(19) United States
`(12) Patent Application Publication (10) Pub. N0.: US 2002/0099945 A1
`McLintock et al.
`(43) Pub. Date:
`Jul. 25, 2002
`
`US 20020099945A1
`
`(54) DOOR ACCESS CONTROL AND KEY
`MANAGEMENT SYSTEM AND THE
`METHOD THEREOF
`
`(76)
`
`Inventors: Gavin A. McLintock, Gloucester (CA);
`Michael D. Caughey, Amprior (CA)
`
`Correspondence Address:
`PEARNE & GORDON LLP
`526 SUPERIOR AVENUE EAST
`SUITE 1200
`CLEVELAND, OH 44114-1484 (US)
`
`(21) Appl. No.:
`
`10/004,340
`
`(22)
`
`Filed:
`
`Oct. 25, 2001
`
`(30)
`
`Foreign Application Priority Data
`
`Oct. 26, 2000
`
`(CA) ........................................ .. 2,324,679
`
`Publication Classification
`
`(51)
`
`Int. Cl.7 ............................ .. H04L 9/32; G06F 11/30
`
`(52) U.S. Cl.
`
`.......................................... .. 713/186; 713/200
`
`(57)
`
`ABSTRACT
`
`A door access control and key management system is
`disclosed, in which a number of doors and door users are
`involved. The system comprises a door/key administering
`system and a door lock/control assembly mounted on each
`door, which are communicatively interconnected with each
`other via a communications network. The door/key admin-
`istering system serves to store a key unique to each of the
`users, store an identification code unique to each of the
`doors, and assign access authorization to at least one user for
`each door. The door lock/control assembly serves to read the
`key presented by the user, verify that the key has access
`authorization, and operate the door in response to the
`authorization for access. Each user can gain access to the
`doors authorized to the user with a unique key and each door
`can provide access to the user or users assigned thereto.
`
`52
`
`60
`
`80
`
`Door Adminislering Sysie -
`l Dom Server Syslem
`
`-Onnlioltbommands
`- ID Inloimadiun
`
`
`
`
`
`_
`
`.
`
`. gm,-1;
`-Emma
`
`G‘
`‘KO
`
`Wlrelas 5
`Tia nsmlllevl
`
`ID Database
`U
`L
`
`Don! Inventory Database
`
`Sol1edu|1s@re‘igzenc.ea eir:
`Communications
`'
`
`Network
`
`(IP Network)
`-Gnnhol
`
`
`—Enc.ryphnn
`. Compare
`Key Adm:ms1enng System
`
`(Key Sewer System)
`,pu“mgDD,“
`
`
`
`
`M
`ID Database
`Nay Inventory Delhasa
`USBQELOQ
`Sc hedu1lngFPwleran -A
`
`91C
`
`
`
`
`62
`
`ASSA 100
`
`REOENEI
`
`Sewer
`-Cnmnol
`—Enc1yp1i0I1
`-Compare
`-Pofling Doors
`—Repur1m9
`-Alarm
`
`
`
`
`
`22
`
`ldenlgncalion
`Denna
`
`°°""“""’
`
`Eletldn
`W-"
`
`
`
`
`Ccnlrolev
`
`20
`
`28
`
`40
`
`1
`
`ASSA 1009
`
`

`
`Patent Application Publication
`
`Jul. 25, 2002 Sheet 1 of 3
`
`US 2002/0099945 A1
`
`8mm
`
`_Nm_.>D._fl..
`
`
`
`
`
`m=...mm_:__%<58EwimwEzmwSOD.om.wwm>m
`
`mo
`
`
`
`uomw.:m_..§m.ne=.__.._..._modmmqm:qfo5..._mowm
`
`
`
`mmmnmmo_:B:.m>E5.5:m____Em.._m:.
`
`mmmnsaoQ...mm_w§>
`
`
`
`mu:mEEo0339.00.
`E_._.u.Ea_,__9-
`
`25:00.
