(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2002/0180582 A1
`(43) Pub. Date:
`Dec. 5, 2002
`Nielsen
`
`US 20020180582A1
`
`(54) ELECTRONIC KEY DEVICE A SYSTEM AND
`A METHOD OF MANAGING ELECTRONIC
`KEY INFORMATION
`
`(76) Inventor: Ernst Lykke Nielsen, Koge (DK)
`
`Correspondence Address:
`JACOBSON HOLMAN PLLC
`400 SEVENTH STREET N.W.
`SUITE 600
`WASHINGTON, DC 20004 (US)
`
`(21) Appl. No.:
`
`10/129,963
`
`(22) PCT Filed:
`
`Nov. 30, 2000
`
`(86) PCT No.:
`
`PCT/DK00/00655
`
`(30)
`
`Foreign Application Priority Data
`
`Nov. 30, 1999 (DK) .............................. .. PA 1999 01714
`
`Publication Classi?cation
`
`.... .. H04Q 1/00
`(51) Int. Cl? .
`(52) US. Cl. ............................................................. ..340/5.6
`
`(57)
`
`ABSTRACT
`
`An ef?cient method and a system for controlling access to a
`location secured by a lock mechanism controlled by a lock
`control unit, Which may provide a high degree of ?exibility
`and a high level of security; the method comprises the steps
`of storing a ?rst access code in the lock control unit, the ?rst
`access code being indicative of a predetermined access right
`to the location; storing a second access code in a second
`storage means; using an electronic key device for requesting
`access to the location by initiating transmitting the access
`code from the second storage means to the lock control unit;
`comparing the transmitted second access code With the ?rst
`access code; and if the ?rst access code corresponds to the
`second access code, initiating operating the lock mecha
`nism; the invention further relates to a method of managing
`a predetermined access right to a location.
`
`21 1
`access code
`management /
`system
`
`225
`‘
`t.
`communica ion
`
`C]
`
`/
`226
`O O O
`o o o
`o O O
`223 \ O O 0
`
`222
`‘ \
`
`CPU
`
`221 \
`\
`
`227 \
`\ receiver
`
`209
`....|||||l|||||||IH.
`
`communications
`network
`
`241
`
`204
`
`202
`
`203
`
`Memory
`
`/ 224
`lock control
`interface
`
`Lock
`mechanism
`231 /
`
`201
`
`Page 1 of 27
`
`SPECTRUM EX. 1002
`Spectrum Brands v. Assa Abloy
`US Patent No. 7,706,778
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 1 0f 12
`
`US 2002/0180582 A1
`
`newspaper
`company
`
`Fig. 1a
`
`lock at
`subscriber's
`residence
`
`access
`right
`grantee
`
`Page 2 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 2 0f 12
`
`US 2002/0180582 A1
`
`209
`
`uln mm
`H e
`ll 2 .m .l
`
`I. 2 m 9
`mm F
`
`e
`
`2 n n a .m
`
`6 5 % 4 MM.
`
`7. / t .l
`
`H m. / .m
`
`m m 2 .mo
`
`ll: m m
`H 2 H mm
`
`H. 2 / mm
`
`III
`
`m 2 mm m m \ \
`a U
`2 mi ‘ \ \
`\ 2 m 2 w
`
`H\ me 2 mn DI e
`
`v U .mc mu \C a
`a I % m" u m
`
`ca am
`
`eay
`CnS
`86W 898
`
`
`@w c 1
`0mm 4 C 2
`
`t m
`
`1 I 2 2
`
`. mn
`
`a/ / 6 2
`\ 2 3 I
`
`33 kt
`» M2 / \ mm
`0000 0 e ma
`0000 m/ 0000 M 6%
`W 0000 m /..uc
`
`Wu]
`0000 0 Zoe
`
`Lock
`/ mechanism
`
`1 3 2
`
`Fig. 2b
`
`Page 3 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 3 0f 12
`
`US 2002/0180582 A1
`
`access code
`management
`
`system
`\ 211
`
`225
`
`.
`
`.
