Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 1 of 22
`Case 6:21-cv-00165—ADA Document 1-2 Filed 02/23/21 Page 1 of 22
`
`
`EXHIBIT B
`
`EXHIBIT B
`
`
`
`
`
`

`

`USOO9269208B2
`
`(12) United States Patent
`Burke
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9.269,208 B2
`*Feb. 23, 2016
`
`(54) REMOTE ENTRY SYSTEM
`(75) Inventor: Christopher John Burke, Ramsgate
`(AU)
`(73) Assignee: SECURICOM (NSW) PTY LTD,
`Ramsgate (AU)
`
`*) Notice:
`
`Subject to any disclaimer, the term of this
`y
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 78 days.
`This patent is Subject to a terminal dis
`claimer.
`
`(21) Appl. No.: 13/572,166
`(22) Filed:
`Aug. 10, 2012
`
`(65)
`
`Prior Publication Data
`US 2012/03 11343 A1
`Dec. 6, 2012
`
`Related U.S. Application Data
`(63) Continuation of application No. 10/568.207, filed as
`application No. PCT/AU2004/001083 on Aug. 13,
`2004, now Pat. No. 8,266,442.
`Foreign Application Priority Data
`
`(30)
`
`Aug. 13, 2003 (AU) ................................ 20O3904317
`
`(51) Int. Cl.
`H04L 29/06
`G07C 9/00
`
`(2006.01)
`(2006.01)
`(Continued)
`
`(52) U.S. Cl.
`CPC ............ G07C 9/00158 (2013.01); G06F2I/32
`(2013.01); G06F 2 1/35 (2013.01); H04L
`63/0861 (2013.01); H04 W 12/08 (2013.01);
`H04W 84/12 (2013.01); H04W 84/18 (2013.01)
`(58) Field of Classification Search
`CPC ............................ H04L 63/0861; G06F 21/32
`
`
`
`USPC .......................................................... 713/186
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,109,428 A * 4/1992 Igaki et al. .................... 382,125
`5,933,515 A * 8/1999 Pu ...................... GO6K9/00006
`340,553
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`WO
`WO
`
`WO O21266.0 A1 * 2, 2002
`WO O2/O95589 A1 11, 2002
`
`OTHER PUBLICATIONS
`
`Notice of Acceptance dated Sep. 18, 2012 for co-pending Australian
`Patent Office Application No. 200920 1293 (3 pp.).
`(Continued)
`
`Primary Examiner — Mohammad L Rahman
`(74) Attorney, Agent, or Firm — Brinks Gilson & Lione
`
`ABSTRACT
`(57)
`A system is disclosed for providing secure access to a con
`trolled item, the system comprising a database of biometric
`signatures, a transmitter Subsystem comprising a biometric
`sensor for receiving a biometric signal, means for matching
`the biometric signal against members of the database of bio
`metric signatures to thereby output an accessibility attribute,
`and means for emitting a secure access signal conveying
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol, and a receiver sub-system comprising
`means for receiving the transmitted secure access signal and
`means for providing conditional access to the controlled item
`dependent upon said information.
`
`13 Claims, 10 Drawing Sheets
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 2 of 22
`
`

`

`US 9.269,208 B2
`Page 2
`
`(51)
`
`Int. C.
`G06F2L/32
`G06F2L/35
`HO47 (2/08
`HO4W 84/12
`HO4W 84/18
`
`(2013.01)
`(2013.01)
`(2009.01)
`(2009.01)
`(2009.01)
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`6, 195447 B1 *
`6,229.906 B1*
`6,992,562 B2*
`
`2, 2001 Ross .........
`5, 2001 Pu et al. ...
`1/2006 Fuks et al.
`
`
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`. 382,125
`
`382,116
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`. 340,552
`
`7,152,045 B2 * 12/2006 Hoffman ......................... TO5/43
`7,174,017 B2 * 2/2007 Bantz et al. ................... 380,255
`2002/0038818 A1
`4/2002 Zingher et al.
`2003/O126439 A1
`7/2003 Wheeler et al.
`2004/0042642 A1
`3/2004 Bolle ................. GO7C 9/OO134
`382,115
`
`OTHER PUBLICATIONS
`
`Extended European Search Report for corresponding EP application
`No. 14188004 dated Apr. 22, 2015.
`Office Action for corresponding Canadian application No. 2,535,434
`dated Mar. 27, 2015.
`
`* cited by examiner
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 3 of 22
`
`