`
`v_._o>>_mZ
`
`iofimz0.:
`
`
`
`w:o_MU_C3_._..=._.—O..
`
`coins:w.
`
`
`
`
`
`29.28-Em_.%.%mmm__m_m_EE_u<>3.
`
`>_mEmm.>8._...
`
`FGE
`
`225mc_.=on_.
`
`5%55.
`28:30-
`
`
`
`9.zaawx.
`
`E_m_<..
`
`_2=au.
`
`._mZm.m
`
`3
`
`mm
`
`8
`
`$..§_m_mon__
`
`1..§_m_mE?__=nu5m
`
`2w
`
`
`
`mmfifin22:25.33.
`
`a3.53:
`
`2
`
`
`
`
`
`
`
`
`

`
`Patent Application Publication
`
`Jul. 25, 2002 Sheet 2 of 3
`
`US 2002/0099945 A1
`
`1aAgaoa\¢| 1 1911!!-U‘3U9JJ. $5319-"JV\
`
`_o>.mwEm28:mmm=_=on.
`
`m:.._§_.am._eEoo.
`
`._m__o.::8Boa
`
`._o:.Em25.32.
`
`mcozofi:35¢
`
`:o..—a_§:m.
`
`52=3.
`
`o.maEoo.
`
`SE4.
`
`
`
`_m.m_ma_Em:E.m::O
`
`Ema:Eco?EmEmzwofl
`
`ummfi9%
`
`
`
`._§__n§...uo__.>m_mE0E50
`
`
`
`._m=o.fie§_£%£5<
`
`
`
`=m.B=n_o.8.._6uQ
`
`._mS_:§§_._,&95%
`
`_8:mmcoqoEon
`
`
`
`zmcoiov5E5.__mD_
`
`
`
`cmcoiov..Ea__Eoa_E
`
`
`
`._m_.._o_=§flamcmm55..
`
`
`
`
`
`Emzam:o...:Eaoawzmm
`
`mm
`
`mmm
`
`nmm
`
`emu
`
`E
`
`«E
`
`Sm
`
`fin
`
`umm
`
`Em
`
`NGI
`
`3
`
`

`
`Patent Application Publication
`
`Jul. 25, 2002 Sheet 3 of 3
`
`US 2002/0099945 A1
`
`8:
`
`
`
`.w_n_n_Emm...<xuo.=_EEaoEGO
`
`@..»uO._,
`
`.8.23:.E:
`
`$_.>un
`
`
`...§§’
`Son:NEomzm
`AE9w>m._o>_mw.
`
`
`
`
`m..;..w.m_:_.Eu<5.5NEflmzwmE.._w_m._:_EU<.§:§.5
`
`mmmnfimo
`
`1mmmnmfifl l
`
`
`¢:m.m>m_m>._am
`
`
`)3.»NEm_a>w9._»m.mE_Eu<3.
`
`._5Emz
`
`28232n_=
`
`mco=mu_::EEoo.........
`
`g
`
`
`
`_E£m>mEammBan:
`
`m.Hh1Lm__A
`
`
`Exxmzm.
`
`EzmwAux._.Em.m>.wm=:m_2£Eu<.€v_
`
`mo5Ht
`
`_.m=E...Bo E.wwfl.w¢_m.m%_
`
`_.Em.m..,mm:_.m_m__:_Eu<
`
`
`
`son1\rEm_m>mm=_a_m_:_..%<>mv=_oon._
`
`_.>553w<,_uo._=o::ooBoa
`
`
`
`mmmoo<Eon.HNE®_m>mEmEmmm:ms_>mx.Hcam_9_:oo
`
`
`of..-a.u.v.y...-
`
`cam_9Eoom$8<.500V
`
`
`
`VEomzwEmEmmm:ms_>3.
`
`.
