I 1111111111111111 11111 1111111111 111111111111111 11111 111111111111111 IIII IIII
`US009269208B2
`
`c12) United States Patent
`Burke
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 9,269,208 B2
`*Feb.23,2016
`
`(54) REMOTE ENTRY SYSTEM
`
`(75)
`
`Inventor: Christopher John Burke, Ramsgate
`(AU)
`
`(73) Assignee: SECURICOM (NSW) PTY LTD,
`Ramsgate (AU)
`
`( *) Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 78 days.
`
`This patent is subject to a terminal dis(cid:173)
`claimer.
`
`(21) Appl. No.: 13/572,166
`
`(22) Filed:
`
`Aug.10, 2012
`
`(65)
`
`Prior Publication Data
`
`US 2012/0311343 Al
`
`Dec. 6,2012
`
`Related U.S. Application Data
`
`(63)
`
`Continuation of application No. 10/568,207, filed as
`application No. PCT/AU2004/001083 on Aug. 13,
`2004, now Pat. No. 8,266,442.
`
`(30)
`
`Foreign Application Priority Data
`
`Aug. 13, 2003
`
`(AU) ................................ 2003904317
`
`(51)
`
`Int. Cl.
`H04L29/06
`G07C9/00
`
`(2006.01)
`(2006.01)
`(Continued)
`
`(52) U.S. Cl.
`CPC ............ G07C 9/00158 (2013.01); G06F 21132
`(2013.01); G06F 21135 (2013.01); H04L
`63/0861 (2013.01); H04W 12108 (2013.01);
`H04W 84/12 (2013.01); H04W 84/18 (2013.01)
`( 58) Field of Classification Search
`CPC ............................ H04L 63/0861; G06F 21/32
`
`USPC .......................................................... 713/186
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,109,428 A * 4/1992 Igaki et al. .................... 382/125
`5,933,515 A * 8/1999 Pu .
`G06K 9/00006
`340/5.53
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`WO
`WO
`
`WO 0212660 Al * 2/2002
`WO 02/095589 Al
`11/2002
`
`OTHER PUBLICATIONS
`
`Notice of Acceptance dated Sep. 18, 2012 for co-pending Australian
`Patent Office Application No.2009201293 (3 pp.).
`(Continued)
`
`Primary Examiner - Mohammad L Rahman
`(74) Attorney, Agent, or Firm - Brinks Gilson & Liane
`
`(57)
`
`ABSTRACT
`A system is disclosed for providing secure access to a con(cid:173)
`trolled item, the system comprising a database of biometric
`signatures, a transmitter subsystem comprising a biometric
`sensor for receiving a biometric signal, means for matching
`the biometric signal against members of the database of bio(cid:173)
`metric signatures to thereby output an accessibility attribute,
`and means for emitting a secure access signal conveying
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted Bluetooth™ protocol, and a
`WiFi™ protocol, and a receiver sub-system comprising
`means for receiving the transmitted secure access signal and
`means for providing conditional access to the controlled item
`dependent upon said information.
`
`13 Claims, 10 Drawing Sheets
`
`Feedback.,,,_,,,
`/--L-,
`
`u.....
`
`10t1:. "'i?5__ _
`-~---
`
`102 -~~
`Request
`' -+ -~ -~
`
`1191.
`I
`I
`
`100
`
`✓
`
`109
`
`121
`
`-s--~
`
`116
`transmitter
`sub-system
`
`117
`receiver
`sub-system
`
`ASSA ABLOY Ex. 1007 - Page 1
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`US 9,269,208 B2
`Page 2
`
`(51)
`
`Int. Cl.
`G06F 21132
`G06F 21135
`H04Wl2/08
`H04W 84/12
`H04W 84/18
`
`(2013.01)
`(2013.01)
`(2009.01)
`(2009.01)
`(2009.01)
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`6,195,447 Bl*
`6,229,906 Bl *
`6,992,562 B2 *
`
`2/2001 Ross ............................. 382/125
`5/2001 Pu et al. ........................ 382/116
`1/2006 Fuks et al.
`................... 340/5.52
`
`7,152,045 B2 *
`7,174,017 B2 *
`2002/0038818 Al
`2003/0126439 Al
`2004/0042642 Al *
`
`12/2006 Hoffman ......................... 705/43
`2/2007 Bantz et al. ................... 380/255
`4/2002 Zingher et al.