`

`U.S. Patent
`
`US 9.269,208 B2
`
`
`
`
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 4 of 22
`
`

`

`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 5 of 22
`
`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 2 of 10
`
`US 9.269,208 B2
`US 9,269,208 B2
`
`cow
`
`\
`
`9%
`
`EA.
`
`ONwhmngcCO
`
`Ezwomm
`
`3.05:8
`
`Em:
`
`EmwmhmésmN.m_l5388
`
`h:
`
`mum-u—fi—mmw——_‘—————--wumn—-g
`
`<———
`Alf!
`IIVV
`
`
`
`
`
`
`
`
`
`
`
`m9,
`
`'1
`
`333.39am:
`
`we.
`
`0')1-
`1'-
`
`_¢N_.
`
`NNF
`
`@9365
`
`596m05
`
`3.330
`
`hQEEWCEF
`
`m2.
`
`N:
`
`|----
`;---->
`E'
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 5 of 22
`
`m:
`
`BEEmcmh
`
`Emuwxmézw
`
`
`
`
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 3 of 10
`
`US 9.269,208 B2
`
`
`
`2O6
`
`Biometric signal
`received?
`
`Compare to
`signatures
`
`Select control
`option
`
`Send access
`Signal
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 6 of 22
`
`200
`
`-
`
`Fig. 3
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 4 of 10
`
`US 9.269,208 B2
`
`Access signal
`received?
`
`3O2
`
`Compare to
`Code
`
`
`
`
`
`
`
`305
`
`304
`
`Send Control
`signal
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 7 of 22
`
`-
`
`Fig. 4
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 5 of 10
`
`US 9.269,208 B2
`
`00G
`
`
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 8 of 22
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 6 of 10
`
`US 9.269,208 B2
`
`700
`
`-
`
`From Fig. 7 or Fig. 8
`
`
`
`Biometric signal
`received?
`
`To Fig. 8
`
`
`
`Database
`
`702
`
`704
`
`Administrator
`biometric
`received?
`
`
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 9 of 22
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 7 of 10
`
`US 9.269,208 B2
`
`From Fig. 6 (o
`
`600
`-
`
`YES
`
`602
`
`Compare to
`signatures
`
`604
`
`606
`
`608
`
`Insert duress
`
`bit(s) -- NO
`
`603
`
`Insert telemetry
`a s NO
`
`605
`
`Insert access YES
`bit(s)
`
`6O7
`
`NO
`
`609
`
`insert alert
`bit(s)
`
`60
`
`
`
`Send Control
`signal
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 10 of 22
`
`Fig. 7
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 8 of 10
`
`US 9.269,208 B2
`
`From Fig. 6
`
`
`
`8O
`2
`
`Store administrator
`signature
`
`
`
`st administra
`tor input?
`
`800
`
`-
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 11 of 22
`
`Erase
`signature(s)
`
`To Fig. 6 (05- No
`
`More adminis
`tration?
`
`YES
`
`Fig. 8
`
`Another admini
`istrator desired?
`
`
`
`
`
`
`
`Store duress
`signature
`
`Duress signa
`ture desired?
`
`Store simple
`signature
`
`80
`
`80
`
`
`
`
`
`
`
`
`
`rase signature
`desired?
`
`
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 9 of 10
`
`US 9.269,208 B2
`
`From Fig. 6
`
`903
`
`Emit "enrolment"
`tone & flash Red
`LED (ongoing)
`
`st administra
`tor input?
`
`901
`
`900
`-
`
`
`
`
`
`
`
`Ennit"enrolment"
`tone & flash Green
`LED (once)
`
`902
`
`Read biometric
`signal (directed by
`Amber LED)
`
`905
`
`Emit "rejection"
`tone
`
`Store signature
`
`
`
`
`
`Inger press
`exceeds prede
`ermined period?
`
`906
`
`909
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 12 of 22
`
`
`
`Erase relevant
`signature(s)
`
`912
`
`

