WO2004093017A1 - Personal identification system for electronic locks and other computer systems - Google Patents

Personal identification system for electronic locks and other computer systems

Info

Publication number
WO2004093017A1
WO2004093017A1 PCT/ES2004/000166 ES2004000166W WO2004093017A1 WO 2004093017 A1 WO2004093017 A1 WO 2004093017A1 ES 2004000166 W ES2004000166 W ES 2004000166W WO 2004093017 A1 WO2004093017 A1 WO 2004093017A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
lock
locks
computer systems
computer
Prior art date
Application number
PCT/ES2004/000166
Other languages
Spanish (es)
French (fr)
Inventor
Miguel Angel Fernandez Graciani
Original Assignee
Fernandez Graciani Miguel Ange
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fernandez Graciani Miguel Ange filed Critical Fernandez Graciani Miguel Ange
Publication of WO2004093017A1 publication Critical patent/WO2004093017A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/23Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00579Power supply for the keyless data carrier
    • G07C2009/00603Power supply for the keyless data carrier by power transmission from lock
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00658Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys
    • G07C9/00706Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by passive electrical keys with conductive components, e.g. pins, wires, metallic strips

Definitions

  • this identification is carried out using very diverse mechanisms.
  • we identify ourselves by the fact that only we have the corresponding key, and a different key for each lock.
  • Another important problem is the fact that the loss of a key makes it advisable to change the lock. Being necessary to replace the rest of the keys, distributing them to the people who were previously given.
  • As for the use of magnetic cards very widespread both in the environment of electronic locks and in ATMs. These are basically characterized by having a magnetic strip in which enough information is recorded to identify it. This information can be read later by any card reader of the corresponding type.
  • the reader system can request the cardholder to enter a secret number, as occurs in ATM networks. This requirement guarantees the identity of the cardholder to the reader, but does not authenticate the reader to the cardholder. That is, someone could put a card reader on the public road, simulating the ATM of a bank, for example, read the content of the card and then ask the user for their secret number.
  • the user believing himself to be before a valid interlocutor, would write the secret number, making his card information and his secret number available to the impostor, information that is sufficient to impersonate the user before the corresponding entities.
  • the most used protocol is to simply request the number of the card, which is visible and therefore usable by a multitude of employees of establishments, where the card. This fact is one of the reasons that has most slowed down Internet sales.
  • the personal identification system for electronic locks and other computer systems mentioned above is essentially made up of two attachable elements, a key and a lock, provided respectively with a male connector and a female connector, intended to be coupled at the time of their utilization.
  • the male connector of the key is equipped with a battery and a computer system that includes a keyboard and a monitoring system using LEDs, liquid crystal or another type; while the existing female connector in the lock, it has a computer system and the precise electromechanical actuators and electronic connectors to handle mechanical resources or to transfer information to the system that houses it.
  • This computer system for the lock may have its own power supply or lack it, since it is foreseen that, when the key is inserted, the same battery that feeds the male connector of the same can activate the lock system, or conversely, the power supply to the lock can activate the key system, in which case the power supply battery is not required, or if the battery is rechargeable, it can be recharged, with no other operation than leaving the key inserted in the lock.
  • the key easily transportable by the user, both by shape and by dimensions, it will be of the type normally used for any door of a home, building, automobile or type of vehicle, alarm system, ATM, personal computer or of any kind, connected or not to a computer network or a computer system of any kind.
  • the lock coupled to the corresponding door, alarm system, etc., etc., is included in the mechanism that offers services to the user, either opening or closing doors, vehicles or buildings, alarm systems , computer systems, computer networks, etc.
  • Both the key and the lock are provided with separate connectors made up of various contacts, intended for power and charging, or to establish communication between the lock and key computer systems.
  • the physical form of these connectors is defined in such a way that when the key is inserted into the lock, the battery contained in the key, which already feeds the circuits of the key, can also power the computer system of the lock, and in the event that the lock provided with its own power could charge the key battery or power its circuits.
  • the connections for data communication establish a circuit that allows communication between the key and lock computer systems.
  • Each key or lock has a device identification number (NID) and a set of keys exclusive public and private, that identify it and differentiate it from the rest of existing locks or keys.
  • NID device identification number
  • Said identification number is associated with the identity of the owner of the key or lock.
  • the lock works passively as a receiver, waiting to identify the user to offer its services.
  • the key works actively, requesting the receiver (by inserting it into the lock) to carry out a mutual identification process; After this identification, if applicable, the receiver will offer its services to the owner of the key.
  • the female connector will not always be the interlocutor to whom the user wishes to identify himself. With respect to this fact, there can be two types of connection between the interlocutors: 1. Direct: From key to lock. In this case, the female connector has its own device identification number (NID) and its public and private keys and identifies itself as the other interlocutor of the interconnection. This will be the case of door locks in homes, vehicles, personal computers or alarm centers.
  • NID device identification number
  • lock is not the interlocutor to whom the key is to be identified, but rather an intermediary that enables the key to communicate with the system to which it wishes to identify itself.
  • the lock will be included in a more general computer system to which it transfers the information from the key, so that it is transferred to the corresponding interlocutor, who is the one who will use their NID and keys to identify and identify themselves to the owner of the key.
  • This interlocutor can be found in a remote machine until which, the computer system that houses the female connector, will send the information, using any of the possible interconnections between present or future computers, that is, through a local network, point-to-point connections, internet network, etc ...
  • Some examples of this type of communication can be the case of ATMs, or internet services.
  • a lock to identify a key there is an initial registration process, whereby the key and lock exchange their names, the public part of their asymmetric keys and enough information to maintain a sequence of secure subsequent connections, as well as a history of the same. Subsequently key and lock will be able to identify each other each time the key is inserted in the lock.
  • the key has a small alphanumeric keyboard that the owner can use to enter information such as an activation code at the beginning of each identification that prevents the key from being used by strangers in the event of loss, or instructions for configuration of the key or lock in which it is inserted.
  • the key also includes a small monitor or display to display the corresponding information.
  • the key may include other connection or communication resources that allow you to expand your performance characteristics.
  • both keys and locks store the information corresponding to their access sequence. This information will be accessible to the corresponding users, either through the user interface of the key (keyboard and monitor), or through the corresponding devices (computer systems that include the key or lock and have an access interface).
  • the decision to enable the opening or closing is made computationally and not mechanically. This allows identifying the key individually, being able to prevent access to a lost key, without the need to change the lock.
  • the same key can be enabled in many locks, managing to reduce the number of keys that a person must carry with them.
  • the action of closing or opening the bolt can be carried out electrically or by traditional manual traction.
  • the action of physically running the bolt is carried out mechanically and manually (a very convenient option for the consequent saving of energy stored in the key battery)
  • the male connector of the key must be robust enough to Withstand manual turning that transmits traction to run the bolt.
  • the described system has the property of mutually identifying the two interlocutors, so that the owner of the key also ensures that he is before the appropriate interlocutor.
  • the same system can be used to sign by digital signature or to process other cryptographic algorithms related to the identity or authorship of the key owner.
  • the same key can define various levels of security against different locks or services, such as, for example, whether or not it requires the inclusion of a secret number. It is even possible that the same key contains several sets of keys that will be activated with different secret numbers. We now go on to describe how our invention includes improvements over the prior art.
  • the invention object of this document that is, the set consisting of key and lock that we propose here, combines the advantages of mechanical and electronic lock systems, while eliminating the disadvantages of these .
  • the object of this invention gains in versatility compared to mechanical locks, since both the decision to open or close and the identification of the key are made in a computational way. This fact also allows the use of a standard communications protocol with which any key can be enabled in any lock. This makes it possible to use a single key to control multiple locks, instead of using one key for each lock. Locks may also be configured to restrict access for certain keys to a specific time and calendar. It is also important to highlight that the connection history that has taken place in each key and lock can be accessed.
  • the object of this invention gains in autonomy and availability, compared to the electronic lock. Since the key-lock assembly does not need any external power, since as we have mentioned the key has an internal battery and the necessary connectors to supply not only its circuitry, but also that of the lock. To install the lock, it will not therefore be necessary to carry out conditioning works to bring the electrical cables to it. The exchange of a mechanical lock or a lock such as those described in this document will not be more complex than that of a classic mechanical lock for another of the same type.
  • this invention basically solves the problem that the user can carry with them the content of the keys and the computing resources necessary to personally validate themselves, using appropriate cryptography algorithms, before the various mechanisms or services that may be physically dispersed, or with different mechanical, electrical, or access to information requirements. That is, the user can personally identify himself to locks, ATMs, computers, alarm systems, vehicles or internet services, safely, using a single device and needing to remember a single key (the one that activates the key), since with that same key will be enough for any identification.
  • This invention basically proposes a system hardware with a suitable connector (the key) so that the interlocutor can identify himself to any service (through the female connector or lock) using suitable cryptographic mechanisms, a communication protocol using asymmetric keys or any other type of which the status of the Art of cryptographic techniques allow you today or in the future.
  • This invention in turn allows to protect the improper use of the key by means of an access key to it, being able to prevent it from being used by any service without previously including said key access code.
  • the same key without the user having to remember more than an access code (the key access code, which may be the same for all its activations), can be used to control locks in homes, offices, vehicles, to enable access to services on the internet to identify themselves mutually and securely with banking services or with the administration, to enable the operation or access to computers of any kind, to identify themselves with alarm systems, or ultimately to identify the presence of their owner and therefore validate the relevant operations.
  • the key access code which may be the same for all its activations
  • the object of this invention makes it possible for us to identify service users by including a female connector (lock) in our system, either by including it in the lock of our house, building or office, where we can define with great precision versatility access characteristics of each of the users to the case; either through a network of ATMs, including in each of them the relevant female connector (lock), or via the internet, since the user can include the necessary device (lock), in which they will insert the key, in their relevant computer, through which you will identify yourself to the service and identify it mutually and safely.
  • figure 1 General perspective view of the system key.
  • figure 2 General perspective view with detail of its interior, of the system lock.
  • the personal identification system for electronic locks and other computer systems that is recommended is made up of a key (1) the size of the keys normally used for automobiles and the like, provided with a male connector ( 3) projecting from the body (5) where the computer system includes a keyboard (13) and a power battery (4), the assembly included in the body (5) being made up of a monitoring system using LEDs, liquid crystal or of any other type and in the protruding male connector, on their faces some contacts (10).
  • the lock (2) has inside it a female connector (6) intended to connect with the male
  • It also includes electronic connectors (9) to transfer information and power to the system, as well as contacts (11) to contact the corresponding (10) of the key when it is inserted, and a tab (12) for securing the male contact (3) when it is inserted into the lock.