`
`4
`
`
`
`
`
`
`
`

`
`US 2002/0099945 A1
`
`Jul. 25, 2002
`
`DOOR ACCESS CONTROL AND KEY
`MANAGEMENT SYSTEM AND THE METHOD
`THEREOF
`
`FIELD OF THE INVENTION
`
`[0001] The invention relates generally to a security system
`and particularly to a system and method for controlling
`physical access to doors and managing keys via a commu-
`nication network.
`
`BACKGROUND OF THE INVENTION
`
`[0002] Virtually all private residences, businesses and
`governments employ locks on all exterior doors and many
`interior doors to control physical access to premises and
`vehicles, and to protect valuable contents and occupants
`from outsiders. The technology of locks and related security
`products have developed to provide a very wide range of
`choices in security levels, locldng mechanisms, key types
`and other features. Available “key” technologies include,
`among others, various kinds of mechanical keys, magneti-
`cally coded swipe cards,
`so—called “smart” cards with
`embedded microelectronic devices, plastic or metal cards
`coded with mechanical holes, short range radio frequency
`(RF) or infrared (IR) transmitters with coded signals, and
`various keypad arrangements requiring the user to input a
`predetermined unlocking code.
`
`Presently, keys are generally associated with one or
`[0003]
`a few doors, and therefore, access to the keys, i.e., the use
`of the doors, is controlled by the owner of the premises or
`vehicle to which the door allows access. The current system
`of lock usage leads to a number of problems both for the
`owners of premises and vehicles with lockable doors and for
`individual users. Most individual users are forced to carry
`and manage a large number of mechanical keys anchor
`cards. Also, it is an issue to remember a number of pass-
`words or keypad numbers and which key fits which lock,
`especially for keys which are used infrequently. Lost keys
`may result, in the case of mechanical keys, in a need to
`replace or re-key all locks with which the keys were asso-
`ciated. If a number of individual users have keys to a single
`door and one is lost, all key holders must be contacted and
`provided with new keys.
`
`[0004] As well, passwords or keypad numbers can be
`inadvertently or deliberately revealed,
`thereby lessening
`security and usually resulting in a need to re-program the
`lock to accept a new code. Then, when code locks must be
`re-programmed, all authorized users must be informed of the
`new code and they must, therefore remember yet another
`code.
`
`[0005] Also, kccping track of who has keys to which doors
`can be an issue and this becomes more complex, as in many
`business situations, the more doors and employees there are.
`
`Further, if individuals are permitted to access some
`[0006]
`parts of a facility but not others, Then a multiplicity of keys
`is required, adding to the problem of key management for
`both business and individual. And temporary access to
`premises by, for example, cleaning staff or neighbours, is
`difficult to control and monitor and, thus, reduces security.
`
`[0007] Access to premises in emergency or potential
`emergency situations, such as by fire departments in the
`
`event of a fire alarm, usually requires forced entry, causing
`structural damage and consequent repair expenses.
`
`[0008] Most businesses and many homes make use of
`monitored alarm systems in addition to door locks, requiring
`individual users both to carry keys for the premises and to
`remember alarm codes.
`
`[0009] Access control systems exist that solve some of the
`problems by means of wired connections to the doors for
`which access is being controlled. Some of these systems can
`communicate between locations via wide area networks.
`Generally, such systems require special software and com-
`puter systems on or near the premises being protected. Often
`dedicated monitoring equipment and stations are required.
`These systems are costly to install and operate and are
`oriented towards larger organizations. These systems also do
`not extend to controlling access to locations where wired
`connections are impractical.
`
`[0010] A number of other locking and access control
`systems have been devised. For example, it is known to
`employ wireless communication between a secure door and
`rcmotc sitc in ordcr to obtain authorization. While these
`
`systems are successful in solving some of the problems
`mentioned above, they are usually too costly or require too
`much technical support to be of use to private residences or
`small businesses.
`In addition, none of the technologies
`employed thus far address the problems of the individual
`uscr who must deal with a large number of keys and/or
`codes.
`
`[0011] Accordingly, there is a need to provide an improved
`system and method for physical access control,
`in which
`most of the above conventional problems and disadvantages
`can be solved.
