公开(公告)号：US11062542B2

公开(公告)日：2021-07-13

申请号：US15566160

申请日：2016-04-18

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg

IPC: G07C9/00 ,  G07C9/27 ,  G07C9/22 ,  H04W12/084 ,  H04L29/06 ,  G06F21/60 ,  H04W12/08

Abstract: It is presented a method for determining whether a user with a credential should be granted access to a physical space. The method is performed in an access control device and comprising the steps of: identifying the credential presented to the access control device; obtaining a set of at least one assignment of a permission, associated with the physical space, to external organisations from a database; determining a credential organisation being associated with the credential; and granting access when, and only when, the permission is assigned to the credential organisation.

公开(公告)号：US20250023726A1

公开(公告)日：2025-01-16

申请号：US18704524

申请日：2022-10-26

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg ,  Martin Kaufmann ,  Adam Augustyn

IPC: H04L9/08 ,  H04L9/32

Abstract: It is provided a method for performing an action by an electronic device (2), based on a first partial secret key (10a) and a corresponding second partial secret key (10b), wherein the first partial secret key (10a) and the second partial secret key (10b) form part of a threshold cryptography scheme (11) associated with a public key (12). The method comprises: transmitting (40), upon the device initialising, a request for a first partial secret key (10a) to a key server (3); receiving (42) the first partial secret key (10a) from the key server (3); storing (44) the first partial secret key (10a) only in volatile memory (70); retrieving (46) a second partial secret key (10b) from non-volatile memory (71); and performing (48) an action based on applying both the first partial secret key (10a) and the second partial secret key (10b).

公开(公告)号：US11763618B2

公开(公告)日：2023-09-19

申请号：US17234321

申请日：2021-04-19

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg ,  Peter Stenlund

IPC: G07C9/21 ,  G07C9/00 ,  H04L9/08 ,  G07C9/20 ,  H04L9/00

CPC classification number: G07C9/21 ,  G07C9/00174 ,  G07C9/20 ,  H04L9/088 ,  G07C2009/00769 ,  G07C2009/00865 ,  G07C2009/00873 ,  G07C2209/04 ,  H04L9/50

Abstract: It is presented a method for controlling access to an access object. The method is performed in an access control device and comprises the steps of: receiving a user input to reset the access control device; generating a new identifier for the access control device, and discarding any previously used identifier for the access control device; communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a receiver; and granting access to the access object only when the plurality of delegations comprise a sequence of delegations covering a delegation path from the access control device, identified using the new identifier, to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the receiver of the last delegation is the electronic key.

公开(公告)号：US20240321029A1

公开(公告)日：2024-09-26

申请号：US18547017

申请日：2022-02-17

Applicant: ASSA ABLOY AB

Inventor： Gustav Ryd ,  Frans Lundberg

IPC: G07C9/27

CPC classification number: G07C9/27

Abstract: It is provided a method for handling access rights for access to a physical space (16a-g), comprising: communicating (40) with a credential (2) of a user (5), based on short-range wireless communication; determining (42) that the credential (2) does not currently have access rights to access the physical space (16a-g); finding (44) a communication address to a superior (6) to the user (5); generating (46) an increased-access request message, comprising a link that, when activated, adds a first access role to the user (5); sending (48) the increased-access request message to the address of the superior (6); receiving (50) an indication that the superior has activated the link, adding the first access role to the user (5); and granting (52) access for the user (5) to the physical space (16a-g).

公开(公告)号：US20240021035A1

公开(公告)日：2024-01-18

申请号：US18476732

申请日：2023-09-28

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

CPC classification number: G07C9/215 ,  G07C9/00309 ,  H04L9/3247 ,  G07C2009/00428

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

公开(公告)号：US11870887B2

公开(公告)日：2024-01-09

申请号：US17057802

申请日：2019-06-27

Applicant: ASSA ABLOY AB

Inventor： Håkan Olsson ,  Frans Lundberg

IPC: H04L9/08

CPC classification number: H04L9/0825 ,  H04L9/083 ,  H04L9/0894

Abstract: It is provided a method for managing central secret keys of a plurality of user devices associated with a single public key. The method is performed in a key manager and comprises the steps of: receiving, from a first user device, transformation data and an identifier of a second user device; obtaining a first central secret key associated with the first user device; generating a second central secret key by applying the transformation data to the first central secret key, wherein the transformation data is applied in reverse to how the same transformation data is applied by the first user device to a device secret key of the first user device; and storing the second central secret key in association with the second user device.

公开(公告)号：US11263840B2

公开(公告)日：2022-03-01

申请号：US16487163

申请日：2018-02-23

Applicant: ASSA ABLOY AB

Inventor： Håkan Olsson ,  Frans Lundberg ,  Kenneth Pernyer ,  Sona Singh ,  Stefan Strömberg

IPC: G07C9/00 ,  G07C9/20 ,  H04L9/32 ,  H04L43/10 ,  H04L29/06

Abstract: It is provided a method for controlling access to a physical space. The method is performed in an access control device and comprises the steps of: communicating with an electronic key to obtain an identity of the electronic key; obtaining a plurality of delegations; determining, from one of the delegations, that there is an auxiliary condition, wherein the auxiliary condition is that access is approved for the electronic key by an auxiliary party, authenticated by a digital signature by the auxiliary party; and granting access to the physical space when the plurality of delegations comprises a sequence of delegations covering a delegation path from the access control device to the electronic key such that, in the sequence of delegations, the delegator of the first delegation is the access control device, the receiver of the last delegation is the electronic key, and the auxiliary condition is fulfilled.

公开(公告)号：US12159500B2

公开(公告)日：2024-12-03

申请号：US18476732

申请日：2023-09-28

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

公开(公告)号：US11869292B2

公开(公告)日：2024-01-09

申请号：US18101823

申请日：2023-01-26

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

CPC classification number: G07C9/215 ,  G07C9/00309 ,  H04L9/3247 ,  G07C2009/00428

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.

公开(公告)号：US11580806B2

公开(公告)日：2023-02-14

申请号：US17413077

申请日：2019-12-18

Applicant: ASSA ABLOY AB

Inventor： Frans Lundberg

IPC: G07C9/20 ,  G07C9/00 ,  H04L9/32

Abstract: It is provided a method for controlling access to a physical space using a co-sign delegation. The method is performed in a lock device and comprises the steps of: receiving an access request from an electronic key; obtaining a plurality of delegations, wherein each delegation is a delegation from a delegator to a delegatee, the plurality of delegations collectively forming a chain of delegations; determining that a delegation is a co-sign delegation, indicating that all further delegations need to be cryptographically signed by both the delegator of the respective delegation and by an access controller; and granting access to the physical space when the chain of delegations start in an owner of the lock device and ends in the electronic key; and when all delegations in the chain of delegations after the co-sign delegation are cryptographically signed by both the delegator of the respective delegation and by the access controller.