FR3036523A1 - RADIO-IDENTIFICATION PASSIVE SECURE ACCESS CONTROL DEVICE - Google Patents

Abstract

An access control device (1) secured by radio-identification, comprising a housing (2) receiving internally: - a radio-identification chip (3) connected to an antenna (4) and adapted to receive by electromagnetic waves data identification associated with a signature generated by an external radio identification module (6); a microcontroller (5) connected to said radio identification chip (3) and designed to receive and authenticate identification data from said radio identification chip (3) and to transmit said identification data after authentication to a remote processing unit. The radio-identification chip (3) is of the passive type, without a permanent power supply, this radio-identification chip (3) being shaped to convert the electromagnetic waves emitted by the radio-identification external module (6) into electric current temporarily supplying the operation of said radio identification chip (3) and said microcontroller (5).

Description

The present invention relates to a secure access control device by radio-identification. It relates more particularly to an access control device comprising a housing receiving internally a radio-identification chip connected to an antenna and adapted to receive by electromagnetic waves identification data associated with a signature generated by an external module. radio-identification, and a microcontroller connected to the radio-identification chip and arranged to receive and authenticate the identification data from the radio-identification chip and to transmit these identification data after authentication to a unit remote processing. Typically, the radio identification chip present in the housing is of the active type, that is to say that it is permanently electrically powered by an external source of electricity, generally the electrical network of the building making the subject of security measures. Thus, in operation, the active radio-identification chip permanently generates an electromagnetic field that will activate the external radio identification modules, generally of the badge type with a passive radio-identification chip (otherwise called a radio-tag), which are 20 placed in front of them by providing them with the short distance energy they need. In other words, it is customary to use an access control system where the access control device, whose housing is typically positioned near an access (door, barrier, gate, etc.). is plugged into the power grid, and provides the necessary power for access badges with passive radio tag. This type of access control device, however, has the disadvantage of requiring electrical wiring essential for its permanent power supply, besides the latter has a power consumption never zero. The aim of the present invention is to answer this problem and, to this end, it proposes a secure access control device by radio-identification, comprising a housing receiving internally: a radio-identification chip connected to an antenna and adapted to receive by electromagnetic waves identification data associated with an associated signature generated by an external radio identification module; A microcontroller connected to the radio identification chip and designed to receive and authenticate the identification data coming from the radio identification chip and to transmit said identification data after authentication to a remote processing unit; where this access control device is remarkable in that the radio-identification chip is of the passive type, without a permanent supply of electrical energy, this radio-identification chip being shaped to convert the electromagnetic waves emitted by the external module of radio-identification in electric current temporarily supplying the operation of the radio-identification chip and the microcontroller. Thus, unlike conventional secure access systems, the invention proposes to use a passive radio-identification chip, not permanently electrically powered, at the fixed reading box, and to resort to external modules radio-identification devices equipped with an active radio-identification chip that will generate, via an antenna, an electromagnetic field that will provide the energy necessary for the operation of the passive radio-identification chip and the microcontroller. In this way, it is no longer necessary to electrically wire the access control device, the electrical energy essential to the operation of the access control device from the electromagnetic waves generated by the external radio identification modules close. Thus, the access control device has a simplified architecture, with an electrical consumption limited to only the operating phases of the passive radio-identification chip and the microcontroller, the access control device being of zero consumption out of these phases. During these operating phases, the microcontroller transmits authenticated identification data to a remote processing unit, and this processing unit will retrieve these identification data for processing and decision of one or more actions, such as such as unlocking an access, launching an alert, lighting a light, piloting a heater, logging transit information, etc. According to one feature, the identification data is encrypted by an asymmetric cryptographic method using a private key of a public / private key pair, and the microcontroller is able to decrypt the identification data with the public key. of the public / private key pair, and validating the authenticity of the identification data, said public key being stored in a memory of said microcontroller. Thus, the microcontroller is configured to perform a signature verification by asymmetric cryptography, for example with an ECC or RSA cryptographic algorithm, in a computation time compatible with an access control application, before communicating the data of identification to the remote processing unit; the microcontroller containing the public key, therefore not secured, it is not necessary to manage a deletion of this key in case of unauthorized intrusion into the microcontroller, or in case of tearing of the access control device. According to another characteristic, the microcontroller is connected to a communication cable, in order to allow the wired transmission of the identification data after authentication to the remote processing unit.