`7/2003 Wheeler et al.
`3/2004 Bo lie
`
`G07C 9/00134
`382/115
`
`OTHER PUBLICATIONS
`
`Extended European Search Report for corresponding EP application
`No. 14188004 dated Apr. 22, 2015.
`Office Action for corresponding Canadian application No. 2,535,434
`dated Mar. 27, 2015.
`
`* cited by examiner
`
`ASSA ABLOY Ex. 1007 - Page 2
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 1 of 10
`
`US 9,269,208 B2
`
`........
`t::
`"'r"""" C'O
`" I... O)Q
`
`·- '-LLS
`
`Q)
`
`u, i Q
`
`t.n
`0
`'e::t
`
`L.
`Q)
`
`~
`8
`
`GO
`~
`
`~
`c:: -w ::,
`-
`Q)
`Q) "0
`'t:I 0
`0 :::a u
`
`ASSA ABLOY Ex. 1007 - Page 3
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`~
`00
`•
`~
`~
`~
`
`~ = ~
`
`100
`
`✓
`
`109
`
`Controller
`
`120
`
`115
`
`114
`I ◄ ,
`
`►1 □atabase
`
`Receiver
`
`"f'j
`('D
`?'
`N
`~
`N
`
`~
`
`0 ....
`
`O'I
`
`('D
`('D
`
`rJJ =(cid:173)
`.....
`N
`0 ....
`....
`
`0
`
`106
`
`121
`
`Controller/
`Transmitter
`
`108
`
`I
`I
`
`112
`
`113
`
`Database
`
`I
`I
`I
`I
`I
`I
`I
`
`I
`1
`
`110
`
`111
`
`Controlled
`Item
`
`►
`
`117
`receiver
`sub-system
`
`.s
`~
`116
`transmitter
`sub-system
`
`Fig. 2
`
`d r.,;_
`\0
`'N
`0--,
`\0
`
`'N = 00 = N
`
`103
`
`ry
`Module
`
`Audio
`transducer
`
`124
`
`122
`
`105
`
`0u
`
`staerb1D
`a
`ase
`
`'1
`
`LED
`indicators
`
`104
`_ _ _ _ __ ____ ij◄ c
`,
`
`1
`
`11sfr
`
`I
`I
`I
`I
`I
`I
`[
`I
`I
`I
`
`Feedback.,,..,_,,,.
`
`~
`
`----~
`-~ - -...
`
`125
`-""'
`~~ - - -
`123
`
`102
`Request
`
`User
`101
`
`/
`
`ASSA ABLOY Ex. 1007 - Page 4
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 3 of 10
`
`US 9,269,208 B2
`
`NO
`
`YES
`
`202
`
`Compare to
`signatures
`
`YES
`
`204
`
`Select control
`option
`
`205
`
`Send access
`signal
`
`206
`
`200
`
`~
`
`Fig. 3
`
`ASSA ABLOY Ex. 1007 - Page 5
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 4 of 10
`
`US 9,269,208 B2
`
`YES
`
`302
`
`Compare to
`code
`
`YES
`
`304
`
`305
`
`Send control
`signal
`
`300
`
`,)
`
`Fig. 4
`
`ASSA ABLOY Ex. 1007 - Page 6
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 5 of 10
`
`US 9,269,208 B2
`
`LO
`•
`
`C') ·-u..
`
`0:,
`0 .....
`
`-
`
`£::
`8 '(cid:173)
`Q)
`0 t:
`() Q)
`.9 > e a..
`
`co
`.....
`.....
