, comprising: an enclosure in one of an open state or a closed state, the enclosure configured to store a physical object to be shared by several users; a reader configured to establish a first link with the physical object, the physical object being equipped with a module configured to cooperate with the reader via the first link, the enclosure being further configured such that the first link remains contained in the enclosure in the closed state, the first link being based on a low power short-range wireless communication network technology; a communications circuit comprising a long-range transceiver, the communication circuit configured to establish a second link between the enclosure and an internet network, the second link being based on a low power wide-area wireless communication network technology; a processor configured to detect a presence or an absence of the physical object in the enclosure in the closed state via the first link, and to transmit a first information item representative of the presence or of the absence of the physical object to a computer server, remote from the physical object and the enclosure, via the internet network and the second link, wherein the processor is configured to obtain an authorization or a refusal to open the enclosure as a function of a comparison, at the computer server, between a reference code and an opening code entered by at least one of the several users, wherein all of the components of the reader, the communications circuit, and the processor are disposed within the enclosure; an image-capture device configured to capture an image of an internal content of the enclosure when the enclosure switches from the open state to the closed state so as to detect the presence or the absence of the object, wherein the processor is configured to transmit the image to the computer server; and a collection interface configured to collect a corporeal characteristic of an authorized user of the enclosure, wherein the corporeal characteristic comprises at a voice signature, a facial image, or an iris print.

13. The system according to claim 12, wherein the enclosure comprises a sensor configured to detect a physical parameter of the enclosure, wherein the processor is further configured to transmit a second information item representative of the physical parameter after each change of the physical parameter to the computer server via the second link and the internet network.

14. The system according to claim 13, wherein the physical parameter comprises temperature, position, humidity, acceleration of the enclosure, or a level of charge of a battery of the enclosure.

15. The system according to claim 12, wherein the reader is compatible with Bluetooth SMART, and wherein the communications circuit is compatible with LoRa, or SigFox.

16. The system according to claim 12, wherein the enclosure comprises a metal safe.

17. The system according to claim 12, wherein the processor comprises a microcontroller.

18. The system according to claim 12, wherein the reader is comprised in an integrated circuit.

19. The system according to claim 12, wherein the communications circuit is comprises in an integrated circuit.

20. A system, comprising: an enclosure in one of an open state or a closed state, the enclosure configured to store a physical object to be shared by several users; a computer server remote from the enclosure, accessible via a website, and configured to be managed by an administrator; a reader configured to establish a first link with the physical object, the physical object being equipped with a module configured to cooperate with the reader via the first link, the enclosure being further configured such that the first link remains contained in the enclosure in the closed state, the first link being based on a low power short-range wireless communication network technology; a communications circuit comprising a long-range transceiver, the communication circuit configured to establish a second link between the enclosure and an internet network, the second link being based on a low power wide-area wireless communication network technology; and a processor configured to detect a presence or an absence of the physical object in the enclosure in the closed state via the first link, and to transmit a first information item representative of the presence or of the absence of the physical object to the computer server via the internet network and the second link, the computer server being further configured to manage access control of the enclosure from the website via the internet network and the second link, wherein the computer server is further configured to manage the access control via a third channel between the administrator and an actual user of the physical object, wherein the computer server is configured to generate a reference opening code of the enclosure and to transmit the reference opening code to the actual user via the third channel; an image-capture device configured to capture an image of an internal content of the enclosure when the enclosure switches from the open state to the closed state so as to detect the presence or the absence of the object, wherein the processor is configured to transmit the image to the computer server; a collection interface configured to collect a corporeal characteristic of an authorized user of the enclosure, wherein the corporeal characteristic comprises at a voice signature, a facial image, or an iris print, wherein all components of the reader, the communications circuit, the processor, and the image-capture device are disposed in the enclosure; wherein the enclosure comprises an input interface configured to receive an opening code; wherein the processor is configured to transmit the opening code to the computer server via the second link and the internet network, the opening code comprising a period of validity preconfigured by the administrator; wherein the computer server is further configured to compare the reference opening code and the opening code received so as to obtain an authorization or a refusal to open the enclosure as a function of a result of the comparison; and wherein the server is further configured to transmit a second information item representative of the authorization or the refusal to the enclosure via the internet network and the second link.