In a particular embodiment, the housing internally receives a wireless radio communication module connected to the microcontroller, to allow the wireless transmission of the identification data after authentication to the remote processing unit, said wireless communication module being provided. to be temporarily powered by the electrical current 20 converted by the radio-identification chip. According to one possibility of the invention, the housing internally receives an electric battery associated with a charging circuit which recharges said electric battery with the electric current converted by the radio-identification chip, this electric battery being connected to the microcontroller.

Such an electric battery may be advantageous in allowing transmission of the identification data after authentication to the remote processing unit, when the remote processing unit is too far away, particularly if this transmission is done by wireless radio communication. In other words, the electric battery will serve to increase the communication distances between the access control device and the remote processing unit; this electric battery recharges each time an external module of radio-identification provides energy. According to another possibility of the invention, the radio-identification chip has an electromagnetic field presence detection function.

The invention also relates to an access control system comprising at least one access control device according to the invention, and at least one external radio identification module, this external radio identification module. comprising an active radio-identification chip powered by an electric battery and adapted to generate, via an antenna, electromagnetic waves containing identification data associated with a signature and temporarily serving to electrically power the operation of the radio chip; passive identification and microcontroller of the access control device.

In a particular embodiment, the active radio-identification chip of the radio-identification external module is of the NFC chip type. In addition, the external radio-identification module may be of the mobile phone type or the type of badge or active keychain equipped with an electric battery.

Other characteristics and advantages of the present invention will appear on reading the following detailed description of two nonlimiting exemplary embodiments, with reference to the appended figures in which: FIG. 1 is a diagrammatic view a first access control device 20 according to the invention, in contactless relation with an external mobile phone type radio-identification module; and FIG. 2 is a schematic view of a second access control device according to the invention, in contactless relation with an external mobile telephone type identification module.

Referring to Figures 1 and 2, a secure access control device 1 by radio-identification according to the invention, comprises a housing 2 provided with fixing means on a support (not shown), generally a vertical support such than a wall or a partition. The access control device 1 comprises inside this housing 2: a passive type 3 radio-identification chip, without permanent power supply, connected to an antenna 4; and a microcontroller 5 connected to the passive radio-identification chip 3. The passive radio-identification chip 3 and the antenna 4 are for example of the high-frequency type. The passive radio identification chip 3 is therefore not permanently powered by a continuous electrical source.

This access control device 1 is designed to work with external radio identification modules 6 comprising an active radio identification chip 60 powered by an electric battery (not shown) and able to generate, via an antenna ( not shown), electromagnetic waves. The active radio identification chip 60 of the external radio identification module 6 may be of the NFC chip type. The external radio identification module 6 may be of the mobile phone type (as shown in FIGS. 1 and 2) or may be of the type 10 active badge or key ring equipped with an electric battery, for example of the "Token" type. . Each radio identification external module 6 includes an internal memory (not shown) securely storing identification data associated with a signature using an asymmetric cryptographic algorithm. The active radio identification chip 60 of the radio identification external module 6 is able to generate electromagnetic waves containing such identification data associated with a signature. In the situation, when an external radio identification module 6 is sufficiently close to the access control device 1, the active radio identification chip 60 of the radio identification external module 6 generates electromagnetic waves containing such data. identification associated with a signature; this signature depends on the identification data and also on the access control device 1. The passive radio identification chip 3 of the access control device 1 receives, by electromagnetic waves, the identification data associated with a generated signature. by the external radio identification module 6. More precisely, the external radio identification module 6 and the access control device 1 enter secure communication and successively: the access control device 1 communicates to the external radio identification module 6 its own identifier (such as a serial number); the radio identification external module 6 calculates a signature from this identifier of the access control device 1 and also from the identification data of the radio identification external module 6; The radio-identification external module 6 transmits to the access control device 1 its identification data and this signature; the microcontroller 5 of the access control device 1 verifies with the signature the authenticity of the identification data, before transmitting it to a remote processing unit. The electrical energy required for the operation of the passive radio-identification chip 3 comes from the electromagnetic waves generated by the external radio identification module 6 close. In other words, the passive radio-identification chip 3 converts, by induction, the electromagnetic waves emitted by the external radio-identification module 6 into electrical power temporarily supplying the operation of the passive radio-identification chip 3. Moreover, the electric current converted by the passive radio identification chip 3 is also used to temporarily electrically power the microcontroller 5 which receives and authenticates the identification data from the passive radio identification chip 3 and then transmits this data of identification to a remote processing unit (not shown). As such, the microcontroller 5 is preferably low consumption.