`

`U.S. Patent
`
`Feb. 23, 2016
`
`Sheet 10 of 10
`
`US 9.269,208 B2
`
`
`
`115
`2-117
`
`ro- - - -
`
`100'
`
`RX sub-system
`
`
`
`Audio-Video
`Interface
`
`1004
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 13 of 22
`
`OO
`
`

`

`US 9,269,208 B2
`
`1.
`REMOTE ENTRY SYSTEM
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation patent application of
`U.S. Non-Provisional application Ser. No. 10/568.207 for
`REMOTE ENTRY SYSTEM, filed Jun. 4, 2008 now U.S.
`Pat. No. 8.266,442, the disclosure of which is incorporated by
`reference in its entirety.
`
`10
`
`FIELD OF THE INVENTION
`
`The present invention relates to secure access systems and,
`in particular, to systems using wireless transmission of secu
`rity code information.
`
`15
`
`BACKGROUND
`
`2
`The Wiegand protocol is a simple one-way data protocol that
`can be modified by increasing or decreasing the bit count to
`ensure uniqueness of the protocol among different security
`companies. The Wiegand protocol does not secure the infor
`mation being sent between the code entry module 403 and the
`controller 405.
`More advanced protocols such as RS485 have been used in
`order to overcome the Vulnerability of the Wiegand protocol
`over the long distance route 404. RS485 is a duplex protocol
`offering encryption capabilities at both the transmitting and
`receiving ends, i.e. the code entry module 403 and the con
`troller 405 respectively in the present case. The length of the
`path 404 nonetheless provides an attack point for the unau
`thorised person.
`Due to the cost and complexity of re-wiring buildings and
`facilities, security companies often make use of existing com
`munication cabling when installing and/or upgraded security
`systems, thereby maintaining the Vulnerability described
`above.
`
`SUMMARY
`
`It is an object of the present invention to substantially
`overcome, or at least ameliorate, one or more disadvantages
`of existing arrangements.
`According to a first aspect of the present invention, there is
`provided a system for providing secure access to a controlled
`item, the system comprising:
`a database of biometric signatures;
`a transmitter Subsystem comprising:
`a biometric sensor for receiving a biometric signal;
`means for matching the biometric signal against members
`of the database of biometric signatures to thereby output an
`accessibility attribute; and
`means for emitting a secure access signal conveying infor
`mation dependent upon said accessibility attribute, wherein
`the secure access signal comprises one of at least a rolling
`code, an encrypted BluetoothTM protocol, and a WiFiTM pro
`tocol; and a receiver Sub-system comprising:
`means for receiving the transmitted secure access signal;
`and
`means for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a transmitter Sub-system for operating in a system
`for providing secure access to a controlled item, the system
`comprising a database of biometric signatures, a receiver
`Sub-system comprising means for receiving a secure access
`signal transmitted by the transmitter Sub-system, and means
`for providing conditional access to the controlled item depen
`dent upon information conveyed in the secure access signal;
`wherein the transmitter Subsystem comprises:
`a biometric sensor for receiving a biometric signal;
`means for matching the biometric signal against members
`of the database of biometric signatures to thereby output an
`accessibility attribute; and
`means for emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol.
`According to another aspect of the present invention, there
`is provided receiver Sub-system for operating in a system for
`providing secure access to a controlled item, the system com
`prising a database of biometric signatures, a transmitter Sub
`system comprising a biometric sensor for receiving a biomet
`ric signal, means for matching the biometric signal against
`
`FIG. 1 shows a prior art arrangement for providing secure
`access. A user 401 makes a request, as depicted by an arrow
`402, directed to a code entry module 403. The module 403 is
`typically mounted on the external jamb of a secure door. The
`request 402 is typically a secure code of some type which is
`compatible with the code entry module 403. Thus, for
`example, the request 402 can be a sequence of secret numbers
`directed to a keypad 403. Alternately, the request 402 can be
`a biometric signal from the user 401 directed to a correspond
`ing biometric sensor 403. One example of a biometric signal
`is a fingerprint. Other physical attributes that can be used to
`provide biometric signals include Voice, retinal or iris pattern,
`face pattern, palm configuration and so on.
`The code entry module 403 conveys the request 402 by
`sending a corresponding signal, as depicted by an arrow 404.
`to a controller 405 which is typically situated in a remote or
`inaccessible place. The controller 405 authenticates the secu
`rity information provided by the user 401 by interrogating a
`database 407 as depicted by an arrow 406. If the user 401 is
`authenticated, and has the appropriate access privileges, then
`the controller 405 sends an access signal, as depicted by an
`arrow 408, to a device 409 in order to provide the desired
`access. The device 409 can, for example, be the locking
`mechanism of a secure door, or can be an electronic lock on a
`personal computer (PC) which the user 401 desires to access.
`A proximity card can also be used to emit the request 402,
`in which case the code entry module 403 has appropriate
`functionality.
`Although the request 402 can be made secure, either by
`increasing the number of secret digits or by using a biometric
`system, the communication infrastructure in FIG. 1 is typi
`cally less secure. The infrastructure 400 is generally hard
`wired, with the code entry module 403 generally being
`mounted on the outside jamb of a secured door. In Such a
`situation, the signal path 404 can be overa significant distance
`in order to reach the controller 405. The path 404 represents
`one weak point in the security system 400, providing an
`unauthorised person with relatively easy access to the infor
`mation being transmitted between the code entry module 403
`and the controller 405. Such an unauthorised person can,
`given this physical access, decipher the communicated infor
`mation between the code entry module 403 and the controller
`405. This captured information can be deciphered, replayed
`in order to gain the access which rightfully belongs to the user
`401, or to enable modification for other subversive purposes.
`Current systems as depicted in FIG. 1 utilise a communi
`cation protocol called “Wiegand’ for communication
`between the code entry module 403 and the controller 405.
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 14 of 22
`
`

