公开(公告)号：US20210203613A1

公开(公告)日：2021-07-01

申请号：US16731922

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Emil Selinder ,  Johan Rönnåker

IPC: H04L12/911

Abstract: A method may include receiving a request to define a primary resource. The primary resource may enable access to a primary handler that corresponds to a logical entity that controls a device or a port or another resource. The method may include identifying a primary domain object for the primary resource. The primary domain object maps the primary resource to the primary handler. The primary domain object represents a state of the primary resource. The method may include identifying an interface for the primary resource. The interface may be configured to receive a command through a link from a client. The method may include receiving a state request associated with the interface for the primary resource, wherein the primary domain object handler is configured to send a state message indicating the state of the primary resource in response to the request.

公开(公告)号：US20210200829A1

公开(公告)日：2021-07-01

申请号：US16731892

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Johan Rönnåker ,  Emil Selinder

IPC: G06F16/955 ,  G06F16/953

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to receive an instruction from an administration device; identify a link selector in the instruction, wherein the link selector corresponds to an attribute of a first domain object that specifies how a target resource of a second domain is to be controlled by the first domain object; and query a database of contracts to determine that target resource is able to fulfill the contract, based on contracts associated with the target resource. The processor may be further configured to generate a resource contract between the first domain object and the target resource of the second domain object and enable the first domain object to communicate with the target resource of the second domain object in accordance with the generated resource contract.

公开(公告)号：US20170257377A1

公开(公告)日：2017-09-07

申请号：US15449365

申请日：2017-03-03

Applicant: Axis AB

Inventor： Einar Vading ,  Ingemar Larsson ,  Julius Borcea ,  Pia Hantoft ,  Johan Adolfsson ,  Robert Rosengren ,  Marcus Johansson ,  Emil Selinder

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/104 ,  G06F21/604 ,  H04L63/108 ,  H04L67/22

Abstract: A method and a device for delegating access rights in a system which is configured to handle access rights of users to resources in the system is disclosed. The method comprises assigning a first access right to a first user; appointing a pool of one or more users serving as deputies for the first user; checking if the first user, during a predefined period of time, has refrained from performing a predefined activity with respect to the resources; and if so, delegating the first access right to a user in the pool.

公开(公告)号：US11539642B2

公开(公告)日：2022-12-27

申请号：US16731913

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Emil Selinder

IPC: H04L47/70 ,  H04L47/783 ,  H04L47/78

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to receive an instruction from an administration device; identify a link selector in the instruction that corresponds to a resource attribute of a first resource that specifies how a second resource is to be controlled by the first resource; query a database of contracts between resources to determine that the second resource is available to be controlled by the first resource, based on resource contracts associated with the second resource. The processor may be further configured to generate a resource contract between the first resource and the second resource that indicates the second resource is controlled by the first resource and enable the first resource to communicate with the second resource in accordance with the generated resource contract.

公开(公告)号：US11126681B2

公开(公告)日：2021-09-21

申请号：US16731892

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Johan Rönnåker ,  Emil Selinder

IPC: G06F16/00 ,  G06F16/955 ,  G06F16/953

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to receive an instruction from an administration device; identify a link selector in the instruction, wherein the link selector corresponds to an attribute of a first domain object that specifies how a target resource of a second domain is to be controlled by the first domain object; and query a database of contracts to determine that target resource is able to fulfill the contract, based on contracts associated with the target resource. The processor may be further configured to generate a resource contract between the first domain object and the target resource of the second domain object and enable the first domain object to communicate with the target resource of the second domain object in accordance with the generated resource contract.

公开(公告)号：US20210203617A1

公开(公告)日：2021-07-01

申请号：US16731913

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Emil Selinder

IPC: H04L12/911

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to receive an instruction from an administration device; identify a link selector in the instruction that corresponds to a resource attribute of a first resource that specifies how a second resource is to be controlled by the first resource; query a database of contracts between resources to determine that the second resource is available to be controlled by the first resource, based on resource contracts associated with the second resource. The processor may be further configured to generate a resource contract between the first resource and the second resource that indicates the second resource is controlled by the first resource and enable the first resource to communicate with the second resource in accordance with the generated resource contract.