21. The system according to claim 20, wherein the reference opening code comprises a password, a Bluetooth authentication code, an NFC identification code, a barcode, or a QR code.

22. The system according to claim 20, wherein the computer server is configured to store a reference corporeal characteristic; wherein the processor is configured to transmit the collected corporeal characteristic to the server via the second link and the internet network; and wherein the computer server is further configured to compare the reference corporeal characteristic and the collected corporeal characteristic so as to obtain an authorization or a refusal to open the enclosure as a function of a result of the comparing, and to transmit a second information item representative of the authorization or the refusal to the enclosure via the internet network and the second link.

23. The system according to claim 20, wherein the enclosure further comprises a detector configured to determine the open state or the closed state of the enclosure, and wherein the processor is further configured to transmit a third information item representative of the open state or the closed state after each change from the open state or the closed state of the enclosure to the computer server via the second link and the internet network.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) Other advantages and features of various embodiments will become apparent on studying the details of non-limiting implementations and embodiments, and the attached drawings in which:

(2) FIGS. 1 to 5 schematically illustrate implementations and embodiments of a system for controlling an object designed to be shared by several potential users.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

(3) FIG. 1 schematically illustrates an example of a system 1, according to an embodiment, designed to store at least one physical object 2 to be shared by several users. The object 2 may include a dwelling key, a car key, or a jewel of high value, and the system 1 may be configured to grant an actual user access to each object 2 to be shared under access control.

(4) The system 1 includes at least one enclosure, here a secured enclosure 3, for example, at least one metal safe C1 and C2. Each secured enclosure 3 includes an open state OS and a closed state CS. The system 1 also includes the object 2, for example, at least one rented dwelling key 2, designed to be shared by users, for example, dwelling tenants, and designed to be deposited in the at least one safe 3. The system 1 further includes at least one computer server 4, for example, a cloud computing services server, accessible via a website 5 and configured to be managed by an administrator, for example, an owner of a dwelling intended to be rented out.

(5) It should be noted that each enclosure C1 and C2 can have a different size so as to store the object 2 to be shared that has a size suited to this enclosure. It should also be noted that each computer server 4 can also be accessible via application software 5 (website) developed, for example, for a mobile electronic apparatus such as smartphone or a digital tablet.

(6) The access controls of each safe 3 may be performed by the computer server 4 via the website 5 by using security protocols.

(7) Consequently, the administrator of the system can remotely track the presence or the absence of the object 2 and the open or closed state of each safe 3 via the website 5 without having to physically meet the users.

(8) Reference is now made to FIG. 2 to illustrate in more detail an example of the structure of the system 1 according to an embodiment.

(9) For simplicity, the system 1 illustrated in FIG. 2 includes, as a non-limiting example, one metal safe 3, a dwelling key 2 designed to be shared by users and to be deposited in the safe 3, and a cloud computing services server 4 that can be managed remotely by an administrator of the system 1 via an associated website 5.

(10) More specifically, the safe 3 includes a reader 6 configured to establish, between the key 2 and the reader 6, a first wireless link, for example, a short-range wireless link based on the wireless communication technology conforming to the Bluetooth version 4.0 and above standard, commonly known to those skilled in the art as Bluetooth SMART or Bluetooth Low Energy. As an indication but in a non-limiting manner, the reader 6 of the system 1 is incorporated in a dedicated integrated circuit, for example, the extension card marketed by the company STMicroelectronics under the reference X-NUCLEO-IDB05A1.

(11) In order to establish the first link, the object 2 is equipped with a module 7, for example, a tag 7 compatible with the Bluetooth SMART technology. The energy consumption of this tag 7 and of the reader 6 is advantageously low by virtue of the use of this Bluetooth SMART technology.

(12) It should be noted that it is perfectly possible to use other technologies such as near field communication (NFC), the one compatible with the IEEE 802.15.1 standard and that of the radiofrequency identification (RFID) type to establish the first link.