`

`3
`members of the database of biometric signatures to thereby
`output an accessibility attribute, and means for emitting a
`secure access signal conveying information dependent upon
`said accessibility attribute, wherein the secure access signal
`comprises one of at least a rolling code, an encrypted Blue
`toothTM protocol, and a WiFiTM protocol; wherein the receiver
`Sub-system comprises;
`means for receiving the transmitted secure access signal;
`and
`means for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a method for providing secure access to a con
`trolled item, the method comprising the steps of:
`receiving a biometric signal;
`matching the biometric signal against members of a data
`base of biometric signatures to thereby outputan accessibility
`attribute;
`emitting a secure access signal conveying information
`dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted BluetoothTM protocol, and a WiFiTM protocol;
`and
`providing conditional access to the controlled item depen
`dent upon said information.
`According to another aspect of the present invention, there
`is provided a method for populating a database of biometric
`signatures in a system for providing secure access to a con
`trolled item, the system comprising said database of biomet
`ric signatures, a transmitter Subsystem comprising a biomet
`ric sensor for receiving a biometric signal, and means for
`emitting a secure access signal, and a receiver Sub-System
`comprising means for receiving the transmitted secure access
`signal, and means for providing conditional access to the
`controlled item dependent upon information in said secure
`access signal, said method comprising the steps of
`receiving a series of entries of the biometric signal;
`determining at least one of the number of said entries and a
`duration of each said entry;
`mapping said series into an instruction; and
`populating the database according to the instruction.
`According to another aspect of the present invention, there
`is provided a method for transmitting a secure access signal in
`a system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a
`receiver Sub-system comprising means for receiving the
`secure access signal transmitted by a transmitter Sub-system,
`and means for providing conditional access to the controlled
`item dependent upon information conveyed in the secure
`access signal, said method comprising the steps of
`receiving a biometric sensor by biometric signal;
`matching the biometric signal against members of the data
`base of biometric signatures to thereby outputan accessibility
`attribute; and
`emitting the secure access signal conveying said informa
`tion dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted BluetoothTM protocol, and a WiFiTM protocol.
`According to another aspect of the present invention, there
`is provided a method for receiving a secure access signal in a
`system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a
`transmitter Subsystem comprising a biometric sensor for
`receiving a biometric signal, means for matching the biomet
`ric signal against members of the database of biometric sig
`natures to thereby output an accessibility attribute, and means
`for emitting a secure access signal conveying information
`
`10
`
`15
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 9,269,208 B2
`
`4
`dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted BluetoothTM protocol, and a WiFiTM protocol,
`said method comprising the steps of
`receiving the transmitted secure access signal; and
`providing conditional access to the controlled item depen
`dent upon said information.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to provide secure access to a
`controlled item, said computer program product comprising:
`code for receiving a biometric signal;
`code for matching the biometric signal against members of
`a database of biometric signatures to thereby output an acces
`sibility attribute;
`code for emitting a secure access signal conveying infor
`mation dependent upon said accessibility attribute, wherein
`the secure access signal comprises one of at least a rolling
`code, an encrypted BluetoothTM protocol, and a WiFiTM pro
`tocol; and
`code for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to populate a database of
`biometric signatures in a system for providing secure access
`to a controlled item, said computer program product compris
`ing:
`code for receiving a series of entries of the biometric sig
`nal;
`code for determining at least one of the number of said
`entries and a duration of each said entry;
`code for mapping said series into an instruction; and
`code for populating the database according to the instruc
`tion.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to transmit a secure access
`signal in a system for providing secure access to a controlled
`item, said computer program product comprising:
`code for receiving a biometric sensor by biometric signal;
`code for matching the biometric signal against members of
`the database of biometric signatures to thereby output an
`accessibility attribute; and
`code for emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol.
`According to another aspect of the present invention, there
`is provided a computer program product having a computer
`readable medium having a computer program recorded
`therein for directing a processor to receive a secure access
`signal in a system for providing secure access to a controlled
`item, said computer program product comprising:
`code for receiving the transmitted secure access signal; and
`code for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention, there
`is provided a system for providing secure access, the system
`comprising:
`a biometric sensor for authenticating the identity of a user;
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 15 of 22
`
`