`
`SUMMARY OF THE INVENTION
`
`[0012] According to one aspect of the present invention,
`there is provided a door access control and key management
`system in wl1icl1 a number of doors and door users are
`involved. The system comprises (a) a communications net-
`work; (b) a door/key administering system for storing a key
`unique to each of the users, for storing an identification code
`unique to each of the doors, and for assigning access
`authorization to at least one user for each door, the door/key
`administering system being communicatively connected to
`the communications network; and (c) a door lock/control
`assembly mounted on each door for reading the key pre-
`sented by the user, for verifying that the key has access
`authorization, and for operating the door in response to the
`authorization for access,
`the door lock/control assembly
`being communicatively connected to the door/key adminis-
`tering system via the communications network; ((1) whereby
`a user can gain access to the doors authorized to the user
`with a unique key and each door can provide access to the
`user or users assigned thereto.
`
`[0013] According to another aspect of the present inven-
`tion, there is provided a method of controlling access to a
`plurality of doors by a plurality of door users via a com-
`munications network. The method comprises steps of: (a)
`storing a unique identification code for each of the doors in
`a server; (b) storing a unique key signature for each of the
`users in the server; (c) assigning to each door the unique
`keys having access authorization to the respective doors; (d)
`
`5
`
`

`
`US 2002/0099945 A1
`
`Jul. 25, 2002
`
`comparing a user’s key detected at the door to tl1e keys
`having access authorization to the door in the server (e)
`authorizing access to the door; and
`wherein the authori-
`zation step is carried out through the communications net-
`work between the door and the server and each user can gain
`access to the doors authorized to the user with a unique key
`and each door can provide access to the user or users
`assigned thereto.
`
`[0014] According to another aspect of the present inven-
`tion, there is provided a system architecture for controlling
`a plurality of door access co11trol and key management
`systems. The system architecture comprises: (a) the plurality
`of door access control and key management systems noted
`above, the systems being con1n1unicatively and operatively
`connected to a communication network; and (_b) a Meta
`server being adapted to serve as an address reference among
`the door access control and key management systems, the
`Meta server being communicatively and operatively con-
`nected to each of the door access control and key manage-
`ment systems via the communications network, wherein the
`Meta server contains the address of each door access control
`and key management system and its associated unique key
`ID codes and unique door ID codes and each door access
`control and key management system contains the address of
`the Meta server.
`
`[0015] Other aspects and advantages of the invention, as
`well as the structure and operation of various embodiments
`of the invention, will become apparent to those ordinarily
`skilled in the art upon review of the following description of
`the invention in conjunction with the accompanying draw-
`ings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0016] Embodiments of the invention will be described
`with reference to the accompanying drawings, wherein:
`
`[0017] FIG. 1 illustrates a door access control and key
`management system according to one embodiment of the
`present invention;
`
`[0018] FIG. 2 illustrates the details of the door control/
`lock assembly of FIG. 1; and
`
`[0019] FIG. 3 illustrates a system architecture according
`to another embodiment of the present invention for control-
`ling a number of door access control and key Management
`systems of FIG. 1.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`In FIG. 1 there is shown a door access control and
`[0020]
`key management system according to the first embodiment
`of the present invention, which is generally denoted by
`reference numeral 10, and involves a plurality of doors and
`door users although a single door and user are illustrated for
`the convenience of description and understanding. Through-
`out the description and claims, the door includes all kinds of
`doors for access thereto to be controlled, including building
`entrance doors or interior doors, private house doors, vehicle
`doors, and safe doors, or all kinds of locks for other devices
`such as bicycles, padlocks. However, this invention is not
`limited to the doors and locks noted above.