`
`communication
`unit
`
`communications
`network
`
`222 \
`\ CPU
`221 \\
`I
`lock control
`/ interface
`224
`
`Look
`mechanism
`
`/
`Fig. 2c
`
`226 \
`‘X
`
`0 O O
`o o o
`0 o o
`o 0
`
`Memory
`/
`7
`223
`
`/412
`/411
`/410
`validity daily access Number of
`period
`perlods
`.
`entries
`
`.
`
`.
`
`allowed
`
`/413
`report
`attrlbutes
`
`.
`
`401 \
`
`402 \
`
`403 \
`
`.
`
`
`
`
`
`ZBZ“"'~~~~~-~ "MM . .
`
`“
`
`
`
`406 \ Access
`
`Access Lock control Key device Adminrstrator Type of access
`code ID
`unit ID
`ID
`ID
`rights
`
`code
`attributes
`
`
`
`___________________ "M access access
`
`
`
`
`
`\ 405 77.;
`
`right
`
`conditions
`
`'
`
`' '
`
`\ 407
`
`\ 40a
`
`\ 409
`
`Page 4 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 4 0f 12
`
`US 2002/0180582 A1
`
`351
`/
`
`352
`/
`
`353
`/
`
`administrator
`
`access right owner
`
`access right grantee
`
`/383
`
`generate access ‘
`Codes
`_
`
`/ 384
`
`store access right
`data
`
`v / 385
`transfer access
`code to lock control
`unit
`
`v / 386
`
`tr
`f
`8
`codants ekr asses.
`e o ey evlce
`
`/ 389
`'09 396685 daia and 4
`deliver services
`
`(
`
`Start
`
`)
`
`V /
`define access rights
`
`v /382
`authorise
`.
`.
`.
`administration of
`access codes
`
`/ 390
`
`~ receive services
`
`Fig. 3
`
`/ 387
`
`receive access
`7 code on key
`device
`
`‘y
`/ 388
`access location
`
`Page 5 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 5 0f 12
`
`US 2002/0180582 A1
`
`won I\
`
`
`
`mhp .OZ x004
`
`vom |\ Now .\
`
`mom
`
`>
`
`vom|\ Now \
`
`
`
`Pom ‘\ wt‘ .02 x004
`
`\
`
`mom 1/
`
`
`
`mom ll/
`
`mom _
`,/
`
`/
`
`gm .9“.
`
`womli/ _ /
`U U
`gm mtm/é/ H 8m
`
`mm .9“.
`
`/ z '
`
`Page 6 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 6 0f 12
`
`US 2002/0180582 A1
`
`601 /
`
`key device
`
`694
`
`enter access
`codes
`
`/ e95
`
`621
`
`lock control unit
`
`697
`
`enter access
`codes
`
`/ 698
`
`V
`
`enter access codes
`
`enter access codes
`
`696
`/
`store access codes
`
`V
`
`@
`687 /
`( access control )
`
`/ 688
`V
`transfer access code
`to object
`
`l
`
`/699
`
`store access codes
`
`V
`stop )
`
`(
`
`/ 689
`verify access
`code
`
`operate lock
`J
`v store log data
`I
`
`691
`
`/ 692
`store log data 4
`
`ci-Q
`
`Fig. 6a
`
`Page 7 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 7 0f 12
`
`US 2002/0180582 A1
`
`601
`/
`
`.
`
`key devlce
`
`61 1
`/
`
`621
`/
`
`n
`management system
`
`access code
`
`lock control unlt
`
`.
`
`/ 683
`
`receive and store
`access code
`
`‘
`‘
`
`r___.__.___p
`
`681
`
`access code
`transfer
`
`/ 682
`
`transfer access code
`to lock control unit
`/ 684
`transfer access code
`to key devlce
`
`_
`
`.
