[go: up one dir, main page]

SE2350506A1 - Controlling access to a restricted physical space - Google Patents

Controlling access to a restricted physical space

Info

Publication number
SE2350506A1
SE2350506A1 SE2350506A SE2350506A SE2350506A1 SE 2350506 A1 SE2350506 A1 SE 2350506A1 SE 2350506 A SE2350506 A SE 2350506A SE 2350506 A SE2350506 A SE 2350506A SE 2350506 A1 SE2350506 A1 SE 2350506A1
Authority
SE
Sweden
Prior art keywords
location
condition
electronic lock
source
true
Prior art date
Application number
SE2350506A
Inventor
Marko Ovaska
Original Assignee
Abloy Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Abloy Oy filed Critical Abloy Oy
Priority to SE2350506A priority Critical patent/SE2350506A1/en
Priority to PCT/EP2024/061427 priority patent/WO2024223755A1/en
Publication of SE2350506A1 publication Critical patent/SE2350506A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/08Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/023Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C2009/0092Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for cargo, freight or shipping containers and applications therefore in general
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/60Indexing scheme relating to groups G07C9/00174 - G07C9/00944
    • G07C2209/63Comprising locating means for detecting the position of the data carrier, i.e. within the vehicle or within a certain distance from the vehicle

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Economics (AREA)
  • Human Resources & Organizations (AREA)
  • Tourism & Hospitality (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

It is provided a system (1) comprising: an electronic lock (12) for controlling access to a restricted physical space (16), a first location source (2); a second location source (13). The electronic lock (12) is configured to: receive an access request from a requesting entity (2); obtain a first location indication; obtain a second location indication; obtain a set of at least one limited geographic area; determine that a first condition is true, that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, that the second location indication points to a location within the same limited geographic area; determine that a third condition is true that authorisation is granted based on the access request; and set the electronic lock (12) in an unlocked state.