The microcontroller 5 authenticates the identification data with the public key of the public / private key pair, this public key being stored in a memory associated with the microcontroller 5. For this transmission of the identification data to the unit for remote processing, the passive radio-identification chip 3 has a connection 30 for: - as can be seen in FIG. 1, a wired communication by bus, by means of a communication cable 7, in order to allow the wired transmission ( driven by the microcontroller 5) identification data to the remote processing unit; 30 - as visible in FIG. 2, a connection with a wireless radio communication module 8 associated with an antenna 80, in order to allow the wireless transmission (controlled by the microcontroller 5) of the identification data to the processing unit remote, this wireless communication module 8 being temporarily powered by the electric current converted by the passive radio identification chip 3.

As can be seen in FIG. 2, it is also conceivable for the access control device 1 to comprise, inside its housing 2, an electric battery 9 associated with a charging circuit which recharges the electric battery 9 with the electric current converted by the passive radio identification chip 3, this electric battery 9 being connected to the microcontroller 5, directly or via the passive radio-identification chip 3. Moreover, it is conceivable to provide that the control device access 1 has a light or audible warning device that triggers to inform the carrier of the external radio identification module 6 10 on its access permissions; such a light or sound warning device is also temporarily powered by the electric current converted by the passive radio-identification chip 3. It is also conceivable to provide on the access control device 1 a screen, for example of the type LCD screen or "e15 paper" screen, temporarily powered by the electrical current converted by the passive radio-identification chip 3. In addition, in the case of an external radio-identification module 6 of the mobile phone type, it is possible providing an additional identification of the type entered a code on a telephone keypad and / or biometric control on a biometric device integrated in the telephone and / or facial recognition using an image captured by a camera integrated into the telephone; the telephone communicating to the access control device 1 these additional identifications. 25

Claims (9)

REVENDICATIONS1. An access control device (1) secured by radio-identification, comprising a housing (2) receiving internally: - a radio-identification chip (3) connected to an antenna (4) and adapted to receive by electromagnetic waves data identification associated with a signature generated by an external radio identification module (6); a microcontroller (5) connected to said radio identification chip (3) and designed to receive and authenticate identification data from said radio identification chip (3) and to transmit said identification data after authentication to a remote processing unit; said access control device (1) being characterized in that the radio identification chip (3) is of the passive type, without a permanent supply of electrical energy, said radio identification chip (3) being shaped to convert the electromagnetic waves emitted by the external radio identification module (6) for electric current temporarily supplying the operation of said radio identification chip (3) and said microcontroller (5). An access control device (1) according to claim 1, wherein the identification data is encrypted by an asymmetric cryptographic method using a private key of a public / private key pair, and the microcontroller (5). ) is able to decrypt the identification data with the public key of the public / private key pair, and validate the authenticity of the identification data, said public key being stored in a memory of said microcontroller (5). Access control device (1) according to claim 1 or 2, wherein the microcontroller (5) is connected to a communication cable (7), to allow the wired transmission of the identification data after authentication to the remote processing unit. An access control device (1) according to any one of the preceding claims, wherein the housing (2) internally receives a wireless radio communication module (8) connected to the microcontroller 3036523 9 (5) to enable wirelessly transmitting identification data after authentication to the remote processing unit, said wireless communication module (8) being provided to be temporarily powered by the electrical current converted by the radio identification chip (3). 5 5. Access control device (1) according to any one of the preceding claims, wherein the housing (2) internally receives an electric battery (9) associated with a charging circuit which recharges said electric battery (9) with the electric current converted by the radio identification chip (3), said electric battery (9) being connected to the microcontroller (5). 6. An access control device (1) according to any one of the preceding claims, wherein the radio-identification chip (3) has an electromagnetic field presence detection function. 15 An access control system comprising at least one access control device (1) according to any one of the preceding claims, and at least one external radio identification module (6), said radio external module -identification (6) comprising an active radio-identification chip (60) powered by an electric battery and adapted to generate, via an antenna, electromagnetic waves containing identification data associated with a signature and serving temporarily to power electrically the operation of the passive radio identification chip (3) and the microcontroller (5) of the access control device (1). 25 An access control system as claimed in claim 7, wherein the active radio identification chip (60) of the radio identification external module (6) is of the NFC chip type. An access control system according to claims 7 or 8, wherein the radio identification external module (6) is of the portable telephone type or of the active badge or key ring type equipped with an electric battery.