`
`687
`
`access control
`
`/ 688
`transfer access code
`to object
`
`/ 685
`receive and store
`access code
`
`@
`
`/ 689
`verify access
`code
`
`operate lock
`1,
`-> send log data
`#1
`
`693
`
`1 679
`store log data 4
`
`@
`
`Fig. 6b
`
`Page 8 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 8 0f 12
`
`US 2002/0180582 A1
`
`601
`/
`
`key device
`
`611
`/
`access code
`management system
`
`621
`/
`
`lock control unit
`
`/ 671
`
`/ 672
`
`contact access code
`management system
`
`——1> identify user device
`
`/ 674
`
`select access code
`
`l / 673
`display available
`access codes
`
`/ 675
`
`/ 676
`
`/ 677
`
`activate access code
`
`/ 688
`transfer access code 4
`to lock control unit
`‘
`I
`
`contact lock control
`unit
`
`contact key
`device
`
`/ 689
`verify access
`code
`
`v
`
`N0
`
`Yes
`+ / 690
`
`operate lock
`it
`-> send log data
`‘I
`
`693
`
`/ 679
`store log data 1
`
`Fig. 6c
`
`Page 9 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 9 0f 12
`
`US 2002/0180582 A1
`
`management
`system
`
`Fig. 7a
`
`721
`
`access code
`
`711
`
`access code
`management
`
`key device
`
`721
`
`lock
`control
`unit
`
`management
`system
`
`
`
`apoo 859908
`
`control
`unit
`
`721
`
`Fig. 7c
`
`Page 10 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 10 0f 12
`
`US 2002/0180582 A1
`
`lock
`control
`
`721
`
`key device
`
`lock
`control
`
`721
`
`
`
`access code
`
`access code
`management
`system
`
`Fig. 7e
`
`Page 11 of 27
`
`

`
`Patent Application Publication
`
`Dec. 5, 2002 Sheet 11 of 12
`
`US 2002/0180582 A1
`
`NB
`
`‘.22.2
`
`mnoowmmoom
`
`muoummmoom
`
`:o:moc:m>
`
`m_3uoE
`
`wuoommmoow
`
`cozqmom.
`
`m_:uoE
`
`Em\
`
`
`
`_o:cooxoo_
`
`m_:_uoE
`
`m__.fioE3
`
`Em
`
`:55
`
`m_:_uoE
`
`muoommmoom
`
`/Em
`-7———.—__.......—........-—...--.—--....-_—-—— ———.-——............................II
`
`_‘mm
`
`am
`
`3.9”.
`
`IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIJ
`
`IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIL
`
`mnoommmoom
`
`_m>mEm.
`
`m_:UoE
`
`muoommmoom
`
`co_mm_Em:m.:
`
`0U00mmwoom
`
`.9m_mm.
`
`E
`
`Em
`
`mg
`
`muoommwoom
`
`Sn_c_
`
`Em
`
`m_:_uoEoo_
`
`..--.--....-----..--....-------...-..--..-..-..——---.---.-..---..---...--------...---
`
`Page 12 of 27
`
`Page 12 of 27
`
`
`
`
`
`
`
`
`
`

`
`Dec. 5, 2002 Sheet 12 of 12
`Patent Application Publication
`.-_-__--__-_-__--_—-------------_-------_-_-_--____-----_--__---_
`
`US 2002/0180582 A1
`
`NB
`
`Kw
`
`._%_m2
`
`mvoommmoom
`
`muoummooom
`
`vmo_§>ou
`
`o_:voE
`
`muoummmoom
`
`:o=mo__Em>
`
`m_:uoE
`
`muoommmoom.
`
`cozqmoo.
`
`m_:uoE
`
`/Em
`
`
`
`_8Eooxoo_
`
`m_:uoE
`
`m_:uoE3
`
`-n-— —-——--—---——-_---—---------—-_-_-- -ou------——u——--u—-_-
`
`Sm
`
`J
`
`:-pg-----——-_-———————----nu--an--- -o----_--_-_-______——_--
`II
`II
`
`ouoommooom
`
`§m_m9
`
`muoommmoom
`
`_m>m_._.m:
`
`m_:uoE
`
`ouoommmoom
`
`:o_mm_Em:m._.