  • the key computing system it must contain a microprocessor, RAM memory, ROM memory for the storage of the programming and its private key, FALSH memory or EEPROM for the storage of programs and information regarding the interlocutors (other locks with which you have been enabled), the logic necessary to establish the connection with the interlocutor through the connections established during the insertion of the key in the lock, the logic necessary to manage the interfaces with the keyboard or system monitoring, if any, the clock logic necessary for system operation and time control (it may contain a small independent battery for the clock) and the logic necessary for miscellaneous system functions such as power status control, control battery recharging, etc.
  • the structure of the computer system can be the typical structure of any microprocessor-based system, the only specific requirements are the existence of a communication interface that uses the male connector of the key, without this interface requiring any resources outside of the known in the current state of the art.
  • a mechanical design such as that shown in figure 1 will suffice.
  • the male connector of the key will have sufficient consistency to withstand the necessary traction for turning bolts or other mechanical traction mechanisms. Its surface allows it to house the power and data connections that must be established with the lock.
  • the male connector of the key could be retractable, and it may also have a small indentation that serves as a pressure tab, existing in the lock, to hold it once inserted into it.
  • the key module must be robust and compact enough to be transported personally (in the pocket). As we have already mentioned, you can optionally include a keyboard and display.
  • the computer system of the lock it must also contain a microprocessor, RAM memory, ROM memory for the storage of programming and its private key, FALSH memory or EEPROM for the storage of programs and information regarding the interlocutors (other keys that have been enabled before it), the logic necessary to establish the connection with the interlocutor through the connections established during the insertion of the key in the lock, the clock logic necessary for the operation of the system and the time control (may contain a small independent battery for the clock) and the logic necessary for the miscellaneous functions of the system such as control of the power status, control of recharging of the batteries if any, etc ... As in the case of the.
  • the structure of the computer system can be the typical structure of any microprocessor-based system, likewise, the only specific requirements are the existence of a communication interface that uses the female connector of the lock, without this interface requiring any resource, other than those already known in the current state of the art.
  • the structure of the existing software in the key should not be complex, since we consider it a embedded system that does not require any operating system, and can function as a single process. This process will be dedicated to attending to the different operating protocols, by means of which the key and the lock will perform the functions for which they are intended.
  • an asymmetric key system can be used, where each one has a symmetric system of public key and unique private key, defined during the manufacturing process.
  • the communication protocol between key and lock must cover the different needs associated with the operation of the system.
  • the protocol for its most fundamental function, mutual identification This can be done using the following ⁇ protocol for the identification process ", which could be defined qualitatively by the following steps: 1. Using the connection established when inserting the key into the lock, the key sends a HELLO message to the lock indicating that it wishes identify yourself before this, or the operation you want to perform 2. If the lock is active and ready to To carry out the requested operation, it replies with an OK message that it sends to the key.
  • the key sends its identification number to the lock (unique, defined in the manufacturing process).
  • the lock If the lock does not have information regarding that identification number (the key has not been enabled for that lock), it requests permission to validate it, and if it does not obtain it, it rejects it.
  • CAIC random lock identification code
  • the lock ' encrypts the CAIC string using the key's public key.
  • the encrypted message also includes the lock identification number (Lock NID), so that the key can identify your correspondent.
  • the lock sends the result of the previous step (CAIC + NIDlock) to the key's computer system.
  • the key decrypts the message (CAIC + NIDlock) using its private key, obtaining decoded CAIC and NIDlock from where it will be able to know who its interlocutor is and therefore which public key and which symmetric key should be used.
  • CAIK random key identification code
  • the key builds a chain with the lock's CAIC and its CAIK and encrypts it using the symmetric key (SKO) agreed in the last connection between both devices.
  • SKO symmetric key
  • the key takes the result of the previous step (CAIC + CAIK encrypted with the SKO symmetric key) and re-encrypts it with the public key of the lock (which it knew during the process of enabling it).
  • the key sends the result of the previous step ((CAIC + CAIK)) to the lock's computer system using the established communication line.
  • the lock decrypts the message ((CAIC + CAIK)) using its private key, obtaining (CAIC + CAIK) encoded by the symmetric SKO key it knows from the previous connection.
  • the lock decrypts the message (CAIC + CAIK) using its SKO symmetric key, obtaining CAIC + CAIK decoded. If CAIC matches the chain that the lock sent, the lock system knows that the peer with whom it communicates is not an impostor.
  • the lock builds a chain with the CAIK it has decrypted from the key and the new symmetric key CAIK + NSK, and encrypts this chain (CAIK + NSK) using the key's public key.
  • the lock sends the result of the previous step (CAIK + NSK) to the computer system of the key.
  • the key decrypts the message (CAIK + NSK) using its private key, obtaining CAIK and
  • the same key can be used to carry out other tasks or cryptographic algorithms such as digital signature, which allow identifying or initiating electronic documents, or any other task that requires identification by cryptographic methods of the owner of the key. All these processes can be carried out using the mechanisms available in the state of cryptographic techniques.
  • the communication protocol between the two is responsible for processing the flow of information until the key is identified. If this has been defined, it will request the key entry through the keyboard. And with this the user will be identified. The process that continues depends on the nature of the interlocutors. If it is used on a lock, it will open or close by the corresponding electrical or mechanical means. If it is other systems such as ATMs, personal computers, etc ... the computer system will have identified the user of the key, he will have identified the service and both will act accordingly.
  • the key can be inserted into a lock housed in a computer system with data monitoring capabilities (for example a PC); using the relevant protocols, the information contained in the key will be transferred to the lock and from there to the monitoring system ( PC), where it will be available to the user.
  • data monitoring capabilities for example a PC
  • the process is evident if it is housed in a computer system with monitoring capacity (for example a PC).
  • a key inserted in it will be used. Since the key has the capacity to monitor and control the data, these can be seen directly when they are transferred from the lock to the key. For chaos in which the information to be monitored is very extensive, the key will collect the data from the lock, which can be seen when the key is inserted into a computer system with monitoring capacity (for example, a PC with the corresponding lock) . From a system of the same type (for example a PC with a lock), the corresponding configuration can also be generated, which will be stored in the key and downloaded onto the isolated lock to be configured, once the key is inserted in it.
  • a computer system with monitoring capacity for example, a PC with the corresponding lock
  • the shape, materials and dimensions may be variable and, in general, whatever is accessory and secondary, provided that it does not alter, change or modify the essential nature of the system that has been described.

Abstract

The invention relates to a personal identification system for electronic locks and other computer systems. The system basically enables an individual to identify himself before a great variety of locks (and also enables him to use them mechanically), computer systems or services provided therein by using a single element resembling a house or car key. The system comprises a (personal) key and a lock (in the system that provides the service), both of which are electronic. One of the two elements may not have its own autonomous power supply. When the key is inserted in the lock, a series of contacts between these two elements is activated. Some of these contacts make it possible for the element that does not have its own power supply to be supplied by the other. Other contacts make it possible to transfer data between the two elements. These contacts make it possible for the key and lock to identify one another in a biunivocal and exclusive manner using, for example, an asymmetric key system. Once identification has occurred, both interlocutors with act accordingly.

Description

SISTEMA DE IDENTIFICACIÓN PERSONAL ANTE CERRADURAS ELECTRÓNICAS Y OTROS SISTEMAS DE COMPUTACIÓN". PERSONAL IDENTIFICATION SYSTEM BEFORE ELECTRONIC LOCKS AND OTHER COMPUTER SYSTEMS ".
SECTOR DE APLICACIÓN DE LA INVENCIÓN. - El sistema de identificación personal ante cerraduras electrónicas, al que se refiere la presente invención, será de aplicación en todas aquellas industrias de cerrajería, tanto de viviendas como del automóvil, acceso a servicios bancarios y medios informáticos, en los que se pretende obtener un máximo de seguridad, en cuanto a la idoneidad del usuario para utilizar el sistema.APPLICATION SECTOR OF THE INVENTION. - The personal identification system before electronic locks, to which the present invention refers, will be applicable in all those locksmith industries, both housing and automobile, access to banking services and computer means, in which it is intended to obtain a maximum security, regarding the user's suitability to use the system.
ESTADO DE LA TÉCNICA.-STATE OF THE TECHNIQUE.-
Cotidianamente, tenemos que identificarnos personalmente para acceder al uso de los dispositivos y servicios que utilizamos de forma habitual. Tanto para abrir o cerrar la puerta de nuestra casa u oficina, como para encender el automóvil, para acceder a multitud de servicios en internet, para utilizar las redes de cajeros automáticos o para activar o desactivar la alarma de nuestra casa; es necesario identificarnos de alguna manera.Every day, we have to personally identify ourselves to access the use of the devices and services that we use on a regular basis. Both to open or close the door of our house or office, to start the car, to access a multitude of services on the internet, to use the ATM networks or to activate or deactivate the alarm in our house; it is necessary to identify ourselves in some way.
Según el estado actual de la técnica, esta identificación se realiza utilizando mecanismos muy diversos. En el caso de la puerta de nuestra casa, al igual que en casi todos los vehículos, nos identificamos mediante el hecho de que tan solo nosotros tenemos la llave correspondiente, y una llave distinta para cada cerradura. Ante cajeros electrónicos utilizamos una tarjeta de crédito acompañada del correspondiente código de acceso, o ante servicios en internet, mediante nuestra clave de acceso, con una tarjeta distinta y un código distinto para cada servicio.According to the current state of the art, this identification is carried out using very diverse mechanisms. In the case of the door of our house, as in almost all vehicles, we identify ourselves by the fact that only we have the corresponding key, and a different key for each lock. We use a credit card with ATMs accompanied by the corresponding access code, or with internet services, using our access code, with a different card and a different code for each service.
En cuanto a las cerraduras de viviendas, edificios o vehículos que existen en la actualidad, estas pueden dividirse en dos clases, las mecánicas, en las cuales tan solo se permite abrir o cerrar a aquellas llaves que mecánicamente se acoplan a la cerradura. Y las electrónicas, en las cuales la función de la llave la realiza una tarjeta magnética, un teclado numérico, una identificación de huella digital o algún otro identificador.As for the locks of houses, buildings or vehicles that exist today, these can It can be divided into two classes, the mechanical ones, in which only those keys that are mechanically coupled to the lock are allowed to open or close. And the electronic ones, in which the function of the key is performed by a magnetic card, a numeric keypad, a fingerprint identification or some other identifier.