`
`ASSA ABLOY Ex. 1007 - Page 7
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 6 of 10
`
`US 9,269,208 B2
`
`700
`
`✓
`
`From Fig. 7 or Fig. 8
`705
`
`or
`Fig. 9
`
`YES
`
`NO
`
`NO
`
`Fig. 6
`
`ASSA ABLOY Ex. 1007 - Page 8
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 7 of 10
`
`US 9,269,208 B2
`
`From Fig. 6 707
`
`600
`
`,J
`
`Compare to
`signatures
`
`604
`
`606
`
`608
`
`Insert duress
`bit(s)
`
`YES
`
`Insert telemetry YES
`bit(s)
`
`Insert access
`bit(s)
`
`YES
`
`NO
`
`609
`
`Insert alert
`bit(s)
`
`610
`
`Send control
`signal
`
`811
`
`Fig. 7
`
`ASSA ABLOY Ex. 1007 - Page 9
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 8 of 10
`
`US 9,269,208 B2
`
`802
`
`__ __,Store administrator-...--~
`signature
`
`NO
`
`800
`
`✓
`
`805
`
`YES
`
`Store duress
`signature
`
`807
`
`YES
`
`809
`
`YES
`
`Store simple
`signature
`
`Erase
`signature(s)
`
`NO
`
`811
`
`NO
`
`NO
`
`NO
`
`NO
`
`Fig. 8
`
`ASSA ABLOY Ex. 1007 - Page 10
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 9 of 10
`
`US 9,269,208 B2
`
`903
`
`Emit "enrolment"
`tone & flash Red ~-<
`LED (ongoing)
`
`904
`
`Emit "enrolment"
`tone & flash Green
`LED (once)
`
`902
`
`Read biometric
`signal (directed by
`Amber LED)
`
`905
`
`To Fig. 6
`
`908
`
`911
`
`NO
`
`907
`
`910
`
`Emit "rejection"
`tone
`
`Store signature
`
`913
`
`909
`
`er
`eds pred
`'
`
`Erase relevant
`signature(s)
`
`912
`
`900
`
`✓
`
`Fig. 9
`
`ASSA ABLOY Ex. 1007 - Page 11
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`U.S. Patent
`
`Feb.23,2016
`
`Sheet 10 of 10
`
`US 9,269,208 B2
`
`Controlled
`Item
`
`111
`
`~----10i 01~117f100'
`
`,___..---ii Contr'I
`
`D'base
`
`~
`
`I
`I
`Rx sub~system 1
`1
`L _ _ _ _ _ _ _ _ _ J
`
`108'
`
`r - - - - - - - - - -7
`~
`
`122
`
`124
`
`:
`
`:
`
`LED
`Display
`
`: ®®®
`
`I
`
`1
`
`1
`
`I
`l
`1
`
`1
`:
`I
`I
`I
`I
`1
`1
`I
`I
`I
`I
`I
`1
`l
`I
`I
`
`)
`
`:
`
`~- ---,
`108
`1008
`
`I
`L
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`116
`- £-- - - - 7
`
`I
`
`1007
`.---.-+-~---------....._-------...:..,.,..--107 I
`I
`I
`1
`
`Audio-Video
`Interface
`
`Comm'n.
`Interface
`
`1004:
`1
`I
`I
`I
`l
`1
`I
`I
`I
`I
`I
`I
`I
`I
`121
`I
`~-------------------------------J
`Fig. 10
`
`Processor
`
`Jro
`Interface
`
`Memory
`
`bio sensor
`
`1013
`
`1006
`
`ASSA ABLOY Ex. 1007 - Page 12
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`US 9,269,208 B2
`
`1
`REMOTE ENTRY SYSTEM
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation patent application of
`U.S. Non-Provisional application Ser. No. 10/568,207 for
`REMOTE ENTRY SYSTEM, filed Jun. 4, 2008 now U.S.
`Pat. No. 8,266,442, the disclosure of which is incorporated by
`reference in its entirety.
`
`FIELD OF THE INVENTION
`
`The present invention relates to secure access systems and,
`in particular, to systems using wireless transmission of secu- 15
`rity code information.
`
`BACKGROUND
`
`2
`The Wiegand protocol is a simple one-way data protocol that
`can be modified by increasing or decreasing the bit count to
`ensure uniqueness of the protocol among different security
`companies. The Wiegand protocol does not secure the infor-
`5 mation being sent between the code entry module 403 and the
`controller 405.
`More advanced protocols such as RS 485 have been used in
`order to overcome the vulnerability of the Wiegand protocol
`over the long distance route 404. RS 485 is a duplex protocol
`10 offering encryption capabilities at both the transmitting and
`receiving ends, i.e. the code entry module 403 and the con(cid:173)
`troller 405 respectively in the present case. The length of the
`path 404 nonetheless provides an attack point for the unau-
`thorised person.
`Due to the cost and complexity of re-wiring buildings and
`facilities, security companies often make use of existing com(cid:173)
`munication cabling when installing and/or upgraded security
`systems, thereby maintaining the vulnerability described
`above.