`
`[0021] Referring to FIG. 1, the system generally com-
`prises a door control/lock assembly 20, a key administering
`
`system 40, a door administering system 60, and a con1mu-
`nications network 80. The door control/lock assembly 20 is
`mounted on each door and communicatively connected to
`the key and door administering systems 40 and 60 via the
`communications network 80. In practice, the door adminis-
`tering system 60 and the key administering system 40 can be
`implemented as one single system equipped with the appro-
`priate software program for carrying out both functions. In
`general, the door control/lock assembly 20 identifies a user
`32 wanting to gain access to a door 30, and communicate
`with the key and door administering systems 40 and 60 to
`obtain authorization for access thereto.
`
`In this embodiment, the communications network
`[0022]
`80 includes an IP (Internet Protocol) communications net-
`work, which is accessible by the door control/lock assembly
`20 via an HTTPS (Hyper Text Transport Protocol Secure)
`server. In such an Internet communication environment, the
`key administering system 40 and the door administering
`system 60 can be referred to as a key server system and a
`door server system as shown in FIG. 1. Ilowever,
`the
`communications network can employ any suitable network
`protocol.
`
`[0023] All communication lines connecting the compo-
`nents of the system 10 employ encryption means for
`improved security.
`
`[0024] The connection between the communications net-
`work 80 and the door lock/control assembly 20 can be
`accomplished via a wireless communication line. In such a
`case,
`an intermediate wireless
`transmitter/receiver 82
`between them is provided as illustrated in FIG. 1. The
`means of wireless communication includes Bluetooth® or
`
`other short-range wireless communications circuitry, or a
`network access module consisting of Bluetooth® wireless
`communications circuitry, an Ethernet network interface and
`a battery backed up power supply. The network access
`module is located at a Ethernet port within the range of the
`Bluetooth® or other short-range wireless communications
`circuit.
`
`[0025] Alternatively, the means of wireless communica-
`tion can include digital cellular wireless Internet access
`circuitry to provide greater range or for use where an
`Ethernet networks port is not convenient or available.
`
`[0026] The system 10 further includes several other ele-
`ments, which will be hereafter described.
`
`[0027] FIG. 2 presents a detailed view of the door control/
`lock assembly 20 of the system 10. As illustrated in FIGS.
`1 and 2, the door control/lock assembly 20 mounted on each
`door 30 includes an electric door lock 22, an identification
`device 24, an embedded controller 28, a communicating
`means 26, and a battery for supplying power. The commu-
`nicating means 26 establishes two-way communications
`with the communication network 80 via a wireless tansmit-
`ter/receiver 82. The embedded controller 28 has appropriate
`software for controlling the door control/lock assembly 20
`and any communications with other system components via
`the communications network 80. During operation, the door
`control/lock assembly 20 transmits via the communication
`network the identification data read by the identification
`device 24 to the key—door administering systems 40 and 60
`and receives messages or signals from the administering
`systems as to whether the identified key is authorized.
`Details of the operation will be hereafter described.
`
`6
`
`

`
`US 2002/0099945 A1
`
`Jul. 25, 2002
`
`Tl1e door lock 22 includes any lock that can operate
`[0028]
`in response to an authorization signal or message from the
`key and door administering system 40/60, or,
`in certain
`situations, from the embedded controller 28 of the door
`assembly 20.
`
`[0029] The identification device 24 identifies the key
`wishing to gain access to the door. The identification device
`24 can be a proximity card reader or swipe card reader or any
`other such device. Also, the identification device 24 can
`include a wireless receiver employing public key cryptog-
`raphy (PKI) technology or other secure communications
`technology to receive signals from a device carried by the
`user 32. In such a case, the key can be an electronic key such
`as a Dallas Semiconductor iButton®, a cell phone, a portable
`digital assistant (PDA) equipped with digital wireless capa-
`bility, a personal communicator device, and an RF (Radio
`Frequency) tag device. For example, the tag device provides
`a short-range radio frequency signal that is coded to provide
`identification of the individual user. In addition, a biometric
`recognition device such as thumb-print reader or face-
`recognition device can be used as the identification device
`24. A numeric or alphanumeric key pad device can also be
`used. The key includes any device that can be sensed by the
`identification device used. For example, where the identifi-
`cation device is a numeric keypad, the key can be a numeric
`code.