`
`m_:voE
`
`Emwaves
`
`32950U
`
`-___-— —u-_——n——-——----———--—_______—_——--———u——-------- ------J
`
`---n-¢..._.m—....—..-..-.._......-.m_........_.._._..-..—....—-...-
`
`-
`
`IIIIIIIIIIIIIIIIIIIIIIII
`
`IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
`
`7 5W
`
`.................--
`
`muoommmoom
`
`co_mm_Emcm:
`
`o5uoE
`
`N5
`
`muoommmoom
`
`:o=m._mcmm
`
`o_:uoE
`
`I-u----_-¢---__------
`
`Em
`
`muoommooom
`
`EmEmumcmE
`
`o_:uoE
`
`3502momtmE_
`
`mE2mm
`
`mmmnflmuD
`
`Em
`
`———_..-_-—---—-——--------___-_____J
`
`Page 13 of 27
`
`
`
`ulllllllllllIIIIIIIIIIIIIIIIIIIIIIIIllllllllll
`
`toma
`
`
`
`m_:uoEmo._w:o_._uum
`
`
`
`m_:uoEmo_Emm
`
`Page 13 of 27
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`

`
`US 2002/0180582 A1
`
`Dec. 5, 2002
`
`ELECTRONIC KEY DEVICE A SYSTEM AND A
`METHOD OF MANAGING ELECTRONIC KEY
`INFORMATION
`
`0014
`t
`g ? t
`d
`th ? t
`t
`g
`e rs sora e
`sorin a rs access co e in
`means, the ?rst access code being indicative of a
`predetermined access right to the location;
`
`[0001] The invention relates to a method of controlling
`access to a location, Where access to the location is restricted
`by a lock mechanism. Further the invention relates to an
`access control system Which alloWs suppliers of goods or
`services to access a location, Which Would otherWise prevent
`delivery of the goods or the services. Further the invention
`relates to an electronic key device, a lock control unit and a
`computer system for use in such a system, a storage module
`for use in such an electronic key device, and a method of
`managing a predetermined access right to a location.
`
`[0002] Particularly in blocks of ?ats or companies it is
`common that a number of outer or front doors or interme
`diate doors must be passed before getting to a point of
`service, such as an apartment door, a mailbox, a service
`station or a meter for appliances, an area to be cleaned, etc.
`For example in case of delivery of neWspapers, the delivery
`man often has to gain access to a stairWay in order to be able
`to deliver the neWspapers at the locked private doors or put
`them into the letter boxes. It frequently causes great dif?
`culties to the delivery men to ?nd the correct keys in a large
`bundle of keys, and the locks are frequently exchanged
`Without the delivery company being informed of this. For
`reasons of security it is also more and more common to lock
`doors or gates to backyards, residential areas or company
`properties, Where for example refuse containers may be
`placed, so that the refuse collection ?rms have a problem
`quite similar to the ?rms Which deliver neWspapers. It Will
`be appreciated that similar problems are faced by:
`[0003] postmen
`[0004] cleaning companies
`[0005] emergency physicians
`[0006] home help and other care Workers
`[0007] policemen
`[0008] ?remen
`[0009] artisans
`[0010] caretakers/superintendents
`[0011] and others.
`[0012] Some of the above service providers require access
`on a daily basis, such as postmen, some may require access
`at certain time periods, such as on certain Weekdays or at
`certain times of the day, for example a neWspaper delivery
`man may require access betWeen 6 am. and 9 am. Further
`more, different services/deliveries may require different
`access rights, for example ?remen, security companies or
`police may require access to all facilities, While a mailman
`only requires access to a mailbox.
`[0013] International patent application WO 93/14571 dis
`closes a secure entry system utilising a cellular telephone as
`an electronic key device. In this prior art system a user
`operates the cellular telephone to transmit RF signals to a
`lock, alloWing a user to operate the buttons on the telephone
`as he Would buttons on a key card to gain access to the
`secured area. The lock checks Whether the user identi?ed by
`the button operations is on a list of authorised users main
`tained in the lock memory.
`
`[0015] storing a second access code in a second
`storage means;
`
`[0016] using an electronic key device for requesting
`access to the location by initiating transmitting the
`second access code from the second storage means to
`the lock control unit;
`
`[0017] comparing the transmitted second access code
`With the ?rst access code stored in the ?rst storage
`means; and
`
`[0018] if the ?rst access code corresponds to the
`second access code, initiating operating the lock
`mechanism.