`
`FIG. 1 shows a prior art arrangement for providing secure 20
`access. A user 401 makes a request, as depicted by an arrow
`402, directed to a code entry module 403. The module 403 is
`typically mounted on the external jamb of a secure door. The
`request 402 is typically a secure code of some type which is
`compatible with the code entry module 403. Thus, for 25
`example, the request 402 can be a sequence of secret numbers
`directed to a keypad 403. Alternately, the request 402 can be
`a biometric signal from the user 401 directed to a correspond(cid:173)
`ing biometric sensor 403. One example of a biometric signal
`is a fingerprint. Other physical attributes that can be used to 30
`provide biometric signals include voice, retinal or iris pattern,
`face pattern, palm configuration and so on.
`The code entry module 403 conveys the request 402 by
`sending a corresponding signal, as depicted by an arrow 404,
`to a controller 405 which is typically situated in a remote or 35
`inaccessible place. The controller 405 authenticates the secu(cid:173)
`rity information provided by the user 401 by interrogating a
`database 407 as depicted by an arrow 406. If the user 401 is
`authenticated, and has the appropriate access privileges, then
`the controller 405 sends an access signal, as depicted by an 40
`arrow 408, to a device 409 in order to provide the desired
`access. The device 409 can, for example, be the locking
`mechanism of a secure door, or can be an electronic lock on a
`personal computer (PC) which the user 401 desires to access.
`A proximity card can also be used to emit the request 402, 45
`in which case the code entry module 403 has appropriate
`functionality.
`Although the request 402 can be made secure, either by
`increasing the number of secret digits or by using a biometric
`system, the communication infrastructure in FIG. 1 is typi- 50
`cally less secure. The infrastructure 400 is generally hard(cid:173)
`wired, with the code entry module 403 generally being
`mounted on the outside jamb of a secured door. In such a
`situation, the signal path 404 can be over a significant distance
`in order to reach the controller 405. The path 404 represents 55
`one weak point in the security system 400, providing an
`unauthorised person with relatively easy access to the infor(cid:173)
`mation being transmitted between the code entry module 403
`and the controller 405. Such an unauthorised person can,
`given this physical access, decipher the communicated infor- 60
`mation between the code entry module 403 and the controller
`405. This captured information can be deciphered, replayed
`in order to gain the access which rightfully belongs to the user
`401, or to enable modification for other subversive purposes.
`Current systems as depicted in FIG. 1 utilise a communi- 65
`cation protocol called "Wiegand" for communication
`between the code entry module 403 and the controller 405.
`
`SUMMARY
`
`It is an object of the present invention to substantially
`overcome, or at least ameliorate, one or more disadvantages
`of existing arrangements.
`According to a first aspect of the present invention, there is
`provided a system for providing secure access to a controlled
`item, the system comprising:
`a database of biometric signatures;
`a transmitter subsystem comprising:
`a biometric sensor for receiving a biometric signal;
`means for matching the biometric signal against members
`of the database of biometric signatures to thereby output an
`accessibility attribute; and
`means for emitting a secure access signal conveying infor(cid:173)
`mation dependent upon said accessibility attribute, wherein
`the secure access signal comprises one of at least a rolling
`code, an encrypted Bluetooth™ protocol, and a WiFi™ pro(cid:173)
`tocol; and a receiver sub-system comprising;
`means for receiving the transmitted secure access signal;
`and
`means for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a transmitter sub-system for operating in a system
`for providing secure access to a controlled item, the system
`comprising a database of biometric signatures, a receiver
`sub-system comprising means for receiving a secure access
`signal transmitted by the transmitter sub-system, and means
`for providing conditional access to the controlled item depen(cid:173)
`dent upon information conveyed in the secure access signal;
`wherein the transmitter subsystem comprises:
`a biometric sensor for receiving a biometric signal;
`means for matching the biometric signal against members
`of the database of biometric signatures to thereby output an
`accessibility attribute; and
`means for emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted Bluetooth™ protocol, and a
`WiFi™ protocol.