En el caso de las primeras, las cerraduras mecánicas, estas están compuestas por una cerradura mecánica y varias llaves iguales, de las cuales pueden obtenerse copias con mayor o menor dificultad.In the case of the former, mechanical locks, these are made up of a mechanical lock and several identical keys, of which copies can be obtained with greater or lesser difficulty.
Entre las principales desventajas de este tipo de cerraduras podemos destacar el hecho de que es necesaria una llave distinta para cada cerradura. Esto genera la necesidad de que una persona lleve consigo multitud de llaves para abrir diversas puertas de viviendas, vehículos, etc.Among the main disadvantages of this type of locks we can highlight the fact that a different key is required for each lock. This generates the need for a person to carry a multitude of keys to open various doors of houses, vehicles, etc.
Otro problema importante es el hecho de que la perdida de una llave hace aconsejable el cambio de la cerradura. Siendo necesario sustituir el resto de llaves repartiéndolas a las personas a las que se les dieron anteriormente.Another important problem is the fact that the loss of a key makes it advisable to change the lock. Being necessary to replace the rest of the keys, distributing them to the people who were previously given.
Una limitación importante de este tipo de cerraduras es el que no es posible restringir el acceso de ninguna de las llaves a unos determinados días o a horas determinadas .An important limitation of this type of locks is that it is not possible to restrict the access of any of the keys to certain days or at certain times.
También es una limitación, el que la cerradura no identifica cual de las llaves existentes es la que se inserta en cada momento, esto impide condicionar su acceso de forma independiente.It is also a limitation, the fact that the lock does not identify which of the existing keys is the one that is inserted at any time, this prevents conditioning its access independently.
Al ser un elemento mecánico, debido a la complejidad que conllevaría, no se almacena ningún tipo de información acerca del historial de accesos que se producen mediante dicha cerradura. En el caso de cerraduras electrónicas su principal característica es que la decisión de habilitar el acceso se realiza de forma computadonal. Esto es, tras identificar la llave (tarjeta, clave numérica u otro elemento de identificación) que se introduce en la cerradura, un proceso de computación decide si se posibilita o no la abertura o cierre.As it is a mechanical element, due to the complexity that it would entail, no type of information is stored about the access history produced by said lock. In the case of electronic locks its main Characteristic is that the decision to enable access is made in a computerized way. That is, after identifying the key (card, numeric key or other identification element) that is inserted into the lock, a computing process decides whether or not opening or closing is possible.
Las cerraduras electrónicas existentes en la actualidad, necesitan alimentación eléctrica externa y en ocasiones también es necesario un cableado que permita comunicar la cerradura con otros sistemas de computación (generalmente un ordenador central) . Para su instalación, son necesarias por tanto obras de acondicionamiento que permitan llevar los cables eléctricos hasta ellas. Además, su dependencia del estado de los sistemas eléctricos del edificio puede ser un problema. Ya que en una situación de emergencia (incendios o catástrofes) es fácil que los sistemas eléctricos fallen, en los momentos en los que las cerraduras deben funcionar con la mayor eficiencia. En cuanto al uso de tarjetas magnéticas, muy extendido tanto en el entorno de cerraduras electrónicas como en el de los cajeros automáticos. Estas se caracterizan básicamente por poseer una banda magnética en la cual se graba información suficiente para identificarla. Esta información puede ser leída posteriormente por cualquier lector de tarjeta del tipo correspondiente.Today's electronic locks require external power and sometimes wiring is also required to communicate the lock with other computer systems (usually a central computer). For its installation, therefore, conditioning works are necessary to allow the electrical cables to be brought to them. Also, your dependence on the state of the building's electrical systems can be a problem. Since in an emergency situation (fire or catastrophe) it is easy for electrical systems to fail, at the times when the locks must work with the highest efficiency. As for the use of magnetic cards, very widespread both in the environment of electronic locks and in ATMs. These are basically characterized by having a magnetic strip in which enough information is recorded to identify it. This information can be read later by any card reader of the corresponding type.
Entre las desventajas de usar estas tarjetas como sistema de identificación podemos destacar el hecho de que estas sean básicamente un componente pasivo y visible. Pasivo en el sentido de que tan solo pueden ofrecer información siendo leídas (o escritas) , pero no pueden procesar dicha información. Y visible porque cualquier lector puede obtener la información que contienen. El hecho de que sean un elemento pasivo hace que el poseedor de la tarjeta no pueda identificar de forma fehaciente al otro interlocutor, es decir al sistema que lee la tarjeta. Por lo que su identidad puede ser fácilmente suplantada. Esto es, el sistema basado en tarjeta magnética no asegura al poseedor de la tarjeta la identidad del sistema lector en el que se inserta.Among the disadvantages of using these cards as an identification system, we can highlight the fact that they are basically a passive and visible component. Passive in the sense that they can only offer information being read (or written), but they cannot process said information. And visible because any reader can obtain the information they contain. The fact that they are a passive element means that the cardholder cannot reliably identify the other party, that is, the system that reads the card. So your identity can easily be supplanted. That is, the magnetic card-based system does not assure the cardholder of the identity of the reader system in which it is inserted.
El hecho de que la información contenida en la tarjeta sea fácilmente visible hace que también sea fácilmente duplicable, lo que es poco conveniente en un dispositivo que tiene la función de identificar a su propietario. Para evitar la suplantación de identidad del propietario de la tarjeta, el sistema lector puede solicitar al poseedor de la tarjeta, la introducción de un número secreto, como ocurre en las redes de cajeros automáticos. Este requerimiento garantiza la identidad del propietario de la tarjeta ante el sistema lector, pero no autentifica el sistema lector ante el propietario de la tarjeta. Es decir, alguien podría poner un lector de tarjetas en al vía pública, simulando el cajero de una entidad bancaria por ejemplo, leer el contenido de la tarjeta y después solicitar al usuario su número secreto. El usuario, creyendo encontrarse ante un interlocutor válido, escribiría el número secreto, poniendo a disposición del impostor al información de su tarjera y su número secreto, información esta suficiente para suplantar al usuario ante las entidades correspondientes . En el caso de la utilización de tarjetas de crédito para la compra en internet, la situación es mas preocupante, ya que debido al peligro que supone solicitar el código secreto por internet al usuario, el protocolo mas utilizado consiste en solicitar simplemente el número de la tarjeta, el cual es visible y por tanto utilizable por multitud de empleados de establecimientos, donde se utiliza la tarjeta. Este hecho es uno de los motivos que mas ha frenado las ventas por internet.The fact that the information on the card is easily visible also makes it easily duplicable, which is inconvenient on a device that has the function of identifying its owner. To avoid the identity theft of the cardholder, the reader system can request the cardholder to enter a secret number, as occurs in ATM networks. This requirement guarantees the identity of the cardholder to the reader, but does not authenticate the reader to the cardholder. That is, someone could put a card reader on the public road, simulating the ATM of a bank, for example, read the content of the card and then ask the user for their secret number. The user, believing himself to be before a valid interlocutor, would write the secret number, making his card information and his secret number available to the impostor, information that is sufficient to impersonate the user before the corresponding entities. In the case of the use of credit cards to purchase on the internet, the situation is more worrying, since due to the danger of requesting the user's secret code online, the most used protocol is to simply request the number of the card, which is visible and therefore usable by a multitude of employees of establishments, where the card. This fact is one of the reasons that has most slowed down Internet sales.
En cuanto a la utilización de códigos de acceso, hoy en día es una de las formas mas seguras de validar la identidad de un usuario. Sin embargo, en la inmensa mayoría de los protocolos de usuario empleados hoy, por ejemplo en las redes de cajeros automáticos o en servicios de internet, el interlocutor que ofrece los servicios (esto es el cajero automático o el servidor de internet) , no se identifica de forma fehaciente ante el usuario. Puede hacerlo utilizando un certificado, este mecanismo requiere la intervención de terceros. Esto, como ya hemos comentado en el párrafo anterior, es un problema importante. Otro problema importante en cuanto a la utilización de códigos de acceso, es el hecho de que cada servicio conlleva un código de acceso, siendo conveniente para aumentar la seguridad, que estos sean distintos para cada entidad o servicio. Es necesario por tanto memorizar multitud de estos códigos, lo cual es difícil o cuanto menos, engorroso.Regarding the use of access codes, today it is one of the safest ways to validate the identity of a user. However, in the vast majority of user protocols used today, for example in ATM networks or internet services, the interlocutor that offers the services (that is, the ATM or the Internet server), is not reliably identifies the user. You can do it using a certificate, this mechanism requires the intervention of third parties. This, as we have already commented in the previous paragraph, is a major problem. Another important problem regarding the use of access codes is the fact that each service has an access code, and it is convenient to increase security, that they be different for each entity or service. It is therefore necessary to memorize many of these codes, which is difficult or at least cumbersome.
En cuanto al estado del arte actual acerca de la identificación personal mediante parámetros bio étricos, los avances mas significativos son los orientados a la identificación mediante huella digital o retina. Todos ellos son complejos de obtener, y generalmente sensibles al estado actual de la persona en cuestión. Por otra parte, al ser visibles, son reproducibles y por tanto, con mayor o menor dificultad, hacen posible la suplantación de la identidad del usuario. En cualquier caso, estos sistemas son también pasivos. Es decir permiten identificar al usuario, pero no posibilitan el que el usuario identifique al otro interlocutor. Conviene quizás destacar que aunque no suela considerarse como tal, el uso de pas ord o clave secreta es básicamente un parámetro bio étrico, ya que refleja una información que tiene un soporte biológico inserto en el individuo a identificar, de forma exclusiva. La ventaja en este caso es que dicho parámetro biológico, no es visible y sin embargo es fácil de obtener, si se cumple el requerimiento de que la voluntad del individuo este a favor.Regarding the current state of the art regarding personal identification using bioethical parameters, the most significant advances are those aimed at identification by fingerprint or retina. All of them are complex to obtain, and generally sensitive to the current state of the person in question. On the other hand, being visible, they are reproducible and therefore, with more or less difficulty, they make possible the impersonation of the user's identity. In any case, these systems are also passive. That is, they allow the user to be identified, but they do not allow the user to identify the other party. Perhaps it should be noted that although it is not usually considered as such, the use of pas ord or secret key is basically a bioetric parameter, since it reflects information that has a biological support inserted in the individual to be identified, exclusively. The advantage in this case is that said biological parameter is not visible and yet it is easy to obtain, if the requirement that the individual's will is in favor is met.