Description

CONTROLLING ACCESS TO A RESTRICTED PHYSICAL SPACE TECHNICAL FIELD id="p-1"
[0001] The present disclosure relates to the field of controlling access to a restricted physical space and in particular to controlling access to a restricted physical space based on a first location indication and a second location indication.
BACKGROUND id="p-2"
[0002] Locks and keys are evolving from the traditional pure mechanical locks. These days, electronic locks are becoming increasingly common. For electronic locks, no mechanical key profile is needed for authentication of a user. The electronic locks can e.g. be opened using an electronic key stored on a special carrier (fob, card, etc.) or in a smartphone. The electronic key and electronic lock can e.g. communicate over a wireless interface. Such electronic locks provide a number of benefits, including improved flexibility in management of access rights, audit trails, key management, etc. id="p-3"
[0003] In some cases, access control can be conditioned also on location, e.g. that a lock of a shipping container should only be unlockable when being located within a certain pre-defined geographic area. id="p-4"
[0004] However, in some circumstances, an attacker can spoof the location to thereby circumvent the location condition of access control.
SUMMARY id="p-5"
[0005] One object is to reduce the ability of an attacker to circumvent location-based access control. id="p-6"
[0006] According to a first aspect, it is provided a system comprising: an electronic lock for controlling access to a restricted physical space; a first location source; a second location source. The electronic lock comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the electronic lock to: receive an access request from a requesting entity; obtain, over local communication, a first location indication, indicating a location of the first location source; obtain, over local communication, a second location indication, indicating a location of the second location source being distinct from the first location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock in an unlocked state. id="p-7"
[0007] The first location source may be an electronic key, and the second location source is a communication gateway. id="p-8"
[0008] According to a second aspect, it is provided a method for controlling access to a restricted physical space. The method is performed by an electronic lock. The method comprises: receiving an access request from a requesting entity; obtaining, over local communication, a first location indication, indicating a location of a first location source; obtaining, over local communication, a second location indication, indicating a location of a second location source being distinct from the first location source; obtaining a set of at least one limited geographic area; determining that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determining that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determining that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and setting the electronic lock in an unlocked state. id="p-9"
[0009] The local communication may be based on short-range wireless communication. id="p-10"
[0010] The short-range wireless communication may be based on at least one of Bluetooth, Bluetooth low energy, near-field communication NFC, and radio frequency identification RFID. 3 id="p-11"
[0011] The determining that a third condition is true may comprise determining that authorisation is granted based only on the access request and locally stored data. [0012] The first location source may be a communication gateway. [0013] The second location source may be an electronic key. id="p-14"
[0014] The obtaining the set of at least one limited geographic area may comprise obtaining the set based on the access request. id="p-15"
[0015] Each one of the limited geographic areas may be defined in the access request. id="p-16"
[0016] The first location source and the second location source may be based on different localisation technologies. id="p-17"
[0017] According to a third aspect, it is provided , it is provided an electronic lock for controlling access to a restricted physical space. The electronic lock comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the electronic lock to: receive an access request from a requesting entity; obtain, over local communication, a first location indication, indicating a location of a first location source; obtain, over local communication, a second location indication, indicating a location of a second location source being distinct from the first location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock in an unlocked state. id="p-18"
[0018] According to a fourth aspect, it is provided a computer program for controlling access to a restricted physical space. The computer program comprises computer program code which, when executed on an electronic lock causes the 4 electronic lock to: receive an access request from a requesting entity; obtain, over local communication, a first location indication, indicating a location of a first location source; obtain, over local communication, a second location indication, indicating a location of a second location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock in an unlocked state. id="p-19"
[0019] According to a fifth aspect, it is provided a computer program product comprising a computer program according to the fourth aspect and a computer readable means comprising non-transitory memory in which the computer program is stored. id="p-20"
[0020] Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/ an /the element, apparatus, component, means, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS id="p-21"
[0021] Aspects and embodiments are now described, by way of example, with refer- ence to the accompanying drawings, in which: id="p-22"
[0022] Fig 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied; id="p-23"
[0023] Fig 2 is a schematic diagram illustrating a system that can be applied in the environment of Fig 1; id="p-24"
[0024] Fig 3 is a schematic diagram illustrating geographic areas used for controlling access to the electronic lock; id="p-25"
[0025] Fig 4 is a flow chart illustrating embodiments of methods for controlling access to a restricted physical space; id="p-26"