(13) Moreover, the walls of the safe 3 are metal, which makes it possible, in the closed state CS of the safe 3, to completely contain the first wireless link in the safe 3.

(14) Thus, if the safe 3 is closed, it is not possible to detect the object 2 which would be taken in error or fraudulently out of the safe 3.

(15) The safe 3 also includes communications circuit 8 (e.g., communication means 8) configured to establish a second link between the safe 3 and an internet network.

(16) The second link is, in contrast to the first wireless link, based on a long-range communication technology, for example, LoRa or SigFox, so as to obtain fewer constraints on the position of the safe 3 because the LoRa or SigFox network advantageously allows a wide national coverage and low energy consumption. When the safe 3 is placed in a nearby position in a building or in the basement of a building, the second link can be based on a conventional communication technology such as WiFi or Ethernet.

(17) In the case where the second link is based on a wireless communication technology, the communications circuit 8 can further include a communication antenna situated outside the safe 3 (e.g. attached to an outer wall of the safe 3).

(18) It should be noted that the second link is established only when necessary so as to reduce the overall energy consumption of the system 1. By virtue of this low-consumption feature and the use of the technology based on Bluetooth SMART, the safe 3 can, for example, be powered by a battery, by electrical mains or simply by an Ethernet cable connected to an internet network.

(19) Advantageously, the fact that the safe 3 can be powered by a battery allows for the safe to be installed in a place far from an electrical infrastructure.

(20) As an example, the communications circuit 8 of the system 1 are incorporated in a dedicated integrated circuit, for example the long-range transceiver compatible with the LoRa technology marketed by the company SEMTECH under the reference SX1272 LoRa.

(21) The safe 3 further includes an additional detector 9 (e.g., detection means), for example, a door opening and closure sensor, configured to detect the open state OS or the closed state CS of the safe 3. The safe 3 additionally includes processor 10, a microcontroller of the STM32 type marketed by the company STMicroelectronics. The processor 10 is configured to perform the detection of the presence or the absence of the key 2 in the safe 3 via the first link when the closed state is detected by the additional detector 9 and to transmit to the server 4 a first signal S1 representative of the presence or of the absence of the key 2 in the safe 3.

(22) The safe 3 can further include at least one sensor, for example, a sensor 11, configured to detect at least one physical parameter of the safe 3, for example, the temperature, the position, the humidity, the acceleration, and, when the safe 3 includes at least one battery, the level of charge of each battery.

(23) These physical parameters of the safe 3 are notably useful for the administrator in order to quantitatively track the physical states of the safe 3 and detect any malicious act against the safe 3. The processor 10 is further configured to transmit to the server 4 a fourth signal S4 representative of each physical parameter. The administrator can remotely consult the fourth signal S4 at any moment and receive a notification, even an alert, delivered by the server 4 as soon as an anomaly on each physical parameter is detected.

(24) As an example, the detection of an abrupt acceleration of the safe 3 can provoke a transmission of an alert relating to an attempt to move the safe 3.

(25) The safe 3 also includes an input interface 12, for example, an entry keypad and a display screen, situated, for example, on a front surface of the safe 3 and configured to receive an opening code entered by a user via the entry keypad.

(26) It should be noted that the processor 10 may be configured to activate the reader 6 and the communications circuit 8 only when necessary, that is to say, on exchanges of data with the computer server 4 so as to further reduce the overall energy consumption of the system 1.

(27) Reference is now made to FIG. 3 to illustrate a method for controlling the key 2 with the system 1 illustrated in FIG. 2.

(28) In a particular case where a tenant would ask the owner to give him or her the key 2 to a rented dwelling in order to have access to this dwelling, the owner can deposit the key 2 beforehand in the safe 3 and perform access control management of the safe 3 via the website 5.

(29) In a first step STP1, a reference opening code ROC dedicated to this user is generated by the computer server 4 at the request of the owner. In other words, each user, here each tenant, can receive his or her own reference opening code ROC, possibly with a period of validity preconfigured by the owner via the computer server 4.