公开(公告)号：US11082359B2

公开(公告)日：2021-08-03

申请号：US16731922

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Jon Malmquist ,  Emil Selinder ,  Johan Rönnåker

IPC: G06F15/173 ,  H04L12/911

Abstract: A method may include receiving a request to define a primary resource. The primary resource may enable access to a primary handler that corresponds to a logical entity that controls a device or a port or another resource. The method may include identifying a primary domain object for the primary resource. The primary domain object maps the primary resource to the primary handler. The primary domain object represents a state of the primary resource. The method may include identifying an interface for the primary resource. The interface may be configured to receive a command through a link from a client. The method may include receiving a state request associated with the interface for the primary resource, wherein the primary domain object handler is configured to send a state message indicating the state of the primary resource in response to the request.

公开(公告)号：US11048647B1

公开(公告)日：2021-06-29

申请号：US16731890

申请日：2019-12-31

Applicant: Axis AB

Inventor： Marcus Johansson ,  Emil Selinder ,  Jon Malmquist ,  Johan Rönnåker

IPC: G06F13/10

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to receive, from a configuration client device, a request to register a resource; and identify a domain object associated with the resource, wherein the domain object corresponds to a logical entity representing a device or port, or corresponds to a logical entity controlling another resource included in another domain object. The processor may be further configured to select a domain object handler for the identified domain object; register the identified domain object with the selected domain object handler; and use the selected domain object handler to process messages associated with the registered domain object.

公开(公告)号：US20150082033A1

公开(公告)日：2015-03-19

申请号：US14028236

申请日：2013-09-16

Applicant: Axis AB

Inventor： Mathias Bruce ,  Marcus Johansson

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06F9/54 ,  G06F2221/2141 ,  H04L63/08 ,  H04L63/20

Abstract: A controller device may correspond to a physical access controller in a distributed physical access control system. The controller device may include logic configured to obtain access to a global database that include access control information for a plurality of controller devices. The logic may be further configured to derive a local access rules table from the global database, wherein the local access rules table relates users to access rules, and wherein the local access rules table is encrypted with a local access rules key; and derive a local credentials table from the global database, wherein the local credentials table relates hashed credentials to users, wherein the local credentials table stores, for a user, the local access rules key encrypted with unhashed credentials associated with the user, wherein the unhashed credentials are not stored in the controller device.

Abstract translation: 控制器设备可以对应于分布式物理访问控制系统中的物理访问控制器。 控制器设备可以包括被配置为获得对包括多个控制器设备的访问控制信息的全局数据库的访问的逻辑。 逻辑可以被进一步配置为从全局数据库导出本地访问规则表，其中本地访问规则表将用户与访问规则相关联，并且其中本地访问规则表用本地访问规则密钥加密; 并且从全局数据库导出本地凭证表，其中本地凭证表将哈希凭证与用户相关联，其中本地凭证表存储用户使用与该用户相关联的未清除凭证加密的本地访问规则密钥，其中未捣毁 凭证不存储在控制器设备中。

公开(公告)号：US11196661B2

公开(公告)日：2021-12-07

申请号：US16731895

申请日：2019-12-31

Applicant: Axis AB

Inventor： Jon Malmquist ,  Johan Rönnåker ,  Emil Selinder ,  Mathias Bruce ,  Marcus Johansson

IPC: H04L12/733 ,  H04W76/12 ,  H04W76/11 ,  G07C9/27 ,  H04L12/46 ,  H04L12/709 ,  H04L29/06 ,  H04L29/08 ,  H04W4/021 ,  H04W88/04 ,  G07C9/00

Abstract: A device may include a memory storing instructions and a processor configured to execute the instructions to identify a communication link between a first domain object and a second domain object; identify a first endpoint associated with the first domain object and a second endpoint associated with the second domain object; and determine a location relationship between the first endpoint and the second endpoint. The processor may be further configured to select a communication mechanism based on the determined location relationship; instruct the first endpoint to communicate with the second endpoint using the selected communication mechanism; and instruct the second endpoint to communicate with the first endpoint using the selected communication mechanism.