[0026] Fig 5 is a schematic diagram illustrating components of the predicted entry position of Fig 1; and id="p-27"
[0027] Fig 6 shows one example of a computer program product comprising computer readable means.
DETAILED DESCRIPTION id="p-28"
[0028] The aspects of the present disclosure will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. These aspects may, however, be embodied in many different forms and should not be construed as limiting; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and to fully convey the scope of all aspects of invention to those skilled in the art. Like numbers refer to like elements throughout the description. id="p-29"
[0029] Embodiments presented herein provide improved security for (moveable) electronic locks. Specifically, the electronic lock has a geofence condition that needs to be fulfilled for unlocking, based on two separate location sources that are local to the electronic lock. Moreover, authentication is applied as an additional condition. Only when all conditions are true is the electronic lock unlocked. The geofence condition prevents someone from unlocking the electronic lock when the electronic lock is in transit between two valid geographic areas. By using two separate location sources, an attacker is significantly less likely to be able to fool the system into considering the electronic lock to be in a valid geographic area when it is not, compared to relying on a single location source. id="p-30"
[0030] Fig 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied. Access to a physical space 16 is restricted by an openable physical barrier 15 which is selectively unlockable. The physical barrier 15 stands between the restricted physical space 16 and an accessible physical space 14. Note that the accessible physical space 14 can be a restricted physical space in itself, but in relation to this physical barrier 15, the accessible physical space 14 is accessible. The barrier 15 can be a door, gate, hatch, cabinet door, drawer, window, etc. An electronic lock 12 is provided in order to control access to the physical space 16, by selectively unlocking the barrier 15. In the example illustrated in Fig 1, the restricted physical space 16 is the interior space of a shipping container. However, it is to be noted that the restricted physical space 16 can be any suitable physical space for which access can be controlled using a moveable electronic lock 12. id="p-31"
[0031] The electronic lock 12 can be provided in a structure 17 (such as a side wall or crossbar) securing the barrier 15, or the electronic lock 12 can be provided in the barrier 15 itself. The electronic lock 12 is controllable to be in a locked state or in an unlocked State. id="p-32"
[0032] A user 6 carries an electronic key 2. The electronic key 2 can be in any suitable format that allows an access control device to communicate (wirelessly or conductively) with the electronic lock 12 to evaluate whether to grant access. For instance, the electronic key 2 can be in the form of a key fob, a key card, a hybrid mechanical / electronic key or embedded in a smartphone. Depending on the access rights for the electronic key 2, it can be used in the process of unlocking the electronic lock 12. It is to be noted that the functionality mentioned for the electronic key 2 can also optionally be provided using a communication gateway 13. The communication gateway 13 allows the electronic lock 12 to communicate with a server 3. The communication gateway 13 can also communicate over local communication with the electronic lock 12. This allows the server 3 to remotely control the locking/unlocking state of the electronic lock 12. id="p-33"
[0033] The gateway device 13 can be battery-powered or mains-powered, and is provided in the vicinity of the electronic lock 12. For instance, the gateway device 13 can be provided in a secure location. The secure location can e.g. be within a shipping container, in which case antennas for the gateway device 13 can be provided external to the container casing, of the shipping contained secured by the electronic lock 12. 7 Alternatively, the secure location can be a fixed location within a warehouse. The gateway device 13 communicates with the electronic lock 12 over local communication. The gateway device 13 can communicate with the server 3 via a network 7, e.g. based on Wi-Fi, and/ or a cellular network, complying with any one or a combination of sixth generation (6G) mobile networks, next generation mobile networks (fifth generation, 5G), LTE (Long Term Evolution), UMTS (Universal Mobile Telecommunications System) utilising W-CDMA (Wideband Code Division Multiplex). When the gateway device 13 is battery-powered, the communication between the gateway device 13 and the network 7 can be based on a low-power cellular interface, such as LTE M (LTE machine type communication) or NBIoT (narrowband internet-of-things), to conserver power in the battery. id="p-34"
[0034] The gateway device 13 functions as a location source for the electronic lock 12, e.g. based on an integrated localisation signal receiver. The localisation signal receiver can e.g. be based on GPS (Global Positioning System), Galileo, or any other satellite-based localisation. Alternatively or additionally, the location source of the gateway device 13 is based on cellular network location determination. id="p-35"
[0035] Local communication is to be construed as communication within the same site, e.g. within 100 metres, or withing communication range of the short-range wireless communication interface. For instance, the short-range wireless communication can be based on any one or more of Bluetooth, Bluetooth low energy (BLE), near-field communication (NFC), and radio frequency identification (RFID). Local Wi-Fi can also be used for local communication. id="p-36"
[0036] Optionally, the server 3 can communicate with the electronic lock 12, e.g. via the key 2 and/ or the communication gateway 13. The communication between the server 3 and the electronic key 2 or communication gateway 13 can occur over a network 7, which can be an internet protocol (IP)-based network. The network 7 can e.g. comprise any one or more of a local wireless network, a cellular network, a wired local- area network, a wide-area network (such as the Internet), etc. The server 3 can e.g. support remote unlocking from a server application or from another user device. 8 id="p-37"