`According to another aspect of the present invention, there
`is provided receiver sub-system for operating in a system for
`providing secure access to a controlled item, the system com(cid:173)
`prising a database of biometric signatures, a transmitter sub(cid:173)
`system comprising a biometric sensor for receiving a biomet(cid:173)
`ric signal, means for matching the biometric signal against
`
`ASSA ABLOY Ex. 1007 - Page 13
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`US 9,269,208 B2
`
`5
`
`15
`
`25
`
`3
`members of the database of biometric signatures to thereby
`output an accessibility attribute, and means for emitting a
`secure access signal conveying information dependent upon
`said accessibility attribute, wherein the secure access signal
`comprises one of at least a rolling code, an encrypted Blue-
`tooth™protocol, and a WiFi™protocol; wherein the receiver
`sub-system comprises;
`means for receiving the transmitted secure access signal;
`and
`means for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a method for providing secure access to a con(cid:173)
`trolled item, the method comprising the steps of:
`receiving a biometric signal;
`matching the biometric signal against members of a data(cid:173)
`base of biometric signatures to thereby output an accessibility
`attribute;
`emitting a secure access signal conveying information
`dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted Bluetooth™ protocol, and a WiFi™ protocol;
`and
`providing conditional access to the controlled item depen(cid:173)
`dent upon said information.
`According to another aspect of the present invention, there
`is provided a method for populating a database of biometric
`signatures in a system for providing secure access to a con(cid:173)
`trolled item, the system comprising said database of biomet(cid:173)
`ric signatures, a transmitter subsystem comprising a biomet(cid:173)
`ric sensor for receiving a biometric signal, and means for
`emitting a secure access signal, and a receiver sub-system
`comprising means for receiving the transmitted secure access
`signal, and means for providing conditional access to the
`controlled item dependent upon information in said secure 35
`access signal, said method comprising the steps of:
`receiving a series of entries of the biometric signal;
`determining at least one of the number of said entries and a
`duration of each said entry;
`mapping said series into an instruction; and
`populating the database according to the instruction.
`According to another aspect of the present invention, there
`is provided a method for transmitting a secure access signal in
`a system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a 45
`receiver sub-system comprising means for receiving the
`secure access signal transmitted by a transmitter sub-system,
`and means for providing conditional access to the controlled
`item dependent upon information conveyed in the secure
`access signal, said method comprising the steps of:
`receiving a biometric sensor by biometric signal;
`matching the biometric signal against members of the data(cid:173)
`base of biometric signatures to thereby output an accessibility
`attribute; and
`emitting the secure access signal conveying said informa- 55
`tion dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted Bluetooth™ protocol, and a WiFi™ protocol.
`According to another aspect of the present invention, there
`is provided a method for receiving a secure access signal in a 60
`system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a
`transmitter subsystem comprising a biometric sensor for
`receiving a biometric signal, means for matching the biomet-
`ric signal against members of the database of biometric sig- 65
`natures to thereby output an accessibility attribute, and means
`for emitting a secure access signal conveying information
`
`4
`dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted Bluetooth™ protocol, and a WiFi™ protocol,
`said method comprising the steps of:
`receiving the transmitted secure access signal; and
`providing conditional access to the controlled item depen(cid:173)
`dent upon said information.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`10 readable medium having a computer program recorded
`therein for directing a processor to provide secure access to a
`controlled item, said computer program product comprising:
`code for receiving a biometric signal;
`code for matching the biometric signal against members of
`a database ofbiometric signatures to thereby output an acces(cid:173)
`sibility attribute;
`code for emitting a secure access signal conveying infor(cid:173)
`mation dependent upon said accessibility attribute, wherein
`20 the secure access signal comprises one of at least a rolling
`code, an encrypted Bluetooth™ protocol, and a WiFi™ pro(cid:173)
`tocol; and
`code for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to populate a database of
`biometric signatures in a system for providing secure access
`30 to a controlled item, said computer program product compris-
`ing:
`code for receiving a series of entries of the biometric sig(cid:173)
`nal;
`code for determining at least one of the number of said
`entries and a duration of each said entry;
`code for mapping said series into an instruction; and
`code for populating the database according to the instruc(cid:173)
`tion.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to transmit a secure access
`signal in a system for providing secure access to a controlled
`item, said computer program product comprising:
`code for receiving a biometric sensor by biometric signal;
`code for matching the biometric signal against members of
`the database of biometric signatures to thereby output an
`accessibility attribute; and
`code for emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted Bluetooth™ protocol, and a
`WiFi™ protocol.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to receive a secure access
`signal in a system for providing secure access to a controlled
`item, said computer program product comprising:
`code for receiving the transmitted secure access signal; and
`code for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a system for providing secure access, the system
`comprising:
`a biometric sensor for authenticating the identity of a user;
`
`40
`
`50
`
`ASSA ABLOY Ex. 1007 - Page 14
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`US 9,269,208 B2
`
`5
`a transmitter for transmitting information using a secure
`wireless signal dependent upon a request from the user and
`the authentication of the user identity; and
`a control panel for receiving the information and for pro(cid:173)
`viding the secure access requested.