En cuanto a las tarjetas electrónicas, se utilizan sobre todo como monederos electrónicos . Su forma física las limita ya que no están diseñadas para alimentar ni para manejar mecánicamente al sistema que las alberga, ni tienen la posibilidad de monitorizar los datos que contienen de forma directa. Las tarjetas electrónicas no están concebidas para sustituir con facilidad las cerraduras tradicionales . Las técnicas criptográficas, y en concreto la firma digital, si facilitan mecanismos suficientes para identificar de forma mutua y segura a varios interlocutores. Sin embargo, no acaban de solucionar el problema de la identificación personal de una forma eficaz. El problema en este caso, no son los algoritmos criptográficos utilizados, si no los recursos y dispositivos físicos que se utilizan para procesarlos y almacenarlos. Es decir, el estado de las técnicas criptográficas permite, por ejemplo mediante claves asimétricas, identificar de forma mutua y segura a dos interlocutores. Lo que no está bien resuelto es como conseguir que el usuario pueda llevar consigo dichas claves (que por ser personales deben acompañar a la persona) y los recursos necesarios para utilizarlas, de forma que el usuario pueda validarse personalmente ante los diversos mecanismos o servicios, dispersos físicamente, y con distintos requerimiento mecánicos, eléctricos, o de acceso a la información; estos son cerraduras, cajeros, computadores, sistemas de alarma, vehículos, servicios de internet ... Un ejemplo de esto es la utilización actual de la firma digital o los certificados en internet, que en el caso de usuarios domésticos están asociados a un fichero que se encuentra almacenado en ordenadores con muy poca protección. Además, por cuestiones de seguridad, el fichero no debe salir de esa máquina, con lo que no puede ser utilizada por el usuario fuera de ella.As for electronic cards, they are mainly used as electronic wallets. Their physical form limits them since they are not designed to feed or mechanically manage the system that houses them, nor do they have the possibility of directly monitoring the data they contain. Electronic cards are not designed to easily replace traditional locks. Cryptographic techniques, and in particular the digital signature, do provide sufficient mechanisms to mutually and securely identify various interlocutors. However, they do not quite solve the problem of personal identification in an effective way. The problem in this case is not the cryptographic algorithms used, but the resources and physical devices that are used to process and store them. In other words, the state of cryptographic techniques allows, for example using asymmetric keys, to mutually and securely identify two parties. What is not well resolved is how to get the user to carry these keys (which, because they are personal, must accompany the person) and the resources necessary to use them, so that the user can personally validate himself before the various mechanisms or services, physically dispersed, and with different mechanical, electrical, or access to information requirements; these are locks, ATMs, computers, alarm systems, vehicles, internet services ... An example of this It is the current use of digital signature or certificates on the internet, which in the case of home users are associated with a file that is stored on computers with very little protection. In addition, for security reasons, the file must not leave that machine, so it cannot be used by the user outside it.
DESCRIPCIÓN DE LA INVENCIÓN. -DESCRIPTION OF THE INVENTION. -
El sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación que se cita, está esencialmente compuesto por dos elementos acoplables, una llave y una cerradura, dotada respectivamente de un conector macho y un conector hembra, destinados a acoplarse en el momento de su utilización.The personal identification system for electronic locks and other computer systems mentioned above, is essentially made up of two attachable elements, a key and a lock, provided respectively with a male connector and a female connector, intended to be coupled at the time of their utilization.
El conector macho de la llave, está equipado de una pila y un sistema de computación que incluye un teclado y un sistema de monitorización mediante leds, cristal líquido u otro tipo; en tanto que el conector hembra existente en al cerradura, presenta un sistema de computación y los actuadores electromecánicos y conectores electrónicos precisos para manjar los recursos mecánicos ó para transferir información al sistema que la alberga. Este sistema de computación de la cerradura, puede estar dotado de alimentación propia o carecer de ella ya que está previsto que, al introducir la llave, la misma pila que alimenta al conector macho de la misma, pueda activar el sistema de la cerradura, o inversamente, la alimentación de la cerradura, puede activar el sistema de la llave, en cuyo caso no es precisa la pila de alimentación de ésta, o bien si la pila es recargable, puede ser recargada, sin mas operación que dejar la llave introducida en la cerradura. La llave, fácilmente transportable por el usuario, tanto por forma como por dimensiones, será del tipo normalmente empleado para cualquier puerta de vivienda, edificio, automóvil o tipo de vehículo, sistema de alarma, cajero automático, ordenador personal o de toda clase de tipo, conectado o no a una red de ordenadores o un sistema de computación de cualquier tipo.The male connector of the key is equipped with a battery and a computer system that includes a keyboard and a monitoring system using LEDs, liquid crystal or another type; while the existing female connector in the lock, it has a computer system and the precise electromechanical actuators and electronic connectors to handle mechanical resources or to transfer information to the system that houses it. This computer system for the lock may have its own power supply or lack it, since it is foreseen that, when the key is inserted, the same battery that feeds the male connector of the same can activate the lock system, or conversely, the power supply to the lock can activate the key system, in which case the power supply battery is not required, or if the battery is rechargeable, it can be recharged, with no other operation than leaving the key inserted in the lock. The key, easily transportable by the user, both by shape and by dimensions, it will be of the type normally used for any door of a home, building, automobile or type of vehicle, alarm system, ATM, personal computer or of any kind, connected or not to a computer network or a computer system of any kind.
Por su ' parte la cerradura, acoplada a la correspondiente puerta, sistema de alarma, etc., etc., está incluida en el mecanismo que ofrece los servicios al usuario, bien sea apertura o cierre de puertas, vehículos o edificios, sistemas de alarma, sistemas de computación, redes de ordenadores, etc.For its part, the lock, coupled to the corresponding door, alarm system, etc., etc., is included in the mechanism that offers services to the user, either opening or closing doors, vehicles or buildings, alarm systems , computer systems, computer networks, etc.
Tanto la llave como la cerradura están dotados de sendos conectores compuestos de diversos contactos, destinados a la alimentación y carga, o a establecer una comunicación entre los sistema de computación de cerradura y llave. La forma física de estos conectores está definida de manera que al introducir la llave en la cerradura, la pila contenida en la llave, que ya alimenta los circuitos de esta, puede alimentar también el sistema de computación de la cerradura, y en caso de que la cerradura dispusiera de alimentación propia podría cargar la pila de la llave o alimentar sus circuitos. Al mismo tiempo, las conexiones destinadas a la comunicación de datos, establecen un circuito que permite la comunicación entre el sistema de computación de la llave y el de la cerradura. Mediante estos contactos, llave y cerradura se identifican mutuamente de forma biunívoca y exclusiva utilizando, por ejemplo, un sistema de clave asimétrica. Tras la identificación, el sistema que alberga la cerradura obrará en consecuencia atendiendo a las directrices asociadas al interlocutor correspondiente a la llave identificada.Both the key and the lock are provided with separate connectors made up of various contacts, intended for power and charging, or to establish communication between the lock and key computer systems. The physical form of these connectors is defined in such a way that when the key is inserted into the lock, the battery contained in the key, which already feeds the circuits of the key, can also power the computer system of the lock, and in the event that the lock provided with its own power could charge the key battery or power its circuits. At the same time, the connections for data communication establish a circuit that allows communication between the key and lock computer systems. By means of these contacts, key and lock identify each other biunivocally and exclusively using, for example, an asymmetric key system. After identification, the system that houses the lock will act accordingly, following the guidelines associated with the interlocutor corresponding to the identified key.
Cada llave o cerradura posee un número de identificación de dispositivo (NID) y un juego de claves pública y privada exclusivos, que la identifican y la diferencia del resto de cerraduras o llaves existentes. Dicho número de identificación se asocia a la identidad del propietario de la llave o cerradura. En el caso de la llave, es posible garantizar la identidad del propietario, ya que él es el único que la posee y además es el único que puede activarla, puesto que es el único que conoce su clave de activación (número secreto) . La cerradura funciona de forma pasiva como receptor, a la espera de identificar al usuario para ofrecer sus servicios. La llave funciona de forma activa, solicitando al receptor (mediante la inserción en la cerradura) que se realice un proceso de identificación mutua; tras esta identificación, si procede, el receptor ofrecerá sus servicios al propietario de la llave.Each key or lock has a device identification number (NID) and a set of keys exclusive public and private, that identify it and differentiate it from the rest of existing locks or keys. Said identification number is associated with the identity of the owner of the key or lock. In the case of the key, it is possible to guarantee the identity of the owner, since he is the only one who owns it and is also the only one who can activate it, since he is the only one who knows his activation key (secret number). The lock works passively as a receiver, waiting to identify the user to offer its services. The key works actively, requesting the receiver (by inserting it into the lock) to carry out a mutual identification process; After this identification, if applicable, the receiver will offer its services to the owner of the key.
Es conveniente destacar que el conector hembra, no siempre será el interlocutor ante quien el usuario desea identificarse. Con respecto a este hecho pueden darse dos tipos de conexión entre los interlocutores : 1. Directa: De llave a cerradura. En este caso, el conector hembra dispone de su propio número de identificación de dispositivo (NID) y de sus claves públicas y privadas y se identifica como el otro interlocutor de la interconexión. Este será el caso de las cerraduras de puertas en viviendas, vehículos, ordenadores personales o centrales de alarmas .It should be noted that the female connector will not always be the interlocutor to whom the user wishes to identify himself. With respect to this fact, there can be two types of connection between the interlocutors: 1. Direct: From key to lock. In this case, the female connector has its own device identification number (NID) and its public and private keys and identifies itself as the other interlocutor of the interconnection. This will be the case of door locks in homes, vehicles, personal computers or alarm centers.