[0037] As described in more detail below, as part of the access control process, the electronic lock 12 evaluates whether an entity (e.g. the electronic key 2 or the server 3) is authorised to unlock the electronic lock 12 based on an access request and location data.
If the evaluation is successful, the electronic lock 12 is set in an unlocked state. id="p-38"
[0038] Fig 2 is a schematic diagram illustrating a system 1 that can be applied in the environment of Fig 1. The system 1 comprises the electronic lock 12, the communication gateway 13 and the electronic key 2. In this embodiment, the electronic key 2 is the first location source and the gateway device 13 is the second location source, or vice versa, for the electronic lock 12. id="p-39"
[0039] Fig 3 is a schematic diagram illustrating geographic areas used for controlling access to the electronic lock 12. id="p-40"
[0040] A set is formed that includes all applicable geographic areas 20a-b. In this example, there is a first geographic area 20a and a second geographic area 20b that are included in the set. Each geographic area 20a, can be defined in any suitable way, e.g. using coordinates of a polygon encompassing the geographic area. Alternatively, each geographic area is defined by a shape (e.g. circle, oval, square, rectangle, etc.) that is predefined or explicitly defined per geographic area, as well as a reference coordinate (e.g. of a centre point or one corner of the shape) and a predefined or explicitly defined size parameter. External areas 21 are defined as any area outside the defined geographic areas 20a-b. As an example, the first geographic area 20a can be a first logistics centre in a first city and the second geographic area 20b can be a second logistics centre in a second city. id="p-41"
[0041] According to embodiments presented herein, it is a necessary condition that at least two location sources, that are local to the electronic lock 12, indicate a position within one (and the same) of the predefined geographic areas 20a, 20b. id="p-42"
[0042] Fig 4 is a flow chart illustrating embodiments of methods for controlling access to a restricted physical space, performed by an electronic lock 12. id="p-43"
[0043] In a receive access request step 40, the electronic lock 12 receives an access request 30 from a requesting entity 2, 3. The requesting entity can e.g. be an electronic 9 key 2. Alternatively, the requesting entity can be a remote server 3, transmitting the access request via the gateway 13 to the electronic lock 12. As explained in more detail below, the access request can contain a set of geographic areas in which the electronic lock 12 must be located for access to be granted. The access request can be in the form of a delegation of a right to unlock the lock. id="p-44"
[0044] In an obtain 1st location indication step 42, the electronic lock 12 obtains a first location indication, indicating a location of a first location source. The electronic lock 12 obtains the first location indication over local communication. For instance, the first location source can be a communication gateway 13. The first location indication can be received from the first location source. id="p-45"
[0045] In an obtain 2nd location indication step 44, the electronic lock 12 obtains a second location indication, indicating a location of a second location source. The second location source is distinct from the first location source. Also the second location indication is obtained over local communication. The second location indication can be received from the second location source. The first and second location sources can be of the same type or of different types. For instance, the first source location source can be a communication gateway 13 and the second location source can be the electronic key 2 (e.g. embodied in a smartphone), or vice versa. Alternatively, both the first and second location sources can be different instances of communication gateways 13, or both the first and second location sources can be different instances of electronic keys 2 (e.g. embodied in respective smartphones). id="p-46"
[0046] Optionally, the first location indication and/ or the second location indication is cryptographically protected. This can be achieved with symmetric or asymmetric cryptography technologies, such as public key infrastructure (PKI). For instance, when PKI is applied, the location indication(s) can be cryptographically signed using a secret key that can be validated by the electronic lock using a public key that corresponds to the secret key. id="p-47"
[0047] The local communication can be internal communication within the electronic lock 12 if a location source is available within the electronic lock 12.
Alternatively, the local communication can be based on short-range wireless 1O communication, based on at least one of Bluetooth, BLE, NFC, and RFID. The second location source can be an electronic key 2. When the electronic key 2 is in the form of a smartphone, the location can be determined e.g. based on satellite-based localisation and/ or cellular network-based localisation. id="p-48"
[0048] In one embodiment, the first location source and the second location source are based on different localisation technologies. For instance, the first location source can be based on a GPS receiver and the second location source can be based on cellular network localisation. By using different location technologies, it is even more difficult for an attacker to fool the system into considering the electronic lock to be in a valid geographic area when it is not. id="p-49"
[0049] In an obtain set of areas step 46, the electronic lock 12 obtains a set of at least one limited geographic area. The set can be prestored within the electronic lock 12. Alternatively, the set is comprised in the access request. In this case, the set can be cryptographically protected (e. g. by cryptographic signature or encryption, based on PKI) by a party trusted by the electronic lock 12. The identity of the party can e.g. be verified using a public key of the party stored in the electronic lock 12. This party can e.g. be the server 3. Hence, each one of the limited geographic areas can be defined in the access request, e.g. as described above with reference to Fig 3. In other words, the access request can contain geographic area data that defines the geographic areas against which location is to be checked (see below). id="p-50"