`
`[0019] Consequently, it is an advantage of the invention
`that a plurality of different access codes to different build
`ings may be stored and related to one or more electronic key
`devices, providing a ?exible Way of customising an access
`right pro?le for each electronic key device.
`[0020] It is another advantage of the invention that each
`lock control unit may be provided With a speci?c set of valid
`access codes for that particular lock control unit. Therefore,
`a high degree of advanced functionality may be imple
`mented by the method according to the invention, such as
`different security levels for a given building, self-destructive
`access codes, conditioned access codes, access codes for
`limited periods of times, etc.
`
`[0021] It is a further advantage of the invention that the
`access right pro?le of individual electronic key devices and
`lock control units may be changed on short notice or in
`regular or random time intervals in order to increase the
`security of the access control.
`
`[0022] Hence, it is a problem of the above prior art system
`that it requires a manual entering of some sort of user
`identi?cation code alloWing the lock to check Whether the
`identi?ed user is on the list of authorised users. HoWever, a
`manual entering of such a code is a lengthy process, in
`particular if the code is suf?ciently long in order to provide
`suf?cient security. The entering of the code requires some
`time and, in particular, in case of erroneous entering of a
`code, access may be denied requiring a repetition of the
`manual entering.
`
`[0023] Thus an object of the invention is to provide an
`ef?cient method and a system for controlling access to a
`location secured by a lock mechanism controlled by a lock
`control unit, Which may provide a high degree of ?exibility
`and a high level of security.
`
`[0024] This is achieved When a method of controlling
`access to a location secured by a lock mechanism controlled
`by a lock control unit including ?rst storage means com
`prising the steps of
`
`0025
`t
`g ? t
`d
`th ? t
`t
`g
`e rs sora e
`sorin a rs access co e in
`means, the ?rst access code being indicative of a
`predetermined access right to the location;
`
`[0026] storing a second access code in a second
`storage means of an electronic key device;
`
`Page 14 of 27
`
`

`
`US 2002/0180582 A1
`
`Dec. 5, 2002
`
`[0027] using the electronic key device for requesting
`access to the location by transmitting the second
`access code from the electronic key device to the
`lock control unit;
`
`[0028] comparing the transmitted second access code
`With the ?rst access code stored in the ?rst storage
`means; and
`
`[0029] if the ?rst access code corresponds to the
`second access code, initiating operating the lock
`mechanism is characterised in that
`
`[0030] the method further comprises the step of stor
`ing a plurality of access codes for a plurality of
`respective locations in the second storage means,
`enabling a user to initiate transmitting a selected one
`of the stored access codes to the lock control unit.
`
`[0031] Consequently, it is an advantage of the invention
`that a plurality of different access codes to different build
`ings may be stored and related to one or more electronic key
`devices, providing a ?exible Way of customising an access
`right pro?le for each electronic key device.
`[0032] It is another advantage of the invention that each
`lock control unit may be provided With a speci?c set of valid
`access codes for that particular lock control unit. Therefore,
`a high degree of advanced functionality may be imple
`mented by the method according to the invention, such as
`different security levels for a given building, self-destructive
`access codes, conditioned access codes, access codes for
`limited periods of times, etc.
`
`[0033] It is a further advantage of the invention that the
`access right pro?le of individual electronic key devices and
`lock control units may be changed on short notice or in
`regular or random time intervals in order to increase the
`security of the access control.
`
`[0034] A location according to the invention may be a
`physical location, such as a building, an area, or some other
`residential, industrial, commercial or of?ce facility, Where
`access to the location is controlled by a lock mechanism,
`such as a physical lock at a door, a WindoW, a gate or the like.
`Access to the location may be controlled at a single point of
`entry or at a plurality of access points. Furthermore, a
`location may also be a part of a building, area, etc., and,
`according to the invention, access to different parts of a
`location may be controlled individually, such as at an outer
`gate, a front door, Within an elevator granting access at all or
`selected ?oors, at doors to individual apartments, of?ces,
`sections, rooms, storage facilities, such as draWers, safes,
`etc. The location may be stationary, such as a building, or
`mobile such as a vehicle, a container, a ship, or the like.