`

`US 9,269,208 B2
`
`5
`a transmitter for transmitting information using a secure
`wireless signal dependent upon a request from the user and
`the authentication of the user identity; and
`a control panel for receiving the information and for pro
`viding the secure access requested.
`Other aspects of the invention are also disclosed.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Some aspects of the prior art and one or more embodiments
`of the present invention are described with reference to the
`drawings, in which:
`FIG. 1 shows a prior art arrangement for providing secure
`acceSS,
`FIG. 2 is a functional block diagram of an arrangement for
`providing secure access according to the present disclosure;
`FIG. 3 shows an example of a method of operation of the
`remote control module of FIG. 2;
`FIG. 4 shows an example of a method of operation of the
`(fixed) control device of FIG. 2;
`FIG. 5 shows incorporation of a protocol converter into the
`arrangement of FIG. 2; and
`FIG. 6 shows another example of how the remote access
`system operates;
`FIG. 7 shows an access process relating to the example of
`FIG. 6;
`FIG. 8 shows one enrolment process relating to the
`example of FIG. 6;
`FIG. 9 shows another enrolment process relating to the
`example of FIG. 6; and
`FIG. 10 is a schematic block diagram of the system in FIG.
`2.
`
`DETAILED DESCRIPTION INCLUDING BEST
`MODE
`
`10
`
`15
`
`25
`
`30
`
`35
`
`6
`transmitter 107 checks, as depicted by an arrow 112, the
`current rolling code in a database 113. The controller 107then
`updates the code and sends the updated code, this being
`referred to as an access signal, as depicted by an arrow 108 to
`a controller 109. The rolling code protocol offers non-replay
`encrypted communication.
`The controller 109 tests the rolling code received in the
`access signal 108 against the most recent rolling code which
`has been stored in a database 115, this testing being depicted
`by an arrow 114. If the incoming rolling code forming the
`access signal 108 is found to be legitimate, then the controller
`109 sends a command, as depicted by an arrow 110, to a
`controlled item 111. The controlled item 111 can be a door
`locking mechanism on a secure door, or an electronic key
`circuit in a personal computer (PC) that is to be accessed by
`the user 101. It is noted that the controller 109 contains a
`receiver 118 that receives the transmitted access signal 108
`and converts it into a form that is provided, as depicted by an
`arrow 120, into a form that the controller 109 can use.
`The code entry module 103 also incorporates at least one
`mechanism for providing feedback to the user 101. This
`mechanism can, for example, take the form or one or more
`Light Emitting Diodes (LEDs) 122 which can provide visual
`feedback, depicted by an arrow 123 to the user 101. Alter
`nately or in addition the mechanism can take the form of an
`audio signal provided by an audio transducer 124 providing
`audio feedback 125.
`The arrangement in FIG. 2 has been described for the case
`in which the secure code in the access signal 108 used
`between the sub-systems 116 and 117 is based upon the
`rolling code. It is noted that this is merely one arrangement,
`and other secure codes can equally be used. Thus, for
`example, either of the BluetoothTM protocol, or the Wi FiTM
`protocols can be used.
`Rolling codes provide a substantially non-replayable non
`repeatable and encrypted radio frequency data communica
`tions Scheme for secure messaging. These codes use inher
`ently secure protocols and serial number ciphering