[0050] In a conditional 1st location in set of areas step 48, the electronic lock 12 determines whether a first condition is true. The first condition is that the first location indication points to a location within a limited geographic area of the set. The evaluation of the first condition is optionally based on a margin of error of the first location indication. The margin of error can be based on the accuracy of the localisation technology used, such that a more accurate localisation technology results in a smaller margin of error. If the first condition is true, the method continues to a conditional 2nd location in the same area step 50. Otherwise, the method ends. id="p-51"
[0051] In the conditional 2nd location in same area step 50, the electronic lock 12 determines whether a second condition is true. The second condition is that the second 11 location indication points to a location within the same limited geographic area of the set as the first location indication. In other words, the second condition implies not only that the second location source is within one of the geographic areas of the set, but also that the second location source is within the same geographic area as the first location source. A margin of error can be applied in analogy with the description of the conditional 1st location in set of areas step 48 above. If the second condition is true, the method continues to a conditional authorisation ok step 52. Otherwise, the method ends. id="p-52"
[0052] The conditional 1st location in set of areas step 48 and the conditional 2nd location in same area step 50 collectively implement a geofence verification. Since the electronic lock 12 is in local communication with the location sources, the electronic lock 12 is in the same general location as the location sources. id="p-53"
[0053] In the conditional authorisation ok step 52, the electronic lock 12 determines whether a third condition is true. The third condition is that authorisation is granted based on the access request. This determination can be based only on the access request and locally stored data, in which case the electronic lock 12 does not need ability to communicate with any external device for the authorisation. The authorisation can be checked by verifying that the access request is at least partly cryptographically signed by a party that the electronic lock 12 trusts, for which the electronic lock 12 has a prestored public key. The access request can be in the form of a delegation of a right of the requesting entity to unlock the lock. If the third condition is true, the method continues to an unlock step 54. Otherwise, the method ends. id="p-54"
[0054] It is to be noted that the conditional steps 48, 50, 52 can be applied in any order as long as all three conditions are found to be true prior to proceeding to the unlock step 54. id="p-55"
[0055] In the unlock step 54, the electronic lock 12 sets the electronic lock 12 in an unlocked state. id="p-56"
[0056] According to embodiments presented herein, only when all conditions are true is the electronic lock unlocked. The geofence conditions prevents someone from 12 unlocking the electronic lock when the electronic lock is in transit between two valid geographic areas. By using two separate location sources, an attacker is significantly less likely to be able to fool the system into considering the electronic lock to be in a valid geographic area when it is not. id="p-57"
[0057] Fig 5 is a schematic diagram illustrating components of the predicted entry position 12 of Fig 1. A processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), graphics processing unit (GPU), multiprocessor, neural processing unit (NPU), microcontroller, digital signal processor (DSP), etc., capable of executing software instructions 67 stored in a memory 64, which can thus be a computer program product. The processor 60 could alternatively be implemented using an application specific integrated circuit (ASIC), field programmable gate array (FPGA), etc. The processor 60 can be configured to execute the method described with reference to Fig 4 above. id="p-58"
[0058] The memory 64 can be any combination of random-access memory (RAM) and/ or read-only memory (ROM). The memory 64 also comprises non-transitory persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid-state memory or even remotely mounted memory. id="p-59"
[0059] A data memory 66 is also provided for reading and/ or storing data during execution of software instructions in the processor 60. The data memory 66 can be any combination of RAM and/ or ROM. id="p-60"
[0060] An I/ O interface 62 is provided for communicating with external and/ or internal entities using wired communication, e.g. based on Ethernet, and/ or wireless communication, e.g. Bluetooth, BLE, Wi-Fi, and/ or a cellular network, complying with any one or a combination of 6G mobile networks, 5G mobile networks, LTE, UMTS utilising W-CDMA, or any other current or future wireless network. id="p-61"
[0061] Other components of the electronic lock 12 are omitted in order not to obscure the concepts presented herein. 13 id="p-62"
[0062] Fig 6 shows one example of a computer program product 90 comprising computer readable means. On this computer readable means, a computer program 91 can be stored in a non-transitory memory. The computer program can cause a processor to execute a method according to embodiments described herein. In this example, the computer program product 90 is in the form of a removable solid-state memory, e.g. a Universal Serial Bus (USB) drive. As explained above, the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5. While the computer program 91 is here schematically shown as a section of the removable solid-state memory, the computer program can be stored in any way which is suitable for the computer program product, such as another type of removable solid-state memory, or an optical disc, such as a CD (compact disc), a DVD (digital versatile disc) or a Blu-Ray disc. id="p-63"
[0063] The aspects of the present disclosure have mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims. Thus, while various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope and spirit being indicated by the following claims.