`
`[0035] Furthermore, the location may also be an installa
`tion, such as a control unit of industrial facility, an electric
`meter, a computer system or the like, Where access to the
`location is controlled by a lock mechanism, such as a
`physical lock at a control box, or an electronic lock, such as
`a hardWare lock of a computer. The term access to a location
`may also comprise user access to a computer or computer
`program Where access is controlled by a softWare lock
`mechanism restricting access to a softWare application, to
`stored data, communications facilities, or the like.
`
`[0036] An access right according to the invention may be
`the right to interact With a location. Examples of access
`
`rights include the right to enter a building, an area, a facility,
`etc., the right to operate a machine, a device, a vehicle, a
`computer, etc., the right to open or close a door, a WindoW,
`a container, a box, etc., and the right to receive or deliver
`goods, data information, etc., as long as the access right can
`be controlled by a lock mechanism.
`
`[0037] An access right may have certain attributes speci
`fying properties of the access right. Examples of such
`properties include one or more validity periods, a security
`level, an identi?cation of related lock control units and/or
`electronic key devices, a passWord, a number of times the
`access right is valid, or any other attribute specifying a
`property of the access right.
`
`[0038] When the electronic key device is a mobile com
`munications device, the method may be implemented With
`standard devices, Which may be used for regular communi
`cations purposes.
`[0039] When the electronic key device comprises the
`second storage means, the transmission of the second access
`code to the lock control unit may be based upon a short
`range, fast communications channel.
`
`[0040] Consequently, in a preferred embodiment the
`method further comprises the step of transmitting the second
`access code from the electronic key device to the lock
`control unit. It is an advantage of this embodiment that the
`direct communication is fast and does not need to involve an
`additional communications netWork provider.
`
`[0041] When the step of transmitting the second access
`code from the second storage means to the lock control unit
`comprises the step of transmitting the access code via
`Wireless data communication, a fast and convenient inter
`face betWeen the electronic key device and the lock control
`unit may be provided Without the need of physical contact.
`
`[0042] In a preferred embodiment of the invention the
`Wireless data communication utilises infrared data commu
`nication. It is an advantage of this embodiment that the
`communication may be based upon reliable standard com
`ponents Which are available as part of many devices, such as
`mobile phones, personal digital assistants, or the like.
`
`[0043] When the second storage means is a removable
`storage module adapted to be removably inserted into the
`electronic key device, a standard device may be easily
`adapted for the use according to the invention and access
`codes may be transferred to the electronic key device by
`insertion of a suitable storage module.
`
`[0044] When the method further comprises the step of
`transmitting, via a communications netWork, at least one
`access code from an access code management system to a
`selected one of the electronic key device and the lock control
`unit, access codes may be generated and maintained at a
`central computer system and transmitted to the electronic
`key device or the lock control unit. It is an advantage of the
`invention that an access code may be transmitted to a
`plurality of electronic key devices and lock control units
`substantially simultaneously. Hence, a synchronisation
`betWeen lock control units and electronic key devices may
`be ensured at all times.
`
`[0045] When the method further comprises the steps of
`sending a request from the electronic key device to an access
`code management system comprising the second storage
`
`Page 15 of 27
`
`

`
`US 2002/0180582 A1
`
`Dec. 5, 2002
`
`means; and transmitting the second access code from the
`access code management system to a selected one of the
`electronic key device and the lock control unit, the access
`codes do not need to be stored in the electronic key device
`and storage space in the electronic key device may be saved.
`It is another advantage of the invention that the use of access
`codes may be supervised and tracked by a central access
`code management system.
`[0046] When the method further comprises the step of
`storing a plurality of access codes for a plurality of respec
`tive locations in the second storage means, one electronic
`key device may be used for a plurality of locations Without
`reducing the level of security.
`[0047] When the method further comprises the step of
`storing a plurality of valid access codes corresponding to a
`plurality of respective access rights in the ?rst storage
`means, different types of access rights may be provided via
`the same lock control unit. This may include different
`security levels or different types of interaction or access at
`the location.