(30) The reference opening code ROC can, for example, be at least one of a password, a Bluetooth authentication code, an NFC identification code, a barcode, or a QR (Quick Response) code.

(31) This reference opening code ROC is then transmitted to the user, for example, via a third channel, for example, a text (Short Message Service, SMS) or an email (STP2).

(32) Having arrived in proximity to the safe 3, the user can enter an opening code EOC on the input interface 12 of the safe 3 in a third step STP3. The processor 10 is configured to transmit the opening code EOC entered by the user to the computer server 4 (STP4) via the second link and the internet network.

(33) The server 4 is then configured to perform a fifth step STP5 of comparing the reference opening code ROC transmitted to the user and the opening code EOC entered by the user and received by the computer server 4.

(34) In the case where the entered opening code EOC is the same as the reference opening code ROC, the server 4 is configured to authorize access to the safe 3. Otherwise, the access to the safe 3 is refused by the server 4 (STP6).

(35) In a seventh step STP7, a second signal S2 representative of the authorization or of the refusal is delivered by the server 4 to the safe 3 so as to grant access to the safe 3 or to display a false code message on the input interface 12.

(36) Moreover, all the attempts to access the safe 3 are stored on the server 4 and can be consulted via the website 5. The owner can, for example, be notified via a text (SMS) or an email after three incorrect attempts to access the safe 3.

(37) It should be noted that all the communications between the safe 3 and the server 4 are secured with conventional security protocols. The access of the administrator to the server 4 is, for example, protected by a conventional password or a dynamic password associated with a mobile phone of the owner.

(38) In the case where the user has incorrectly entered the reference opening code ROC, the request to access the safe 3 is refused by the server 4 and the safe 3 remains in the closed state CS (STP8). The user is then prompted to enter a new opening code again (STP3).

(39) Otherwise, the safe 3 will switch to the open state OS following the reception of the second signal S2 representative of the authorization (STP9). The processor 10 transmits a third signal S3 representative of the open state OS or closed stated CS of the safe 3 to the server 4 so as to signal each change from this open state OS or closed state CS.

(40) The user can then recover the key 2 with its tag 7 and reclose the door of the safe 3 so as to return the safe 3 to the closed state CS (STP10). Since the key 2 with its tag 7 is now outside of the safe 3, the first link can no longer be established between the key 2 with its tag 7 and the safe 3 because the first wireless link remains contained in the safe 3 in the closed state CS.

(41) In this case, the first signal S1 representative of the absence of the key 3 is transmitted by the processor 10 to the server 4 via the second link and the internet network and the third signal S3 representative of the closed state CS is also transmitted to the server 4 in order to update this open state OS or closed state CS of the safe 3 that can be consulted on the website 5 (STP11).

(42) If there are several keys or things to be shared in the safe 3, each key or thing is identified via the first link because each tag has a unique identity number. The administrator can therefore track the presence or the absence of each key or thing to be shared.

(43) In a variant, to address certain demanding security levels, the safe 3 can include a collection interface 13 in place of or in addition to the input interface 12, and an image-capture device 14, for example, a camera (FIG. 4).

(44) The collection interface 13 is configured to collect at least one corporeal characteristic of the user. As an indication, but in a non-limiting manner, each corporeal characteristic can be the voice, the face, a fingerprint or an iris print of the user.

(45) This collection interface 13 is arranged, for example, on a face of the enclosure 3 or is coupled to this enclosure 3. Its structure is suited to the type of corporeal characteristic collected.

(46) Referring to FIG. 5, there now follows a description of a method for controlling the key 2 with the system 1 according to the embodiment illustrated in FIG. 4.

(47) According to this embodiment and the associated control method, potential users of the system 1 are prompted to pre-store their at least one reference corporeal characteristic RCC in a memory of the computer server 4 (STP1V).

(48) Since each user has his or her own reference corporeal characteristic RCC, a transmission of the reference corporeal characteristic RCC from the server 4 to the user is not therefore necessary.

(49) When a user arrives close to the safe 3, at least one corporeal characteristic CCC of the user can be collected via the collection interface 13 (STP2V).