2. Indirecta: En este caso, el conector hembra2. Hint: In this case, the female connector
(cerradura) no es el interlocutor ante el que se quiere identificar la llave, si no un intermediario que posibilita el que la llave se comunique con el sistema ante el que desea identificarse. En este caso, la cerradura estará incluida en un sistema de computación mas general al cual transfiere la información procedente de la llave, para que se transfiera hasta el interlocutor correspondiente, que es quien si utilizará su NID y claves para identificar e identificarse ante el propietario de la llave. Este interlocutor podrá encontrarse en una máquina remota hasta la que, el sistema de computación que alberga el conector hembra, hará llegar la información, utilizando cualquiera de las posibles interconexiones entre ordenadores presentes o futuras, esto es mediante red local, conexiones punto a punto, red de internet, etc ... Algunos ejemplos de este tipo de comunicación pueden ser el caso de cajeros automáticos, o servicios de internet. Para que una cerradura pueda identificar una llave, existe un proceso inicial de alta, mediante el que llave y cerradura intercambian sus denominaciones, la parte pública de sus claves asimétricas e información suficiente para mantener una secuencia de conexiones posteriores seguras, así como un historial de las mismas. Posteriormente llave y cerradura podrán identificarse mutuamente cada vez que la llave sea introducida en la cerradura.(lock) is not the interlocutor to whom the key is to be identified, but rather an intermediary that enables the key to communicate with the system to which it wishes to identify itself. In this case, the lock will be included in a more general computer system to which it transfers the information from the key, so that it is transferred to the corresponding interlocutor, who is the one who will use their NID and keys to identify and identify themselves to the owner of the key. This interlocutor can be found in a remote machine until which, the computer system that houses the female connector, will send the information, using any of the possible interconnections between present or future computers, that is, through a local network, point-to-point connections, internet network, etc ... Some examples of this type of communication can be the case of ATMs, or internet services. For a lock to identify a key, there is an initial registration process, whereby the key and lock exchange their names, the public part of their asymmetric keys and enough information to maintain a sequence of secure subsequent connections, as well as a history of the same. Subsequently key and lock will be able to identify each other each time the key is inserted in the lock.
La llave dispone de un pequeño teclado alfanumérico que el propietario podrá utilizar para introducir información como por ejemplo, un código de activación al inicio de cada identificación que impida el que la llave pueda ser utilizada por extraños en caso de perdida, o bien instrucciones para la configuración de la llave o de la cerradura en la que esta se encuentre insertada.The key has a small alphanumeric keyboard that the owner can use to enter information such as an activation code at the beginning of each identification that prevents the key from being used by strangers in the event of loss, or instructions for configuration of the key or lock in which it is inserted.
Para facilitar esta operación, la llave incluye también un pequeño monitor o display para visualizar la información correspondiente. Independientemente de lo expuesto, la llave podrá incluir otros recursos de conexión o comunicaciones que le permitan ampliar sus características de funcionamiento.To facilitate this operation, the key also includes a small monitor or display to display the corresponding information. Regardless of the above, the key may include other connection or communication resources that allow you to expand your performance characteristics.
A lo largo de su historia, tanto las llaves como las cerraduras, almacenan la información correspondiente a su secuencia de accesos. Esta información será accesible a los usuarios correspondientes, bien mediante la interfaz de usuario de la llave (teclado y monitor) , o bien mediante los dispositivos correspondientes (sistemas de computación que incluyen la llave o la cerradura y poseen interfaz de acceso) . En el caso de cerraduras de puerta, al sustituir el sistema tradicional de engranaje mecánico por un sistema como el que describe esta patente, la decisión de habilitar la abertura o cierre, se realiza de forma computacional y no mecánicamente. Esto permite identificar la llave de forma -individual, pudiendo impedir el acceso a una llave que se haya perdido, sin necesidad de cambiar la cerradura. Del mismo modo una misma llave puede habilitarse en multitud de cerraduras, consiguiendo reducir el número de llaves que una persona debe llevar consigo. Tras el proceso de identificación que se produce entre llave y cerradura, la acción de cerrar o abrir el cerrojo podrá realizarse eléctricamente o mediante la tracción manual tradicional. Para los casos en los que la acción de correr físicamente el cerrojo se realice de forma mecánica y manual (opción muy conveniente para el consecuente ahorro de energía almacenada en la pila de la llave) , el conector macho de la llave debe ser suficientemente robusto para soportar el giro manual que transmite la tracción para correr el cerrojo.Throughout its history, both keys and locks store the information corresponding to their access sequence. This information will be accessible to the corresponding users, either through the user interface of the key (keyboard and monitor), or through the corresponding devices (computer systems that include the key or lock and have an access interface). In the case of door locks, when replacing the traditional mechanical gear system with a system such as that described in this patent, the decision to enable the opening or closing, is made computationally and not mechanically. This allows identifying the key individually, being able to prevent access to a lost key, without the need to change the lock. In the same way, the same key can be enabled in many locks, managing to reduce the number of keys that a person must carry with them. After the identification process that occurs between the key and the lock, the action of closing or opening the bolt can be carried out electrically or by traditional manual traction. In cases where the action of physically running the bolt is carried out mechanically and manually (a very convenient option for the consequent saving of energy stored in the key battery), the male connector of the key must be robust enough to Withstand manual turning that transmits traction to run the bolt.
El sistema descrito tiene la propiedad de identificar mutuamente a los dos interlocutores, por lo que también el propietario de la llave se asegura que está ante el interlocutor adecuado. El mismo sistema puede utilizarse para rubricar mediante firma digital o para procesar otros algoritmos criptográficos relacionados con la identidad o autoría del propietario de la llave.The described system has the property of mutually identifying the two interlocutors, so that the owner of the key also ensures that he is before the appropriate interlocutor. The same system can be used to sign by digital signature or to process other cryptographic algorithms related to the identity or authorship of the key owner.
Opcionalmente, una misma llave podrá definir varios niveles de seguridad ante cerraduras o servicios distintos, de forma, por ejemplo, que esta exija o no la inclusión de número secreto. Incluso cabe la posibilidad de que la misma llave contenga varios conjuntos de claves que se activarán con números secretos distintos. Pasamos a continuación a describir como nuestra invención incluye mejoras sobre el anterior estado de la técnica.Optionally, the same key can define various levels of security against different locks or services, such as, for example, whether or not it requires the inclusion of a secret number. It is even possible that the same key contains several sets of keys that will be activated with different secret numbers. We now go on to describe how our invention includes improvements over the prior art.
En cuanto a las cerraduras de viviendas o vehículos, la invención objeto de este documento, esto es, el conjunto formado por llave y cerradura que aquí proponemos, reúne las ventajas de los sistemas de cerradura mecánicos y electrónicos, eliminando al tiempo las desventajas de estos.Regarding the locks of homes or vehicles, the invention object of this document, that is, the set consisting of key and lock that we propose here, combines the advantages of mechanical and electronic lock systems, while eliminating the disadvantages of these .
El objeto de esta invención gana en versatilidad frente a las cerraduras mecánicas, ya que tanto la decisión de abertura o cierre como la identificación de la llave se realiza de forma computacional. Este hecho permite también, la utilización de un protocolo de comunicaciones estándar con el que, cualquier llave pueda ser habilitada en cualquier cerradura. Lo que hace posible el uso de una sola llave para controlar varias cerraduras, en lugar de usar una llave para cada cerradura. Las cerraduras podrán también configurarse para restringir el acceso de determinadas llaves a un horario y calendario determinados. Es importante también resaltar que podrá tenerse acceso al historial de conexiones que han tenido lugar en cada llave y cerradura.The object of this invention gains in versatility compared to mechanical locks, since both the decision to open or close and the identification of the key are made in a computational way. This fact also allows the use of a standard communications protocol with which any key can be enabled in any lock. This makes it possible to use a single key to control multiple locks, instead of using one key for each lock. Locks may also be configured to restrict access for certain keys to a specific time and calendar. It is also important to highlight that the connection history that has taken place in each key and lock can be accessed.
Por otro lado, el objeto de está invención gana en autonomía y disponibilidad, frente a los sistemas de cerradura electrónicas. Ya que el conjunto de llave- cerradura, no necesita de alimentación externa alguna, pues según hemos mencionado la llave dispone de una pila interna y de los conectores necesarios para alimentar con esta no sólo su circuitería, sino también la de la cerradura. Para instalar la cerradura, no será por tanto necesario realizar obras de acondicionamiento para llevar los cables eléctricos hasta esta. El cambio de una cerradura mecánica o una cerradura como las que describe este documento, no será mas complejo que el de una cerradura mecánica clásica por otra del mismo tipo.On the other hand, the object of this invention gains in autonomy and availability, compared to the electronic lock. Since the key-lock assembly does not need any external power, since as we have mentioned the key has an internal battery and the necessary connectors to supply not only its circuitry, but also that of the lock. To install the lock, it will not therefore be necessary to carry out conditioning works to bring the electrical cables to it. The exchange of a mechanical lock or a lock such as those described in this document will not be more complex than that of a classic mechanical lock for another of the same type.