`techniques which in the present disclosure hide the clear text
`values required for authentication between the key fob (trans
`mitter) sub-system 116 and the receiver/controller 118/109.
`Rolling codes use a different code variant each time the
`transmission of the access signal 108 occurs. This is achieved
`by encrypting the data from the controller 107 with a math
`ematical algorithm, and ensuring that Successive transmis
`sions of the access signal 108 are modified using a code
`and/or a look-up table known to both the transmitter sub
`system 116 and the receiver sub-system 117. Using this
`approach Successive transmissions are modified, resulting in
`a non-repeatable data transfer, even if the information from
`the controller 107 remains the same. The modification of the
`code in the access signal 108 for each transmission signifi
`cantly reduces the likelihood that an intruder can access the
`information replay the information to thereby gain entry at
`Some later time.
`The sub-system in FIG. 2 falling to the left hand side, as
`depicted by an arrow 116, of a dashed line 119 can be imple
`mented in a number of different forms. The sub-system 116
`can for example be incorporated into a remote fob (which is a
`small portable device carried by the user 101), or alternately
`can be mounted in a protected enclosure on the outside jamb
`of a secured door. The sub-system 116 communicates with
`the sub-system 117 on the right hand side of the dashed line
`119 via the wireless communication channel used by the
`access signal 108. The sub-system 117 is typically located in
`an inaccessible area such as a hidden roof space or alternately
`in a Suitable protected area such as an armoured cupboard.
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 16 of 22
`
`40
`
`55
`
`It is to be noted that the discussions contained in the "Back
`ground' section relating to prior art arrangements relate to
`discussions of documents or devices which form public
`knowledge through their respective publication and/or use.
`Such should not be interpreted as a representation by the
`present inventor(s) or patent applicant that Such documents or
`devices in any way form part of the common general knowl
`edge in the art.
`Where reference is made in any one or more of the accom
`45
`panying drawings to steps and/or features, which have the
`same reference numerals, those steps and/or features have for
`the purposes of this description the same function(s) or opera
`tion(s), unless the contrary intention appears.
`FIG. 2 is a functional block diagram of an arrangement for
`50
`providing secure access according to the present disclosure. A
`user 101 makes a request, as depicted by an arrow 102, to a
`code entry module 103. The code entry module 103 includes
`a biometric sensor 121 and the request 102 takes a form which
`corresponds to the nature of the sensor 121 in the module 103.
`Thus, for example, if the biometric sensor 121 in the code
`entry module 103 is a fingerprint sensor, then the request 102
`typically takes the form of a thumb press on a sensor panel
`(not shown) on the code entry module 103.
`The code entry module 103 interrogates, as depicted by an
`arrow 104, a user identity database 105. Thus for example if
`the request 102 is the thumb press on the biometric sensor
`panel 121 then the user database 105 contains biometric sig
`natures for authorised users against which the request 102 can
`be authenticated. If the identity of the user 101 is authenti
`cated successfully, then the code entry module 103 sends a
`signal 106 to a controller/transmitter 107. The controller/
`
`60
`
`65
`
`