Claims (14)

Claims
1. 1 A system (1) comprising: an electronic lock (12) for controlling access to a restricted physical space (16); a first location source (2); a second location source (13); wherein the electronic lock (12) comprises: a processor (6o); and a memory (64) storing instructions (67) that, when executed by the processor, cause the electronic lock (12) to: receive an access request from a requesting entity (2); obtain, over local communication, a first location indication, indicating a location of the first location source; obtain, over local communication, a second location indication, indicating a location of the second location source being distinct from the first location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock (12) in an unlocked state.
2. The system (1) according to claim 1, wherein the first location source (2) is an electronic key (2), and the second location source (13) is a communication gateway (13).
3. A method for controlling access to a restricted physical space (16), the method being performed by an electronic lock (12), the method comprising: receiving (40) an access request from a requesting entity (2); obtaining (42), over local communication, a first location indication, indicating a location of a first location source; obtaining (44), over local communication, a second location indication, indicating a location of a second location source being distinct from the first location source; obtaining (46) a set of at least one limited geographic area; determining (48) that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determining (50) that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determining (52) that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and setting (54) the electronic lock (12) in an unlocked state.
4. The method according to claim 3, wherein the local communication is based on short-range wireless communication.
5. The method according to claim 4, wherein the short-range wireless communication is based on at least one of Bluetooth, Bluetooth low energy, near-field communication NFC, and radio frequency identification RFID.
6. The method according to any one of claims 3 to 5, wherein the determining (52) that a third condition is true comprises determining that authorisation is granted based only on the access request and locally stored data.
7. The method according to any one of claims 3 to 6, wherein the first location source is a communication gateway (13).
8. The method according to any one of claims 3 to 7, wherein the second location source is an electronic key (2).
9. The method according to any one of claims 3 to 8, wherein the obtaining (46) the set of at least one limited geographic area comprises obtaining the set based on the EICCCSS feqlleSt.
10. The method according to claim 9, wherein each one of the limited geographic areas are defined in the access request.
11. The method according to any one of claims 3 to 10, wherein the first location source and the second location source are based on different localisation technologies.
12. An electronic lock (12) for controlling access to a restricted physical space (16), the electronic lock (12) comprising: a processor (60); and a memory (64) storing instructions (67) that, when executed by the processor, cause the electronic lock (12) to: receive an access request from a requesting entity (2); obtain, over local communication, a first location indication, indicating a location of a first location source; obtain, over local communication, a second location indication, indicating a location of a second location source being distinct from the first location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic area of the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock (12) in an unlocked state.
13. A computer program (67, 91) for controlling access to a restricted physical space (16), the computer program comprising computer program code which, when executed on an electronic lock (12) causes the electronic lock (12) to: receive an access request from a requesting entity (2); obtain, over local communication, a first location indication, indicating a location of a first location source; obtain, over local communication, a second location indication, indicating a location of a second location source; obtain a set of at least one limited geographic area; determine that a first condition is true, wherein the first condition is that the first location indication points to a location within a limited geographic area of the set; determine that a second condition is true, wherein the second condition is that the second location indication points to a location within the same limited geographic areaof the set as the first location indication; determine that a third condition is true, wherein the third condition is that authorisation is granted based on the access request; and set the electronic lock (12) in an unlocked state.
14. A computer program product (64, 90) comprising a computer program according to claim 13 and a computer readable means comprising non-transitory memory in which the computer program is stored.
SE2350506A 2023-04-27 2023-04-27 Controlling access to a restricted physical space SE2350506A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
SE2350506A SE2350506A1 (en) 2023-04-27 2023-04-27 Controlling access to a restricted physical space
PCT/EP2024/061427 WO2024223755A1 (en) 2023-04-27 2024-04-25 Controlling access to a restricted physical space