En cuanto a los sistemas de identificación personal esta invención básicamente resuelve el problema de que el usuario pueda llevar consigo el contenido de las claves y los recursos de computación necesarios para validarse personalmente, mediante algoritmos de criptografía adecuados, ante los diversos mecanismos o servicios que podrán encontrarse físicamente dispersos, o con requerimientos mecánicos, eléctricos, o de acceso a la información distintos. Esto es, el usuario puede identificarse personalmente ante cerraduras, cajeros, computadores, sistemas de alarma, vehículos o servicios de internet, de forma segura, utilizando un solo dispositivo y necesitando recordar una sola clave (la que activa la llave) , ya que con esa misma llave será suficiente para cualquier identificación. Otra ventaja importante es la seguridad de las claves, ya que la parte privada de la clave estará escrita en la memoria interna de la llave, y puede hacerse que esta solo sea accesible por programación, si esta programación se encuentra en la misma ROM y suponemos todo el sistema empotrado dentro de un mismo circuito integrado, la parte privada de la clave no estará visible en ningún caso. Esta invención básicamente propone un sistema hardware con un conector adecuado (la llave) para que el interlocutor se pueda identificar ante cualquier servicio (mediante el conector hembra o cerradura) utilizando mecanismos de criptografía adecuados, un protocolo de comunicación mediante claves asimétricas o cualquier otro tipo de los que el estado del arte de las técnicas criptográficas le permiten en la actualidad o en el futuro. Esta invención a su vez permite proteger el uso indebido de la llave mediante una clave de acceso a la misma, pudiendo impedir que esta se utilice ante cualquier servicio sin incluir previamente dicho código de acceso a la llave. Posibilitamos el hecho de que el sistema de identificación vaya acompañando a la persona y pueda ser utilizada en cualquier ordenador simplemente introduciendo la llave en la cerradura (conector hembra en el ordenador) para validarse ante cualquier servicioRegarding personal identification systems, this invention basically solves the problem that the user can carry with them the content of the keys and the computing resources necessary to personally validate themselves, using appropriate cryptography algorithms, before the various mechanisms or services that may be physically dispersed, or with different mechanical, electrical, or access to information requirements. That is, the user can personally identify himself to locks, ATMs, computers, alarm systems, vehicles or internet services, safely, using a single device and needing to remember a single key (the one that activates the key), since with that same key will be enough for any identification. Another important advantage is the security of the keys, since the private part of the key will be written in the internal memory of the key, and it can be made only accessible by programming, if this programming is in the same ROM and we assume all the system embedded within the same integrated circuit, the private part of the key will not be visible in any case. This invention basically proposes a system hardware with a suitable connector (the key) so that the interlocutor can identify himself to any service (through the female connector or lock) using suitable cryptographic mechanisms, a communication protocol using asymmetric keys or any other type of which the status of the Art of cryptographic techniques allow you today or in the future. This invention in turn allows to protect the improper use of the key by means of an access key to it, being able to prevent it from being used by any service without previously including said key access code. We make it possible for the identification system to accompany the person and can be used on any computer simply by inserting the key into the lock (female connector on the computer) to validate itself against any service
La misma llave, sin que el usuario tenga que recordar mas que un código de acceso (el de acceso a la llave, que podrá ser el mismo para todas sus activaciones) , puede utilizarse para controlar cerraduras de vivienda, oficinas, vehículos, para habilitar el acceso a servicios en internet para identificarse de forma mutua y segura ante servicios bancarios o ante la administración, para habilitar el funcionamiento o el acceso a ordenadores de cualquier tipo, para identificarse ante sistemas de alarma, o en definitiva para identificar la presencia de su propietario y validar por tanto las operaciones pertinentes . De la misma forma, el objeto de esta invención posibilita el que podamos identificar a los usuarios de servicios incluyendo en nuestro sistema un conector hembra (cerradura) , bien sea incluyéndolo en la cerradura de nuestra casa, edificio u oficina, donde podremos definir con gran versatilidad las características de acceso de cada uno de los usuarios al caso; bien sea mediante una red de cajeros, incluyendo en cada uno de ellos el conector hembra (cerradura) pertinente, bien mediante internet, ya que el usuario podrá incluir en su ordenador pertinente el dispositivo necesario (cerradura) , en el que insertará la llave, mediante la que se identificará ante el servicio e identificará el mismo de forma mutua y segura.The same key, without the user having to remember more than an access code (the key access code, which may be the same for all its activations), can be used to control locks in homes, offices, vehicles, to enable access to services on the internet to identify themselves mutually and securely with banking services or with the administration, to enable the operation or access to computers of any kind, to identify themselves with alarm systems, or ultimately to identify the presence of their owner and therefore validate the relevant operations. In the same way, the object of this invention makes it possible for us to identify service users by including a female connector (lock) in our system, either by including it in the lock of our house, building or office, where we can define with great precision versatility access characteristics of each of the users to the case; either through a network of ATMs, including in each of them the relevant female connector (lock), or via the internet, since the user can include the necessary device (lock), in which they will insert the key, in their relevant computer, through which you will identify yourself to the service and identify it mutually and safely.
Del mismo modo, puesto que la forma física de la llave es parecida a la de una llave de vivienda o vehículo de las existentes en la actualidad, puede manejar mecánicamente el cerrojo de las cerraduras de vehículos o viviendas. Siendo a la vez robusta y fácilmente transportable. En resumen podemos afirmar que el objeto de esta patente, debido a sus características eléctricas y mecánicas, puede reunir en un solo dispositivo la capacidad de identificar, de forma mutua y muy segura, tanto al usuario como a la entidad que ofrece el servicio, en entornos tan diversos como son las cerraduras de edificios o vehículos, los cajeros automáticos, los programas de ordenador, servicios de internet, etc ...In the same way, since the physical shape of the key is similar to that of a current house or vehicle key, it can mechanically handle the lock of vehicle or house locks. Being both robust and easily transportable. In summary, we can affirm that the object of this patent, due to its electrical and mechanical characteristics, can bring together in a single device the ability to identify, both mutually and very safely, both the user and the entity that offers the service, in environments as diverse as locks on buildings or vehicles, ATMs, computer programs, internet services, etc ...
DESCRIPCIÓN DE LOS DIBUJOS.- A continuación se hará una detallada descripción de los dibujos que se acompañan, en los que se representa a simple título de ejemplo, no limitativo, una forma preferente de realización, susceptible de todas aquellas variaciones de detalle que no supongan una alteración fundamental de las características esenciales del sistema que se cita.DESCRIPTION OF THE DRAWINGS.- A detailed description of the accompanying drawings will be made below, in which a preferential embodiment, susceptible of all those variations of detail that do not involve a fundamental alteration of the essential characteristics of the mentioned system.
En dichos dibujos se ilustra:These drawings illustrate:
En la figura 1: Vista general perspectiva de la llave del sistema. En la figura 2 : Vista general perspectiva con detalle de su interior, de la cerradura del sistema.In figure 1: General perspective view of the system key. In figure 2: General perspective view with detail of its interior, of the system lock.
Según el ejemplo de ejecución representado, el sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación que se preconiza, está constituido por una llave (1) del tamaño de las llaves utilizadas normalmente para automóviles y similares, dotada de un conector macho (3) sobresaliente del cuerpo (5) donde se incluye el sistema de computación un teclado (13) y una pila (4) de alimentación, estando constituido el conjunto incluido en el cuerpo (5) por un sistema de monitorización mediante leds, cristal líquido o de cualquier otro tipo y en el conector macho sobresaliente, en sus caras unos contactos (10) . La cerradura (2), presenta en su interior un conector hembra (6) destinado a conectar con el machoAccording to the exemplary embodiment shown, the personal identification system for electronic locks and other computer systems that is recommended is made up of a key (1) the size of the keys normally used for automobiles and the like, provided with a male connector ( 3) projecting from the body (5) where the computer system includes a keyboard (13) and a power battery (4), the assembly included in the body (5) being made up of a monitoring system using LEDs, liquid crystal or of any other type and in the protruding male connector, on their faces some contacts (10). The lock (2), has inside it a female connector (6) intended to connect with the male
(3) de la llave, el sistema de computación (7) de la cerradura, unos actuadores electromecánicos (8) para manejar los recurso mecánicos o el anclaje que permita la tracción manual del cerrojo mediante el giro correspondiente.(3) of the key, the computer system (7) of the lock, some electromechanical actuators (8) to handle the mechanical resources or the anchorage that allows manual traction of the bolt by means of the corresponding turn.
Incluye también unos conectores electrónicos (9) para transfer.ir información y alimentación al sistema, así como unos contactos (11) para contacto con los correspondientes (10) de la llave cuando ésta se introduce, y una pestaña (12) de sujeción del contacto macho (3) cuando éste queda introducido en la cerradura.It also includes electronic connectors (9) to transfer information and power to the system, as well as contacts (11) to contact the corresponding (10) of the key when it is inserted, and a tab (12) for securing the male contact (3) when it is inserted into the lock.
Organizado de esta forma el sistema constituido por llave y cerradura, el funcionamiento de conjunto, será como sigue:Organized in this way the system consisting of key and lock, the overall operation will be as follows:
En cuanto al sistema de computación de llave, este debe contener un microprocesador, memoria RAM, memoria ROM para el almacenamiento de la programación y de su clave privada, memoria FALSH o EEPROM para el almacenamiento de programas e información referente a los interlocutores (otras cerraduras ante las que se le haya habilitado) , la lógica necesaria para establecer la conexión con el interlocutor mediante las conexiones establecidas durante la inserción de la llave en la cerradura, la lógica necesaria para manejar los interfaces con el teclado o sistema de monitorización si lo hubiera, la lógica de reloj necesaria para el funcionamiento del sistema y el control horario (pudiendo contener una pequeña pila independiente para el reloj ) y la lógica necesaria para las funciones misceláneas del sistema como control del estado de la alimentación, control de recarga de las baterías, etc. La estructura del sistema de computación, puede ser la estructura típica de cualquier sistema basado en microprocesador, los únicos requerimientos específicos son la existencia de una interfaz de comunicaciones que utiliza el conector macho de la llave, sin que esta interfaz requiera recurso alguno fuera de los conocidos en el estado actual de la técnica. Para conseguir cumplir los requerimientos mecánicos impuestos en el caso de la llave, será suficiente con un diseño mecánico como el que puede verse en la figura 1. El conector macho de la llave tendrá consistencia suficiente para soportar la tracción necesaria para el giro de cerrojos u otros mecanismos de tracción mecánica. Su superficie le permite albergar las conexiones de alimentación y datos que deben establecerse con la cerradura. El conector macho de la llave podría ser retraible, y también puede tener una pequeña hendidura que le sirva para que una pestaña de presión, existente en la cerradura, la sujete una vez introducida en a la misma. El módulo de la llave debe ser suficiente robusto y compacto como para ser transportado personalmente (en el bolsillo) . Como ya hemos comentado, opcionalmente podrá incluir un teclado y display.As for the key computing system, it must contain a microprocessor, RAM memory, ROM memory for the storage of the programming and its private key, FALSH memory or EEPROM for the storage of programs and information regarding the interlocutors (other locks with which you have been enabled), the logic necessary to establish the connection with the interlocutor through the connections established during the insertion of the key in the lock, the logic necessary to manage the interfaces with the keyboard or system monitoring, if any, the clock logic necessary for system operation and time control (it may contain a small independent battery for the clock) and the logic necessary for miscellaneous system functions such as power status control, control battery recharging, etc. The structure of the computer system can be the typical structure of any microprocessor-based system, the only specific requirements are the existence of a communication interface that uses the male connector of the key, without this interface requiring any resources outside of the known in the current state of the art. In order to meet the mechanical requirements imposed in the case of the key, a mechanical design such as that shown in figure 1 will suffice. The male connector of the key will have sufficient consistency to withstand the necessary traction for turning bolts or other mechanical traction mechanisms. Its surface allows it to house the power and data connections that must be established with the lock. The male connector of the key could be retractable, and it may also have a small indentation that serves as a pressure tab, existing in the lock, to hold it once inserted into it. The key module must be robust and compact enough to be transported personally (in the pocket). As we have already mentioned, you can optionally include a keyboard and display.