`
`[0030] As depicted in FIG. 2, the door control/lock assem-
`bly 20 can be equipped with more than one identification
`devices 24 and 24a to improve security or convenience. In
`such a case, for improved security, all keys are required in
`order for the system 10 to grant access. Also, for improved
`convenience, any one key can be required to gain access,
`therefore, the user 32 can carry one or more of a variety of
`key types, which correspond to the identification devices 24,
`24a.
`
`In the door lock/control assembly 20, the embed-
`[0031]
`ded controller 28 runs appropriate software for controlling
`the assembly 20 and carrying out an identification/authori-
`zation process by cooperating with the identification device
`24 and communicating with the door and key server systems
`40 and 60 via the communications network 80. Various
`identification/authorization software applications are well
`known in the art and any suitable one can be used. The
`embedded controller 28 comprises a local database or a
`memory 28a as shown in FIG. 2. The local database or
`memory 28a stores, for example, data of the most recent and
`most frequent users of the door in encrypted form for
`security reasons. These data serve to speed up authorization
`process, or provides back-up capability in the event that the
`connection between the door assembly 20 and the adminis-
`tering systems 40 and 60 failed or is disrupted for any
`reason.
`
`[0032] The embedded controller 28 in the door control/
`lock assembly 20 periodically conducts a self-test of its own
`functionality and records data from status sensors, which
`will be hereafter detailed.
`
`[0033] Each door control lock assembly 20 is provided
`with a unique identification code that is encoded in hardware
`and can be recognized by software programs running in the
`door control/lock assembly 20 and other software programs
`running in the system 10 The door administering system 60
`serves to store the unique identification code for each of the
`
`doors and manage these ID codes. Also, each door is
`assigned an authorized user or users for access to the door
`from the door administering system 60. The door adminis-
`tering system 60 includes a database 62 where the unique ID
`code and the authorized users for each door are maintained
`and updated, when required, by a door administrator.
`
`[0034] The door lock/control assembly 20 and the door
`server system 60 work together to provide a number of
`functions. For example, the door server system 60 records
`all uses of the door lock 22, including authorized entries and
`unauthorized attempts to enter. The door server system 60
`also provides the necessary controls and communications
`capability to allow thc door administrator
`to configure
`various security settings of the operation of the door control/
`lock assembly 20,
`in addition to the hasic authorization
`settings of which keys are allowed to unlock which doors.
`These security settings include such functions as to who is
`authorized at specific times. Other additional
`functions
`includc scttings as to who is to bc notificd in thc cvcnt of an
`alarm of low battery condition or a detection of hardware
`failure condition and how such notification is to take place
`(c.g., c-mail, pagcr, automated phone call, or thc likc.) Such
`factors as the amount of lead-time to report that low battery
`condition can also be set.
`
`In this embodiment, the door administering system
`[0035]
`60 periodically polls all connected door control/lock assem-
`blies 20 to update frequent or most recent users saved in the
`embedded controller 28 and receive reports from the embed-
`ded controller self-test routines. If the embedded controller
`28 in the door control/lock assembly 20 does not receive a
`poll from the door server system 60 within a pre—set interval,
`it can initiate a report to the server on its own.
`
`[0036] A single door server system can provide these
`functions for a number of doors controlled by the same door
`administrator, or multiple door servers can be used. The
`same door server can also provide these functions for a
`number of different door administrators, but each door
`administrator is prevented from accessing the information
`pertaining to doors controlled by others. Any number of door
`server systems can run on the system at the same time. The
`information recorded in each door server database concern-
`ing the authorized entrances and exits through the door and
`the unauthorized attempted entrances and exits may be used
`in several ways. Reports can be generated when required.