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE2350506A SE2350506A1 (en) 2023-04-27 2023-04-27 Controlling access to a restricted physical space

Publications (1)

Publication Number Publication Date
SE2350506A1 true SE2350506A1 (en) 2024-10-28

Family

ID=90924160

Family Applications (1)

Application Number Title Priority Date Filing Date
SE2350506A SE2350506A1 (en) 2023-04-27 2023-04-27 Controlling access to a restricted physical space

Country Status (2)

Country Link
SE (1) SE2350506A1 (en)
WO (1) WO2024223755A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10127750B2 (en) * 2014-08-21 2018-11-13 Peter Alexander Cordiner Electronic locking system
US10745943B1 (en) * 2017-08-02 2020-08-18 United Services Automobile Associates (USAA) Smart lock box
US20200334931A1 (en) * 2016-04-22 2020-10-22 E-Smart Systems Pvt. Ltd. Access control and location tracking system
US20210056786A1 (en) * 2019-08-21 2021-02-25 T-Mobile Usa, Inc. Location-aware beacon scanning and authentication for secure lock control and other iot applications
US20210272401A1 (en) * 2017-08-01 2021-09-02 The Chamberlain Group, Inc. System and Method for Facilitating Access to a Secured Area
US20220210604A1 (en) * 2019-03-08 2022-06-30 Master Lock Company Llc Systems and methods for dynamically delivering access credentials for locking systems

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9704316B2 (en) * 2013-09-10 2017-07-11 Gregory Paul Kirkjan Contactless electronic access control system
US20150348347A1 (en) * 2014-05-27 2015-12-03 Bluesmart Inc. Active container
GB201704629D0 (en) * 2017-03-23 2017-05-10 Glue Ab Automated delivery security system
CA3134866A1 (en) * 2019-03-25 2020-10-01 Assa Abloy Ab Physical access control systems with localization-based intent detection
CN110047187A (en) * 2019-04-26 2019-07-23 深圳市丰巢科技有限公司 A kind of method, apparatus, equipment and system for opening express delivery cabinet
EP4055569A4 (en) * 2019-11-06 2024-01-17 iLOQ Oy Mobile digital locking technology

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10127750B2 (en) * 2014-08-21 2018-11-13 Peter Alexander Cordiner Electronic locking system
US20200334931A1 (en) * 2016-04-22 2020-10-22 E-Smart Systems Pvt. Ltd. Access control and location tracking system
US20210272401A1 (en) * 2017-08-01 2021-09-02 The Chamberlain Group, Inc. System and Method for Facilitating Access to a Secured Area
US10745943B1 (en) * 2017-08-02 2020-08-18 United Services Automobile Associates (USAA) Smart lock box
US20220210604A1 (en) * 2019-03-08 2022-06-30 Master Lock Company Llc Systems and methods for dynamically delivering access credentials for locking systems
US20210056786A1 (en) * 2019-08-21 2021-02-25 T-Mobile Usa, Inc. Location-aware beacon scanning and authentication for secure lock control and other iot applications

Also Published As

Publication number Publication date
WO2024223755A1 (en) 2024-10-31

Similar Documents

Publication Publication Date Title
US12219081B2 (en) Systems and methods for controlling a locking mechanism using a portable electronic device
US10911949B2 (en) Systems and methods for a vehicle authenticating and enrolling a wireless device
US8976005B2 (en) Movement history assurance for secure passive keyless entry and start systems
US9584528B2 (en) Securing databases against piracy attacks
US10580240B2 (en) Use of mobile device to configure a lock
US20180276367A1 (en) Modifying security state with secured range detection
EP3107072B1 (en) Locating an electronic key
US10984620B2 (en) Access control device, access control system and access control method using the same
EP2672464A1 (en) Communications system providing remote access via mobile wireless communications device and related methods
SE2350506A1 (en) Controlling access to a restricted physical space
CN111095248B (en) Peer-assisted enhanced authentication
CN115767524A (en) Managing communications between a vehicle and a user device
SE2350196A1 (en) Controlling access to a restricted physical space using an authorisation signal and unlock trigger signal
SE546189C2 (en) Enabling remote unlock of a lock
SE1951173A1 (en) Authenticating with an authentication server for requesting access to a physical space
KR20240128133A (en) Universal personal identification signal
KR102462707B1 (en) A Method for Authenticating and Communicating between a Device and a Mobile Based on a Public Key in a Mobile Near Field Communication
US12267427B2 (en) Active access authentication method and device using the same
SE2350726A1 (en) Determining when a portable key device is on a front side or back side based on sound signals
US20240321026A1 (en) Method and device for providing an authorization to access a vehicle
SE1951047A1 (en) Evaluating access to a physical space
Kang Implementing Onetime Password based Access Control System for Secure Sharing Service
SE2151268A1 (en) Determining when to establish a communication channel for access control