`Other aspects of the invention are also disclosed.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Some aspects of the prior art and one or more embodiments
`of the present invention are described with reference to the
`drawings, in which:
`FIG. 1 shows a prior art arrangement for providing secure
`access;
`FIG. 2 is a functional block diagram of an arrangement for
`providing secure access according to the present disclosure;
`FIG. 3 shows an example of a method of operation of the
`remote control module of FIG. 2;
`FIG. 4 shows an example of a method of operation of the
`(fixed) control device of FIG. 2;
`FIG. 5 shows incorporation of a protocol converter into the
`arrangement of FIG. 2; and
`FIG. 6 shows another example of how the remote access
`system operates;
`FIG. 7 shows an access process relating to the example of 25
`FIG. 6;
`FIG. 8 shows one enrolment process relating to the
`example of FIG. 6;
`FIG. 9 shows another enrolment process relating to the
`example of FIG. 6; and
`FIG.10 is a schematic block diagram of the system in FIG.
`
`20
`
`6
`transmitter 107 checks, as depicted by an arrow 112, the
`current rolling code in a database 113. The controller 107 then
`updates the code and sends the updated code, this being
`referred to as an access signal, as depicted by an arrow 108 to
`5 a controller 109. The rolling code protocol offers non-replay
`encrypted communication.
`The controller 109 tests the rolling code received in the
`access signal 108 against the most recent rolling code which
`has been stored in a database 115, this testing being depicted
`10 by an arrow 114. If the incoming rolling code forming the
`access signal 108 is found to be legitimate, then the controller
`109 sends a command, as depicted by an arrow 110, to a
`controlled item 111. The controlled item 111 can be a door
`locking mechanism on a secure door, or an electronic key
`15 circuit in a personal computer (PC) that is to be accessed by
`the user 101. It is noted that the controller 109 contains a
`receiver 118 that receives the transmitted access signal 108
`and converts it into a form that is provided, as depicted by an
`arrow 120, into a form that the controller 109 can use.
`The code entry module 103 also incorporates at least one
`mechanism for providing feedback to the user 101. This
`mechanism can, for example, take the form or one or more
`Light Emitting Diodes (LEDs) 122 which can provide visual
`feedback, depicted by an arrow 123 to the user 101. Alter(cid:173)
`nately or in addition the mechanism can take the form of an
`audio signal provided by an audio transducer 124 providing
`audio feedback 125.
`The arrangement in FIG. 2 has been described for the case
`in which the secure code in the access signal 108 used
`30 between the sub-systems 116 and 117 is based upon the
`rolling code. It is noted that this is merely one arrangement,
`and other secure codes can equally be used. Thus, for
`example, either of the Bluetooth™ protocol, or the Wi Fi™
`protocols can be used.
`Rolling codes provide a substantially non-replayable non-
`repeatable and encrypted radio frequency data communica(cid:173)
`tions scheme for secure messaging. These codes use inher(cid:173)
`ently secure protocols and serial number ciphering
`techniques which in the present disclosure hide the clear text
`40 values required for authentication between the key fob (trans(cid:173)
`mitter) sub-system 116 and the receiver/controller 118/109.
`Rolling codes use a different code variant each time the
`transmission of the access signal 108 occurs. This is achieved
`by encrypting the data from the controller 107 with a math-
`45 ematical algorithm, and ensuring that successive transmis(cid:173)
`sions of the access signal 108 are modified using a code
`and/or a look-up table known to both the transmitter sub(cid:173)
`system 116 and the receiver sub-system 117. Using this
`approach successive transmissions are modified, resulting in
`50 a non-repeatable data transfer, even if the information from
`the controller 107 remains the same. The modification of the
`code in the access signal 108 for each transmission signifi(cid:173)
`cantly reduces the likelihood that an intruder can access the
`information replay the information to thereby gain entry at
`some later time.