En cuanto al sistema de computación de la cerradura, este debe contener igualmente un microprocesador, memoria RAM, memoria ROM para el almacenamiento de la programación y su clave privada, memoria FALSH o EEPROM para el almacenamiento de programas e información referente a los interlocutores (otras llaves que se hayan habilitado ante ella) , la lógica necesaria para establecer la conexión con el interlocutor mediante las conexiones establecidas durante la inserción de la llave en la cerradura, la lógica de reloj necesaria para el funcionamiento del sistema y el control horario (pudiendo contener una pequeña pila independiente para el reloj ) y la lógica necesaria para las funciones misceláneas del sistema como control del estado de la alimentación, control de recarga de las baterías si las hubiera, etc... Al igual que en el caso de la. llave, la estructura del sistema de computación puede ser la estructura típica de cualquier sistema basado en microprocesador, del mismo modo, los únicos requerimientos específicos son la existencia de una interfaz de comunicaciones que utiliza el conector hembra de la cerradura, sin que esta interfaz requiera recurso alguno, fuera de los ya conocidos en el estado actual de la técnica.As for the computer system of the lock, it must also contain a microprocessor, RAM memory, ROM memory for the storage of programming and its private key, FALSH memory or EEPROM for the storage of programs and information regarding the interlocutors (other keys that have been enabled before it), the logic necessary to establish the connection with the interlocutor through the connections established during the insertion of the key in the lock, the clock logic necessary for the operation of the system and the time control (may contain a small independent battery for the clock) and the logic necessary for the miscellaneous functions of the system such as control of the power status, control of recharging of the batteries if any, etc ... As in the case of the. key, the structure of the computer system can be the typical structure of any microprocessor-based system, likewise, the only specific requirements are the existence of a communication interface that uses the female connector of the lock, without this interface requiring any resource, other than those already known in the current state of the art.
En la cerradura existen otros dos interfaces que habrá que realizar. Por un lado, en cerraduras que deban manejar elementos mecánicamente, esto es cerradura de viviendas o vehículos, existirá un actuador (que puede ser un motor de giro o un anclaje magnético) , que permite que se produzca el giro del cerrojo. Por otro lado, en el caso de cerraduras empotradas en sistemas de computación mas amplios, como es el caso de ordenadores personales o cajeros automáticos, existirá una interfaz de comunicación con el sistema de computación que alberga la cerradura mediante el que se establecerá conexión con el mismo, por esta vía la llave podrá identificarse e identificar interlocutores remotos utilizando las conexiones telefónicas o de red, del sistema de computación que la alberga. Tanto los recursos de interconexión para este propósito, como los actuadores necesarios para el manejo mecánico de los elementos mencionados, pueden resolverse dentro del estado actual de la técnica. Tanto la llave como la pila son activadas al insertar la llave en la cerradura. Este hecho conlleva unas características especiales en cuanto a la conexión entre los conectores de la llave (3) y de la cerraduraIn the lock there are two other interfaces that will have to be made. On the one hand, in locks that must handle elements mechanically, that is, a house or vehicle lock, there will be an actuator (which can be a gyro motor or a magnetic anchor), which allows the bolt to rotate. On the other hand, in the case of locks embedded in larger computer systems, such as personal computers or ATMs, there will be a communication interface with the computer system that It houses the lock through which a connection will be established with it, this way the key will be able to identify and identify remote parties using the telephone or network connections of the computer system that houses it. Both the interconnection resources for this purpose, as well as the actuators necessary for the mechanical handling of the mentioned elements, can be resolved within the current state of the art. Both the key and the battery are activated by inserting the key into the lock. This fact entails some special characteristics regarding the connection between the connectors of the key (3) and the lock
(6) . Para que la activación se produzca sin problemas es aconsejable que en primer lugar se realicen las conexiones de datos, después la conexión de alimentación y por último la conexión de activación/desactivación. Este hecho puede conseguirse adecuando la longitud y colocación de los conectores entre llave y cerradura. Los que primero deben interconectarse deben ser mas largos en la llave para activarse al inicio de la introducción y permanecer conectados cuando esta se completa. Estos requerimientos pueden ser satisfechos con conectores (3 y 6-f.l) como el que se indican en las figuras 1 y 2.(6). In order for the activation to take place without problems, it is advisable to make the data connections first, then the power connection and finally the activation / deactivation connection. This fact can be achieved by adjusting the length and placement of the connectors between key and lock. Those that must first interconnect must be longer in the key to activate at the beginning of the introduction and remain connected when it is completed. These requirements can be satisfied with connectors (3 and 6-f.l) like the one indicated in Figures 1 and 2.
A continuación vamos a realizar las apreciaciones necesarias en cuanto a la realización del software necesario para el buen funcionamiento de nuestra invención. Una vez activos los sistemas de computación de la llave y la cerradura tras la correspondiente inserción y establecidos los circuitos de comunicación entre ambos, se establece un protocolo entre la llave y la cerradura, destinado a que ambos se identifiquen mutuamente de forma biunívoca y segura. Tras el proceso de identificación, en el caso de cerraduras de vehículos o viviendas se procederá a tomar la decisión, para esa llave concreta y en el momento de la conexión, de habilitar o no la apertura o cierre del cerrojo. En el caso de otros sistemas de computación en general, como es el caso de cajeros automáticos o servicios de internet, tras la identificación se procederá a realizar las tareas consecuentes para atender al usuario, al que se ha identificado mediante la llave. La estructura del software existente en la llave no debe ser compleja, puesto que la consideramos un sistema empotrado no requiere sistema operativo alguno, pudiendo funcionar como un solo proceso. Este proceso estará dedicado a atender los distintos protocolos de funcionamiento, mediante los que la llave y la cerradura realizarán las funciones a las que están destinadas.Below we are going to make the necessary assessments regarding the realization of the software necessary for the proper functioning of our invention. Once the key and lock computer systems have been activated after the corresponding insertion and the communication circuits between the two have been established, a protocol is established between the key and the lock, intended for the two to identify each other biunivocally and securely. After the process of Identification, in the case of vehicle or home locks, the decision will be made, for that specific key and at the time of connection, to enable or not the opening or closing of the bolt. In the case of other computer systems in general, such as ATMs or internet services, after identification, the corresponding tasks will be carried out to attend to the user, who has been identified using the key. The structure of the existing software in the key should not be complex, since we consider it a embedded system that does not require any operating system, and can function as a single process. This process will be dedicated to attending to the different operating protocols, by means of which the key and the lock will perform the functions for which they are intended.
Para que la llave y la cerradura puedan identificarse de forma biunívoca, puede utilizarse un sistema de claves asimétricas, donde cada uno posee un sistema simétrico de clave pública y clave privada exclusivo, definido durante el proceso de fabricación.In order for the key and lock to be identifiable biunivocally, an asymmetric key system can be used, where each one has a symmetric system of public key and unique private key, defined during the manufacturing process.
El protocolo de comunicación entre llave y cerradura debe cubrir las distintas necesidades asociadas al funcionamiento del sistema. Expondremos en detalle el protocolo destinado a su función mas fundamental, la identificación mutua. Esta puede realizarse mediante el siguiente ^protocolo para el proceso de identificación", que podría definirse cualitativamente mediante los siguientes pasos: 1. Utilizando la conexión establecida al insertar la llave en la cerradura, la llave envía a la cerradura un mensaje HELLO indicando que desea identificarse ante esta, o la operación que desea realizar. 2. Si la cerradura esta activa y dispuesta a realizar la operación solicitada, contesta con un mensaje de OK que envía hacia la llave.The communication protocol between key and lock must cover the different needs associated with the operation of the system. We will present in detail the protocol for its most fundamental function, mutual identification. This can be done using the following ^ protocol for the identification process ", which could be defined qualitatively by the following steps: 1. Using the connection established when inserting the key into the lock, the key sends a HELLO message to the lock indicating that it wishes identify yourself before this, or the operation you want to perform 2. If the lock is active and ready to To carry out the requested operation, it replies with an OK message that it sends to the key.
3. La llave envía a la cerradura su número de identificación (único, definido en el proceso de fabricación) .3. The key sends its identification number to the lock (unique, defined in the manufacturing process).
4. Si la cerradura no tiene información referente a ese número de identificación (la llave no ha sido habilitada para esa cerradura) solicita permiso para validarla, y si no lo obtiene la rechaza .4. If the lock does not have information regarding that identification number (the key has not been enabled for that lock), it requests permission to validate it, and if it does not obtain it, it rejects it.
5. Si la cerradura conoce la llave conocerá su clave pública y tendrá información acerca de su historia de accesos. Utilizando mecanismos aleatorios la cerradura construye una cadena denominada CAIC (código aleatorio de identificación de la cerradura) .5. If the lock knows the key, it will know its public key and will have information about its access history. Using random mechanisms the lock builds a chain called CAIC (random lock identification code).
6. La cerradura ' cifra la cadena CAIC utilizando la clave pública de la llave. El mensaje cifrado incluye también el número de identificación de la cerradura (NIDcerradura) , para que la llave pueda identificar a su interlocutor.6. The lock ' encrypts the CAIC string using the key's public key. The encrypted message also includes the lock identification number (Lock NID), so that the key can identify your correspondent.
7. La cerradura envía el resultado del paso anterior (CAIC+ NIDcerradura) al sistema de computación de la llave. 8. La llave desencripta el mensaje (CAIC+ NIDcerradura) utilizando su clave privada, obteniendo CAIC decodificado y NIDcerradura de donde podrá saber quien es su interlocutor y por tanto que llave pública y que llave simétrica debe utilizar.7. The lock sends the result of the previous step (CAIC + NIDlock) to the key's computer system. 8. The key decrypts the message (CAIC + NIDlock) using its private key, obtaining decoded CAIC and NIDlock from where it will be able to know who its interlocutor is and therefore which public key and which symmetric key should be used.
9. La llave, utilizando mecanismos aleatorio construye una cadena denominada CAIK (código aleatorio de identificación de la llave) .9. The key, using random mechanisms, builds a chain called CAIK (random key identification code).
10. La llave, construye una cadena con el CAIC de la cerradura y su CAIK y la encripta utilizando la clave simétrica (SKO) acordada en la última conexión entre ambos dispositivos.10. The key builds a chain with the lock's CAIC and its CAIK and encrypts it using the symmetric key (SKO) agreed in the last connection between both devices.
11. La llave toma el resultado del paso anterior (CAIC+CAIK encriptados con clave simétrica SKO) y la vuelve a encriptar con la clave pública de la cerradura (la cual conoció durante el proceso de habilitación ante esta) .11. The key takes the result of the previous step (CAIC + CAIK encrypted with the SKO symmetric key) and re-encrypts it with the public key of the lock (which it knew during the process of enabling it).
12. La llave envía el resultado del paso anterior ( (CAIC+ CAIK) ) al sistema de computación de la cerradura utilizando para ello la línea de comunicación establecida.12. The key sends the result of the previous step ((CAIC + CAIK)) to the lock's computer system using the established communication line.
13. La cerradura desencripta el mensaje ( (CAIC+CAIK) ) utilizando su clave privada, obteniendo (CAIC+CAIK) codificado por la clave simétrica SKO que conoce de la conexión anterior.13. The lock decrypts the message ((CAIC + CAIK)) using its private key, obtaining (CAIC + CAIK) encoded by the symmetric SKO key it knows from the previous connection.