`
`[0037] The key administering system or server 40 serves
`to store a unique key for each of the users. The unique key
`is implemented by a key signature. The key signatures
`consist of the unique codes associated with each key, i.e.,
`each user. The key signature serves to distinguish a key from
`any other keys. The type of these codes depends on the
`identification device 22 used on the door control/lock assem-
`bly 20. As examples, the key signatures can consist of coded
`numbers that have been magnetically written onto a normal
`magnet swipe card, if a swipe card reader is used as the
`identification device 24. The key signatures can be the
`unique hardware with embedded serial numbers assigned at
`manufacture to iButtons® if an iButton® reader is used as
`the identification device. The key signatures can be a signal
`unique to each user, if the identification device at the door
`is adapted to identify the unique signal from, for example, a
`Bluetooth® enabled cell phone or PDA (Portable Digital
`Assistant) carded by the user. The key signature can be a
`
`7
`
`

`
`US 2002/0099945 A1
`
`Jul. 25, 2002
`
`fingerprint recognition code if tl1e identification device at the
`door is a fingerprint reader. The key signatures are stored in
`encrypted form in the key administering system 40.
`
`[0038] The key administering server system 40 includes a
`database 42 that contains information on the keys and the
`doors to which each key is allowed access. The key server
`system 40 provides a number of functions by working
`together with the door co11trol/lock assembly 20. In particu-
`lar,
`the key server system records all use of the key,
`including authorized entries and attempts to enter using the
`key that were not authorized on a door-by-door basis.
`
`[0039] The information recorded in the key server data-
`base 42 concerning the uses of the key to unlock various
`doors and any unauthorized attempted entrances and exits is
`used in various ways. Reports can be generated when
`required.
`
`[0040] The key server system 40 can further provide the
`key administrator with reports of every instance of the use
`of the key that has been recorded anywhere on the system
`10.
`
`[0041] The key and door server databases 42 and 62 can
`be updated and viewed from a Web browser 52 connected to
`the communications network 80.
`
`[0042] Since the door/key administering system 60/40
`maintains logs of entries and exits, it is possible to access the
`database and determine whether anyone is in a secured area,
`and the identity of the person, if anyone is indeed in a
`particular area.
`
`[0043] The system of FIG. 1 provides security means to
`control access by persons to building, rooms or vehicles,
`while gathering useful information. The system provides a
`means to allow a person access to some locations, while, at
`the same time, excluding access to other locations, this may
`be accomplished with only one access key per individual.
`Such access privileges can be variable according to time.
`The system provides a means to change the security settings
`such as access privileges of an individual quickly and easily
`from any location where an Internet connection and browser
`software are available. Information gathered by the system
`includes the time of all attempts to access the door and the
`identification of the individual attempting such access (if
`known) or the fact that an unknown individual attempted to
`gain access. Furthermore, the access privileges associated
`with the ‘key’ may be easily changed as circumstances
`change. This allows people potential to have only one ‘key’
`to open all of the doors in their lives while, at the same time,
`increasing security and convenience.
`
`To deal with the occasional instance that the com-
`[0044]
`munications network 80 is not available and to speed up
`access for frequent users of a door, a local database 28a of
`frequent and most recent user authorized key signatures is
`stored in encrypted form in the door lock/control) assembly
`20 itself. Before sending a request message for authorization
`over the communications network 80 to the door server
`system 60, the embedded controller 28 in the door lock/
`control assembly 20 checks its own local database 28a and
`unlocks the door if a match is found between the signature
`of the key being presented and one that is stored in the local
`database 28a. The information that this action has taken
`place is then transmitted to the door server system 60 for
`storage subsequent to the door having been unlocked. Peri-
`
`odically the authorized keys in the local database 28a of the
`door assembly 20 are confirmed between the door assembly
`20 and the door server system 60 by a series of encrypted
`messages over the communications network 80. This con-
`firmation process can be initiated by the door lock/control
`assembly 20, or the door administering system or server 60.
`If a key signature that has been authorized is no longer
`authorized, then the key signature is removed from the local
`database 28a of the embedded controller of the door assem-
`
`bly 20.