`

`8
`sensor 121 in the code entry module 103 checks whether a
`biometric signal 102 is being received. If this is not the case,
`then the method 200 is directed in accordance with an NO
`arrow back to the step 201 in a loop. If, on the other hand, the
`biometric signal 102 has been received, then the method 200
`is directed in accordance with a YES arrow to a step 202. The
`step 202 compares the received biometric signal 102 with
`information in the biometric signature database 105 in order
`to ensure that the biometric signal received 102 is that of the
`rightful user 101 of the sub-system 116.
`A subsequent testing step 203 checks whether the compari
`son in the step 202 yields the desired authentication. If the
`biometric signature matching is authenticated, then the pro
`cess 200 is directed in accordance with a YES arrow to a step
`204. The authentication of the biometric signature matching
`produces an accessibility attribute for the biometric signal
`102 in question. The accessibility attribute establishes
`whether and under which conditions access to the controlled
`item 111 should be granted to a user. Thus, for example, the
`accessibility attribute may comprise one or more of an access
`attribute (granting unconditional access), a duress attribute
`(granting access but with activation of an alert tone to advise
`authorities of the duress situation), an alert attribute (sound
`ing a chime indicating that an unauthorised, but not necessar
`ily hostile, person is seeking access, and a telemetry attribute,
`which represents a communication channel for communicat
`ing State information for the transmitter Sub-system to the
`receiver sub-system such as a “low battery' condition. The
`step 204 enables the user 101 to select a control option by
`providing one or more additional signals (not shown) to the
`controller 107. Thus for example the control option could
`enable the user 101 to access one of a number of secure doors
`after his or her identity has been authenticated in the step 203.
`In the subsequent step 205 the controller 107 sends the appro
`priate access signal 108 to the controller 109. The process 200
`is then directed in accordance with an arrow 206 back to the
`step 201.
`Thus for example the sub-system 116 can be provided with
`a single biometric sensor 121 in the code entry module 103
`which enables the user 101 to select one of four door entry
`control signals by means of separate buttons on the controller
`107 (not shown). This would enable the user 101, after
`authentication by the biometric sensor 121 in the code entry
`module 103 and the controller 107 to obtain access to any one
`of the aforementioned for secure doors.
`Returning to the testing step 203, if the signature compari
`son indicates that the biometric signal 102 is not authentic,
`and has thus not been received from the proper user, then the
`process 200 is directed in accordance with a NO arrow back
`to the step 201. In an alternate arrangement, the NO arrow
`from the step 203 could lead to a disabling step which would
`disable further operation of the sub-system 116, either imme
`diately upon receipt of the incorrect biometric signal 102, or
`after a number of attempts to provide the correct biometric
`signal 102.
`FIG. 4 shows the method of operation of the control sub
`system 117 of FIG. 2. The method 300 commences with a
`testing step 301 which continuously checks whether the
`access signal 108 has been received from 107. The step 301 is
`performed by the controller 109. As long as the access signal
`108 is not received the process 300 is directed in accordance
`with a NO arrow in a looping manner back to the step 301.
`When the access signal 108 is received, the process 300 is
`directed from the step 301 by means of a YES arrow to a step
`302. In the step 302, the controller 109 compares the rolling
`code received by means of the access signal 108 with a
`reference code in the database 115. A subsequent testing step
`
`Case 6:21-cv-00165-ADA Document 1-2 Filed 02/23/21 Page 17 of 22
`
`45
`
`55
`
`60
`
`65
`
`US 9,269,208 B2
`
`10
`
`15