`
`[0048] When the method further comprises the step of
`storing in a third storage means information about attempts
`to access the location, a high degree of visibility about the
`use of the access codes may be provided as Well as the basis
`for additional services.
`
`[0049] When the access right comprises a ?rst attribute
`specifying a property of the predetermined access right, and
`Wherein the ?rst access code comprises information about
`the ?rst attribute, access codes With additional functionality,
`such as self-destructive access codes, etc., may be generated.
`
`[0050] In a preferred embodiment of the invention the
`predetermined access right has a validity period and the ?rst
`access code comprises information about the validity period.
`[0051] When the method further comprises the step of
`invalidating the ?rst access code, an access code may be
`replaced by a neW access code, for eXample in cases of
`misuse or loss of an electronic key device.
`
`[0052] As mentioned above the invention further relates to
`an access control system for controlling access to a location
`being secured by a lock mechanism, the access control
`system comprising
`[0053] an electronic key device including ?rst trans
`mitting means adapted to transmit a ?rst control
`signal indicative of a request for granting a prede
`termined access right; and
`
`[0054] a lock control unit including ?rst receiving
`means adapted to receive said ?rst control signal
`from the electronic key device, ?rst processing
`means adapted to perform a veri?cation of the
`received request, and control means adapted to ini
`tiate operating the lock mechanism depending on the
`result of the veri?cation;
`[0055]
`the system being characterised in that
`[0056] the electronic key device further comprises
`?rst storage means adapted to store a plurality of
`access codes identifying a plurality of predetermined
`access rights, enabling a user to initiate transmitting
`a selected one of the stored access codes to the lock
`control unit.
`
`[0057] As the above system and its preferred embodiments
`correspond to the method and its preferred embodiments
`described above and in the folloWing, and since it comprises
`corresponding advantages, not all of these advantages Will
`be described again.
`[0058] When the electronic key device further comprises
`?rst input means for receiving data items identifying pre
`determined access rights, a plurality of access codes for a
`plurality of locations or access rights may be input, edited,
`rearranged, or the like.
`[0059] When the electronic key device further comprises
`second input means for receiving data items input by a user,
`the data items identifying predetermined access rights,
`access codes may be input by the user.
`[0060] When the electronic key device further comprises
`third input means adapted to receive input from a user
`indicating a selection of a ?rst one of the plurality of access
`rights stored in the ?rst storage means; and display means
`for displaying information about at least one of the plurality
`of access rights stored in the ?rst storage means, a user
`interface is provided to the user for selecting a desired access
`right from a plurality of stored access rights.
`
`[0061] When the data items stored in the ?rst storage
`means comprise access codes for predetermined access
`rights, the lock control unit may compare received access
`codes With a plurality of stored access codes.
`
`[0062] Consequently, in a preferred embodiment of the
`invention a selected one of the ?rst and second control
`signals comprises a ?rst access code for the requested access
`right.
`[0063] In a further preferred embodiment of the invention
`the lock control unit further comprises second storage means
`adapted to store a plurality of data items corresponding to a
`plurality of access codes for respective predetermined access
`rights; and Wherein the ?rst processing means is adapted,
`upon receipt of the ?rst control signal, to compare the ?rst
`access code received via the ?rst control signal With at least
`one of the plurality of access codes stored in the second
`storage means.
`
`[0064] It is an advantage of the invention that it provides
`a high level of security.
`
`[0065] In yet another preferred embodiment of the inven
`tion the electronic key device is a portable communications
`device.
`
`[0066] When the ?rst receiving means is adapted to
`receive the ?rst control signal, the ?rst control signal indica
`tive of the request for granting the requested access right
`may be transmitted directly from the electronic key device
`to the lock control unit.
`
`[0067] In yet another preferred embodiment of the inven
`tion the ?rst control signal is a Wireless data communica
`tions signal.
`[0068] In yet another preferred embodiment of the inven
`tion the ?rst transmitting means is an infrared communica
`tions port.
