公开(公告)号：US20190213810A1

公开(公告)日：2019-07-11

申请号：US16329673

申请日：2017-08-30

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG ,  Peter STENLUND

IPC: G07C9/00

Abstract: It is presented a method for controlling access to an access object. The method is performed in an access control device and comprises the steps of: receiving a user input to reset the access control device; generating a new identifier for the access control device, and discarding any previously used identifier for the access control device; communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a receiver; and granting access to the access object only when the plurality of delegations comprise a sequence of delegations covering a delegation path from the access control device, identified using the new identifier,to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the receiver of the last delegation is the electronic key.

公开(公告)号：US20190199728A1

公开(公告)日：2019-06-27

申请号：US16329662

申请日：2017-08-30

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG ,  Peter STENLUND

IPC: H04L29/06 ,  H04W12/08

CPC classification number: H04L63/101 ,  G07C9/00174 ,  G07C9/00571 ,  G07C9/00857 ,  G07C2009/00769 ,  G07C2009/00825 ,  G07C2009/00865 ,  H04L9/32 ,  H04L63/061 ,  H04L63/0884 ,  H04L63/10 ,  H04L63/108 ,  H04W12/08

Abstract: It is provided a method for controlling access to an access object. The method is performed in an electronic key device and comprises the steps of: communicating with an access control device to obtain an identity of the access control device; sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device; receiving a response from the server, the response comprising a key delegation to the electronic key device; and sending a grant access request to the access control device, the grant access request comprising the key delegation, to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations.

公开(公告)号：US20220230490A1

公开(公告)日：2022-07-21

申请号：US17714843

申请日：2022-04-06

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG ,  Peter STENLUND

IPC: G07C9/00 ,  H04L9/40 ,  H04L9/32 ,  H04W12/084

Abstract: It is provided a method for controlling access to an access object. The method is performed in an electronic key device and comprises the steps of: communicating with an access control device to obtain an identity of the access control device; sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device; receiving a response from the server, the response comprising a key delegation to the electronic key device; and sending a grant access request to the access control device, the grant access request comprising the key delegation, to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations.

公开(公告)号：US20210304540A1

公开(公告)日：2021-09-30

申请号：US17345234

申请日：2021-06-11

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG

IPC: G07C9/00 ,  G07C9/27 ,  G07C9/22 ,  H04W12/084 ,  H04L29/06

Abstract: It is presented a method for determining whether a user with a credential should be granted access to a physical space. The method is performed in an access control device and comprising identifying the credential presented to the access control device; obtaining a set of at least one assignment of a permission, associated with the physical space, to external organisations from a database; determining a credential organisation being associated with the credential; and granting access when, and only when, the permission is assigned to the credential organisation.

公开(公告)号：US20220028198A1

公开(公告)日：2022-01-27

申请号：US17413077

申请日：2019-12-18

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the S electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

公开(公告)号：US20200058180A1

公开(公告)日：2020-02-20

申请号：US16487163

申请日：2018-02-23

Applicant: ASSA ABLOY AB

Inventor： Håkan OLSSON ,  Frans LUNDBERG ,  Kenneth PERNYER ,  Sona SINGH ,  Stefan STRÖMBERG

IPC: G07C9/00 ,  H04L12/26 ,  H04L9/32 ,  H04L29/06

Abstract: It is provided a method for controlling access to a physical space. The method is performed in an access control device and comprises the steps of: communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations; determining, from one of the delegations, that there is an auxiliary condition, wherein the auxiliary condition is that access is approved for the electronic key by an auxiliary party, authenticated by a digital signature by the auxiliary party; and granting access to the physical space when the plurality of delegations comprises a sequence of delegations covering a delegation path from the access control device to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, the receiver of the last delegation is the electronic key, and the auxiliary condition is fulfilled.

公开(公告)号：US20230169812A1

公开(公告)日：2023-06-01

申请号：US18101823

申请日：2023-01-26

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

CPC classification number: G07C9/215 ,  G07C9/00309 ,  H04L9/3247 ,  G07C2009/00428

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

公开(公告)号：US20220122400A1

公开(公告)日：2022-04-21

申请号：US17298259

申请日：2019-12-17

Applicant: ASSA ABLOY AB

Inventor： Tomas JONSSON ,  Fredrik EINBERG ,  Sona SINGH ,  Johan VON MATERN ,  Frans LUNDBERG

IPC: G07C9/38 ,  G07C9/00 ,  H04W4/90 ,  H04L9/08

Abstract: It is provided a method for controlling access to a physical space using an emergency delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations wherein when two delegations are chained together, the delegatee of one delegation is the delegator of the next delegation; determining that a delegation in the chain of delegations is an emergency delegation, the emergency delegation indicating that access should only be granted when an emergency situation occurs; determining when an emergency situation occurs; and granting access to the physical space when the chain of delegations starts in the lock device and ends in the electronic key; and when the emergency situation occurs.

公开(公告)号：US20210241559A1

公开(公告)日：2021-08-05

申请号：US17234321

申请日：2021-04-19

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG ,  Peter STENLUND

IPC: G07C9/21 ,  G07C9/00 ,  H04L9/08 ,  G07C9/20

Abstract: It is presented a method for controlling access to an access object. The method is performed in an access control device and comprises the steps of: receiving a user input to reset the access control device; generating a new identifier for the access control device, and discarding any previously used identifier for the access control device; communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a receiver; and granting access to the access object only when the plurality of delegations comprise a sequence of delegations covering a delegation path from the access control device, identified using the new identifier, to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the receiver of the last delegation is the electronic key.

公开(公告)号：US20220311617A1

公开(公告)日：2022-09-29

申请号：US17620060

申请日：2020-06-22

Applicant: ASSA ABLOY AB

Inventor： Frans LUNDBERG

IPC: H04L9/32 ,  H04L9/40

Abstract: it is provided a method for performing a cryptographic signing operation of a data item. The method is performed in a server and comprises the steps of: receiving, from a smartcard reader, a request for a data item to be collectively signed, the request comprising an indication of the data item and an identifier of a smartcard, wherein the collective signing requires the use of both a smartcard secret key and a server secret key for the collective signature to be valid; establishing a secure channel with the smartcard; collaborating with the smartcard over the secure channel to provide a collective signature of the data item, wherein the server bases the signature on the data item and a server secret key, wherein the server secret key is specifically associated with the smartcard secret key, resulting in a collective signature; and sending the collective signature to the smartcard reader.