`
`[0045] Referring to FIG. 2, the door control/lock assem-
`bly 20 further includes other components to provide addi-
`tional functions. Such a device can include a microphone
`and speaker assembly 23c and 25c. This serves to commu-
`nicate with the door administering system or server 60 via
`the communications network 80, which then communicates
`with a designated door administrator 52 or other systems
`using e-mail, telephone or pager according to predetermined
`instructions stored in the door server system.
`
`[0046] A doorbell/intercom signalling device can be pro-
`vided and configured to send a message via email, pager or
`telephone to a designated monitoring administrator. The
`designated monitoring administrator can be located any-
`where that an Internet connection and browser software are
`available.
`
`[0047] As well, alarm devices such as motion detectors,
`smoke detectors, or water detectors etc. can be installed in
`the door lock/control assembly 20. The alarm device com-
`municates with the door server system 60, which in turn
`communicates the alarm administrator according to instruc-
`tions included in the database 62. Any other additional alarm
`components can be provided and configured to signal their
`condition in various ways and to monitor multiple locations
`that can be altered easily over time.
`
`[0048] The door control/lock assembly 20 can further
`include a door open sensor 25a that detects whether the door
`is open or closed. Abuzzer device 23a can also be included.
`If the door remains open for a period of time longer than a
`preset interval, then, the buzzer is sounded for a brief period
`before an alarm condition message is sent
`to the door
`administrator to deal with such alarms. If the door is closed
`
`after the sounding of the buzzer but before the sending of the
`alarm message,
`the alarm is not sent. Alternatively,
`the
`buzzer is not sounded and the alarm condition message is
`sent immediately. In either case, the information that the
`door open alarm condition was encountered is stored in the
`door server 60 as a reporting function. The pre-set interval
`for which the door may remain open before the buzzer
`sounds may be changed and may vary with time of day or
`it may be disabled for specific periods to accommodate
`various situations. Such changes or scheduling are accom-
`plished by the door administrator accessing the door server
`system 60 via the browser 52.
`
`[0049] Other system status sensors that may be part of the
`door control/lock assembly include a battery voltage sensor
`and a temperature sensor.
`
`[0050] The door control/lock assembly 20 can also include
`a digital camera (still or video) that is configured to provide
`an image of the individual attempting to gain access to a
`person assigned to make human judgements on whether
`such individuals, not identified by the system should be
`
`8
`
`

`
`US 2002/0099945 A1
`
`Jul. 25, 2002
`
`allowed access. Tl1e judging person may then allow the
`individual in, if desired, by signalling the door control/lock
`assembly 20 from the Web browser 52. The camera may also
`be configured to record in the network databases, an image
`of all individuals attempting to gain access.
`
`In FIG. 3, there is shown a system architecture
`[0051]
`according to the second embodiment of the invention, which
`is generally denoted by reference numeral 100, and can
`control a group of individual door access control and key
`management systems, for example, of the first embodiment
`of the invention, as shown FIG. 1. The system architecture
`100, in general, comprises a plurality of door access control
`and key management systems 110a and 110b, a Meta server
`140, and a communications nctwork 180. The communica-
`tions network 180 includes an IP (Internet Protocol) com-
`munications network. For the convenience of description
`and understanding, two door access control and key man-
`agement systems 110a and 110b are illustrated in FIG. 2, but
`a number of individual systems can be involved in to be
`controlled within a single system architecture.
`
`[0052] Each door access control and key management
`system 110a or 110b involves a plurality of doors and door
`users, and includes a door lock/control assembly mounted
`on each door, a door/key administering system, and a
`communications network communicatively interconnecting
`the door lock/control assemblies and the administering sys-
`tem, as noted above in conjunction with the first embodi-
`ment of the invention of FIG. 1.
`
`[0053] As depicted in FIG. 3, each door access control
`and key management system is communicatively connected
`to one another and the Meta server 140 via the communi-
`
`cations network 180. The Meta server 140 is adapted to be
`aware of all instances of each door/key administering system
`and know how to contact them over the communications
`
`network 180. The Meta server 14