`
`[0069] When the lock control unit further comprises fourth
`input means for receiving data items corresponding to access
`codes granting predetermined access rights, access codes
`
`Page 16 of 27
`
`

`
`US 2002/0180582 A1
`
`Dec. 5, 2002
`
`and other related data corresponding to a plurality of access
`rights, such as different security levels, time constraints, etc.
`may be stored and easily changed in the lock control unit.
`
`[0070] When the lock control unit further comprises ?fth
`input means for receiving data items input by a user, the data
`items corresponding to access codes granting predetermined
`access rights, an authorised user may input, edit, or delete
`access codes stored in the lock control unit, possibly after
`providing a passWord or another security veri?cation.
`
`[0071] Alternatively or additionally, When the system fur
`ther comprises computer means including
`
`[0072] third storage means adapted to store a plural
`ity of data items corresponding to respective prede
`termined access rights and including respective
`access codes;
`
`[0073] ?rst communications means adapted to trans
`mit at least one access code to a selected one of the
`electronic key device and the lock control unit; and
`
`[0074] the selected one of the electronic key device
`and the lock control unit further comprises second
`communications means adapted to receive the trans
`mitted at least one access code, access codes may be
`transmitted from a central access code management
`system. This may be done in response to a speci?c
`request for an access right or in order to store one or
`more access codes in the electronic key device or in
`the lock control unit.
`
`[0075] In yet another preferred embodiment of the inven
`tion a selected one of the electronic key device and the lock
`control unit further comprises third communications means
`for transmitting, to the computer means, an information
`signal indicative of information about the corresponding
`transmitted or received request for granting the requested
`access right.
`
`[0076] It is an advantage of the invention that information
`about electronic key devices, access codes, access right
`grantees, the use of access codes, etc, may be acquired and
`maintained at a central service to provide optimal transpar
`ency and security to the access right oWner.
`
`[0077] In a preferred embodiment of the invention the ?rst
`communications means is adapted to transmit a second
`control signal to the lock control unit initiating invalidation
`of at least one access code.
`
`[0078] In a preferred embodiment of the invention the
`requested access right comprises a ?rst attribute specifying
`a property of the requested access right, and Wherein the ?rst
`access code comprises information about the ?rst attribute.
`
`[0079] In a preferred embodiment of the invention the
`requested access right has a validity period, and the ?rst
`access code comprises information about the validity period.
`
`[0080] The invention further relates to a lock control unit
`for use in a system described above and in the folloWing,
`Wherein the lock control unit comprises
`
`[0081] ?rst receiving means adapted to receive a
`control signal indicative of a request for granting a
`requested access right, ?rst processing means
`adapted to perform a veri?cation of the received
`
`request, and control means adapted to initiate oper
`ating a lock mechanism depending on the result of
`the veri?cation.
`
`[0082] The invention further relates to an electronic key
`device for use in a system described above and in the
`folloWing, the electronic key device including ?rst transmit
`ting means adapted to transmit a ?rst control signal indica
`tive of a request for granting a predetermined access right;
`
`[0083] Wherein the electronic key device further
`comprises
`[0084] ?rst storage means adapted to store access
`codes identifying a plurality of predetermined access
`rights, enabling a user to initiate transmitting a
`selected one of the stored access codes to the lock
`control unit.
`
`[0085] The invention further relates to a removable stor
`age module for use in an electronic key device described
`above and in the folloWing, Wherein the removable storage
`module is adapted to store data items identifying a plurality
`of predetermined access rights, enabling a user to initiate
`transmitting a selected one of the stored access codes to the
`lock control unit.
`
`[0086] In a preferred embodiment of the invention, the
`removable storage module further comprises second pro
`cessing means adapted to initiate transmitting a control
`signal indicative of a request for granting a selected one of
`the plurality of predetermined access rights.
`
`[0087] The invention further relates to a computer system
`for use With a system described above and in the folloWing,
`Wherein the computer system comprises
`[0088] fourth storage means adapted to store a plu
`rality of data items corresponding to respective
`access codes indicative of predetermined access
`rights;
`[0089] third processing means adapted to generate a
`second access code indicative of a ?rst access right;
`
`[0090] fourth communications means adapted to
`transmit the second access code to a selected one of
`the electronic key device and the loc