(50) The processor 10 is then configured to transit to the server 4 each collected corporeal characteristic CCC via the second link and the internet network (STP3V).

(51) A comparison between each reference corporeal characteristic RCC prestored and each collected corporeal characteristic CCC received is performed by the server 4 (STP4V).

(52) The server 4 is further configured to determine an authorization or a refusal to open the safe 3 as a function of the result of the comparison (STP5V).

(53) The second signal S2 representative of the authorization or of the refusal is then delivered by the server 4 to the safe 3 via the second link and the internet network (STP6V).

(54) If the recognition of each corporeal characteristic is not successful on the server 4, the access to the safe 3 is therefore refused and the safe 3 remains in the closed state CS (STP7V). The user is then prompted to begin the step of collection (STP2V) of each corporeal characteristic.

(55) Otherwise, the server 4 authorizes the access to the safe 3 and the safe 3 switches to the open state OS following the reception of the second signal S2 representative of the authorization (STP8V). The processor 10 transmits a third signal S3 representative of the open state OS or closed state CS of the safe 3 to the server 4 so as to signal each change from this open state OS or closed state CS.

(56) The user can then recover the key 2 with its tag 7 and reclose the door of the safe 3 so as to return the safe 3 to the closed state CS (STP9V).

(57) The image-capture device 14 is then configured to take a photo of the internal content of the safe 3 following the closure of the door of the safe 3 (STP10V).

(58) In effect, this image-capture device 14 is configured to remotely provide a real view of the internal content of the safe 3 in a case where the user has taken or returned the tag 7 of the key 3 without the key 3. In other words, the tag 7 has been removed from the key 3.

(59) The processor 10 is further configured to transmit this photo of the internal content to the server 4 via the second link and the internet network, so as to allow the administrator to view this photo and remotely re-check the presence or the absence of the key 2 (STP11V).

(60) In the case of the absence of the key 2 and of the tag 7, the first signal S1 representative of the absence of the key 3 is transmitted by the processor 10 to the server 4 via the second link and the internet network, and the third signal S3 representative of the closed state CS is also transmitted to the server 4 in order to update this open state OS or closed state CS of the safe 3 that can be consulted on the website 5 (STP12V).

(61) In the case of the incomplete presence or absence of the key 2 according to the photo taken by the image-capture device 14, the administrator is prompted to directly contact the last user who has had access to the safe (STP13V). Since the user and the moment of each access are stored and can be consulted on the computer server 4, the administrator can easily identify the last user in question.

(62) Advantageously, in the case of errors including, in a non-limiting manner, the following cases: door of the safe 3 not closed, entered opening code incomplete, unknown tag presented in the safe 3, the processor 10 is further configured to transmit this error information to the server 4 via the second link and the internet network, which allows the administrator to consult and remotely mange manage this error information.

(63) Thus, a system is obtained which includes at least one connected object designed to be shared by several users and designed to be deposited in at least one enclosure, which allows the administrator of the system to remotely track the presence or the absence of each thing, the open or closed state and physical parameters of each enclosure.

(64) Since all the management of the access control is performed via a computer server, it does not require any extensive modification on existing enclosures.

(65) The use of a reader compatible with the Bluetooth SMART technology and of communications circuit compatible with technology such as LoRa or SigFOX advantageously makes it possible to obtain greater freedom on the place of installation of the safe and the scope of application of such a system.

(66) Furthermore, through the use of these low-consumption technologies: Bluetooth SMART, LoRa and SigFox, and the activation of the reader and of the communications circuit only in case of need, such a system consumes very little and can advantageously be powered by a battery. Obviously such a system can also have a hybrid power supply: electrical mains and battery. Moreover, in case of placement of an enclosure outdoors, such a system can advantageously use a battery that can be recharged by photovoltaic panels.

(67) The enclosure may be different from a safe and its metal nature is only a non-limiting example of a structure making it possible to contain a wireless link inside the enclosure. It would, for example, be possible to use a Faraday cage or a meshing embedded in the walls of the enclosure.