`The sub-system in FIG. 2 falling to the left hand side, as
`depicted by an arrow 116, of a dashed line 119 can be imple(cid:173)
`mented in a number of different forms. The sub-system 116
`can for example be incorporated into a remote fob (which is a
`small portable device carried by the user 101), or alternately
`can be mounted in a protected enclosure on the outside jamb
`of a secured door. The sub-system 116 communicates with
`the sub-system 117 on the right hand side of the dashed line
`119 via the wireless communication chamiel used by the
`access signal 108. The sub-system 117 is typically located in
`an inaccessible area such as a hidden roof space or alternately
`in a suitable protected area such as an armoured cupboard.
`
`2.
`
`DETAILED DESCRIPTION INCLUDING BEST
`MODE
`
`35
`
`It is to be noted that the discussions contained in the "Back(cid:173)
`ground" section relating to prior art arrangements relate to
`discussions of documents or devices which form public
`knowledge through their respective publication and/or use.
`Such should not be interpreted as a representation by the
`present inventor( s) or patent applicant that such documents or
`devices in any way form part of the common general knowl(cid:173)
`edge in the art.
`Where reference is made in any one or more of the accom(cid:173)
`panying drawings to steps and/or features, which have the
`same reference numerals, those steps and/or features have for
`the purposes of this description the same function(s) or opera(cid:173)
`tion(s), unless the contrary intention appears.
`FIG. 2 is a functional block diagram of an arrangement for
`providing secure access according to the present disclosure. A
`user 101 makes a request, as depicted by an arrow 102, to a
`code entry module 103. The code entry module 103 includes
`a biometric sensor 121 and the request 102 takes a form which
`corresponds to the nature of the sensor 121 in the module 103. 55
`Thus, for example, if the biometric sensor 121 in the code
`entry module 103 is a fingerprint sensor, then the request 102
`typically takes the form of a thumb press on a sensor panel
`(not shown) on the code entry module 103.
`The code entry module 103 interrogates, as depicted by an 60
`arrow 104, a user identity database 105. Thus for example if
`the request 102 is the thumb press on the biometric sensor
`panel 121 then the user database 105 contains biometric sig(cid:173)
`natures for authorised users against which the request 102 can
`be authenticated. If the identity of the user 101 is authenti- 65
`cated successfully, then the code entry module 103 sends a
`signal 106 to a controller/transmitter 107. The controller/
`
`ASSA ABLOY Ex. 1007 - Page 15
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01045 - U.S. Patent No. 9,269,208
`
`

`

`US 9,269,208 B2
`
`7
`The location of the sub-system 117 must of course be consis(cid:173)
`tent with reliable reception of the wireless access signal 108.
`Although typically the communication channel uses a
`wireless transmission medium, there are instances where the
`channel used by the access signal 108 can use a wired 5
`medium. This is particularly the case when the transmitter
`sub-system 116 is mounted in an enclosure on the door jamb
`rather than in a portable key fob.
`The biometric signature database 105 is shown in FIG. 2 to
`be part of the transmitter sub-system 116. However, in an 10
`alternate arrangement, the biometric signature database 105
`can be located in the receiver sub-system 117, in which case
`the communication 104 between the code entry module 103
`and the signature database 105 can also be performed over a
`secure wireless communication channel such as the one used 15
`by the access signal 108. In the event that the secure access
`system is being applied to providing secure access to a PC,
`then the secured PC can store the biometric signature of the
`authorised user in internal memory, and the PC can be inte(cid:173)
`grated into the receiver sub-system 117 of FIG. 1.
`In the event that the sub-system 116 is implemented as a
`remote fob, the combination of the biometric verification and
`the strongly encrypted wireless communication provides a
`particularly significant advantage over current systems. The
`remote key fob arrangement allows easy installation, since 25
`the wired communication path 404 (see FIG. 1) is avoided.
`Other existing wiring elements of the present systems 400 can
`be used where appropriate. When the sub-system 116 is
`implemented as a remote fob, the fob incorporates the bio(cid:173)
`metric (eg fingerprint) authentication arrangement, in which 30
`case only one biometric signature is stored in the fob. This
`arrangement reduces the requirements on the central database
`115. Once the key fob authenticates the user through biomet-
`ric signature ( eg fingerprint) verification, the rolling code in
`the access signal 108 is transmitted to the controller 109 for 35
`authorisation of the user for that location at that time.
`In addition to authenticating the user 101 th