14. La cerradura desencripta el mensaje (CAIC+CAIK) utilizando su clave simétrica SKO, obteniendo CAIC+CAIK decodificado. Si CAIC coincide con la cadena que la cerradura envió, el sistema cerradura sabe que el interlocutor con el que se comunica no es un impostor.14. The lock decrypts the message (CAIC + CAIK) using its SKO symmetric key, obtaining CAIC + CAIK decoded. If CAIC matches the chain that the lock sent, the lock system knows that the peer with whom it communicates is not an impostor.
15. Utilizando mecanismos aleatorios la cerradura construye una nueva clave simétrica de conexión NSK. Esta clave simétrica será almacenada en la memoria de la cerradura, ya que será utilizada como SKO, la próxima vez que la llave se intente identificar ante la cerradura.15. Using random mechanisms the lock builds a new symmetric NSK connection key. This symmetric key will be stored in the memory of the lock, since it will be used as SKO, the next time the key tries to identify itself before the lock.
16. La cerradura construye una cadena con el CAIK que ha descifrado proveniente de la llave y la nueva clave simétrica CAIK+NSK, y cifra esta cadena (CAIK+NSK) utilizando la clave pública de la llave.16. The lock builds a chain with the CAIK it has decrypted from the key and the new symmetric key CAIK + NSK, and encrypts this chain (CAIK + NSK) using the key's public key.
17. La cerradura envía el resultado del paso anterior (CAIK+NSK) al sistema de computación de la llave.17. The lock sends the result of the previous step (CAIK + NSK) to the computer system of the key.
18. La llave desencripta el mensaje (CAIK+NSK) utilizando su clave privada, obteniendo CAIK y18. The key decrypts the message (CAIK + NSK) using its private key, obtaining CAIK and
NSK decodificados. Si CAIK coincide con la que envió, la llave sabe que el interlocutor de la cerradura no es un impostor y lo clasifica como válido.NSK decoded. If CAIK matches the one you sent, the key knows that the interlocutor of the lock is not an impostor and classifies it as valid.
Una vez que llave y cerradura se han identificado de forma biunívoca, otra serie de protocolos definirán el proceso a seguir, bien para comunicar a otras aplicaciones que el interlocutor es un interlocutor válido, con lo que en el caso de cerraduras de edificios o vehículos se procedería a habilitar la apertura o cierre del cerrojo, o en el caso de otros servicios se procedería a ofrecer dichos servicios al usuario según corresponda. O bien para realizar operaciones de mantenimiento o control como son la habilitación de una llave en una cerradura, la actualización de reglas de acceso en una cerradura, el acceso a información del historial de la cerradura, la actualización de configuración de una llave, el acceso a información del historial de la llave, o la activación de la llave mediante introducción del código secreto. La misma llave puede utilizarse para realizar otras tareas o algoritmos criptográficos como la firma digital, que permitan identificar o rubricar documentos electrónicos, o cualquier otra tarea que requiera una identificación mediante métodos criptográficos del propietario de la llave. Todos estos procesos pueden realizarse mediante los mecanismos disponibles en el estado de las técnicas criptográficas .Once the key and lock have been identified biunivocally, another series of protocols will define the process to be followed, either to communicate to other applications that the interlocutor is a valid interlocutor, which means that in the case of building or vehicle locks, It would proceed to enable the opening or closing of the bolt, or in the case of other services it would proceed to offer said services to the user as appropriate. Or to perform maintenance or control operations such as enabling a key in a lock, updating access rules in a lock, accessing information on the history of the lock, updating a key configuration, access to key history information, or key activation by entering the secret code. The same key can be used to carry out other tasks or cryptographic algorithms such as digital signature, which allow identifying or initiating electronic documents, or any other task that requires identification by cryptographic methods of the owner of the key. All these processes can be carried out using the mechanisms available in the state of cryptographic techniques.
Pasamos a continuación a describir como se utiliza el objeto de esta patente. Su utilización puede ir destinada a dos objetivos, uno la identificación del propietario de la llave ante diversos sistemas de computación y una segunda, menos importante, de mantenimiento de la configuración y acceso a la información contenida en las entidades que lo componen. Comentamos a continuación, como se utiliza nuestra invención en cada uno de estos casos .We now proceed to describe how the object of this patent is used. Its use can be used for two purposes, one the identification of the owner of the key before various computer systems and a second, less important one, for maintaining the configuration and access to the information contained in the entities that comprise it. We discuss below how our invention is used in each of these cases.
Para la identificación será suficiente con introducir la llave en la cerradura. El protocolo de comunicación entre ambas se encarga de tramitar el flujo de información hasta identificar la llave. Si así se ha definido, solicitará la entrada de clave por el teclado. Y con esto quedará identificado el usuario. El proceso que prosigue depende de la naturaleza de los interlocutores. Si se emplea sobre una cerradura, esta se abrirá o cerrará por los correspondientes medios eléctricos o mecánicos. Si se trata de otros sistemas como cajeros, ordenadores personales, etc... el sistema de computación habrá identificado al usuario de la llave, este habrá identificado el servicio y ambos actuarán en consecuencia.For identification it will be enough to insert the key into the lock. The communication protocol between the two is responsible for processing the flow of information until the key is identified. If this has been defined, it will request the key entry through the keyboard. And with this the user will be identified. The process that continues depends on the nature of the interlocutors. If it is used on a lock, it will open or close by the corresponding electrical or mechanical means. If it is other systems such as ATMs, personal computers, etc ... the computer system will have identified the user of the key, he will have identified the service and both will act accordingly.
Según se ha definido la naturaleza de esta invención, es posible acceder a los datos o a la configuración de la llave o de la cerradura de forma independiente. Para configurar o acceder a los datos de la llave se pueden utilizar los mismos recursos de esta, si es que posee teclado y sistema de visualización (o bien si está integrada en un sistema de computación mas complejo, como por ejemplo un teléfono móvil. También puede insertarse la llave en una cerradura albergada en un sistema de computación con capacidad de monitorización de datos (por ejemplo un PC) ; mediante los protocolos pertinentes, la información contenida en la llave será transferida a la cerradura y de allí al sistema de monitorización (PC) , donde quedará a disposición del usuario. En cuanto al acceso a datos y configuración de la cerradura, el proceso es evidente si esta está albergada en un sistema de computación con capacidad de monitorización (por ejemplo un PC) . Para el caso de cerraduras aisladas, como es el caso de cerraduras de puertas de viviendas o edificios, se utilizará una llave insertada en la misma. Puesto que la llave tiene capacidad de monitorizar y controlar los datos, estos podrán verse de forma directa al ser transferidos desde la cerradura hasta la llave. Para los caos en los que la información a monitorizar sea muy extensa, la llave recogerá los datos de la cerradura, los cuales podrán verse al insertar la llave en un sistema de computación con capacidad de monitorización (por ejemplo un PC con la cerradura correspondiente) . Desde un sistema del mismo tipo (por ejemplo PC con cerradura) , también podrá generarse la configuración correspondiente que será almacenada en la llave y descargada sobre la cerradura aislada a configurar, una vez que la llave sea insertada en la misma.As the nature of this invention has been defined, it is possible to access the data or the configuration of the key or the lock independently. To configure or access key data, the same key resources can be used, if it has a keyboard and a display system (or if it is integrated into a more complex computer system, such as a mobile phone. the key can be inserted into a lock housed in a computer system with data monitoring capabilities (for example a PC); using the relevant protocols, the information contained in the key will be transferred to the lock and from there to the monitoring system ( PC), where it will be available to the user. Regarding access to data and configuration of the lock, the process is evident if it is housed in a computer system with monitoring capacity (for example a PC). In the case of isolated locks, as in the case of locks on doors of homes or buildings, a key inserted in it will be used. Since the key has the capacity to monitor and control the data, these can be seen directly when they are transferred from the lock to the key. For chaos in which the information to be monitored is very extensive, the key will collect the data from the lock, which can be seen when the key is inserted into a computer system with monitoring capacity (for example, a PC with the corresponding lock) . From a system of the same type (for example a PC with a lock), the corresponding configuration can also be generated, which will be stored in the key and downloaded onto the isolated lock to be configured, once the key is inserted in it.
La forma, materiales y dimensiones, podrán ser variables y en general cuanto sea accesorio y secundario, siempre que no altere, cambie o modifique la esencialidad del sistema que se ha descrito. The shape, materials and dimensions may be variable and, in general, whatever is accessory and secondary, provided that it does not alter, change or modify the essential nature of the system that has been described.

Claims

RE I V I ND I CAC I ONE S.- RE IVI ND I CAC I ONE S.-
1.- Sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación, caracterizado por estar constituido por dos elementos básicos: UNO, un elemento llave, que incorpora un sistema de computación, un sistema de introducción de datos de usuario (teclado o similar) y un sistema de monitorización de datos para el usuario (display o similar) , así como un conector macho el cual incorpora conectores de alimentación y de datos. Y DOS, un elemento, bombín de cerradura, que incorpora un sistema de computación así como un conector hembra que incorpora a su vez conectores de datos y de alimentación.1.- Personal identification system before electronic locks and other computer systems, characterized by being constituted by two basic elements: UNO, a key element, which incorporates a computer system, a user data entry system (keyboard or similar) ) and a user data monitoring system (display or similar), as well as a male connector which incorporates power and data connectors. And DOS, an element, lock cylinder, which incorporates a computer system as well as a female connector that also incorporates data and power connectors.
Al introducir el conector macho del elemento UNO, en la hembra del elemento DOS se establecen conexiones de alimentación y de datos posibilitando la identificación entre llave y cerradura, previa introducción, por el usuario, de la clave personal mediante el sistema de introducción de datos de la llave.When the male connector of the UNO element is inserted, in the female of the DOS element, power and data connections are established allowing the identification between key and lock, prior introduction, by the user, of the personal key by means of the data entry system the key.
2.- Sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación, según reivindicación primera, caracterizado porque tanto la llave como la cerradura, están dotadas de conectores que le permiten alimentar a la otra, para el caso de que alguna de ellas, no esté dotada de dicha alimentación. El sistema de alimentación permite también cargar las baterías internas de ambos sistemas.2.- Personal identification system before electronic locks and other computer systems, according to claim one, characterized in that both the key and the lock are equipped with connectors that allow it to feed the other, in the event that any of them, It is not equipped with such food. The power system also allows charging the internal batteries of both systems.
3. - Sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación, según reivindicaciones primera y segunda, caracterizado por haberse previsto en el elemento llave, un medio de unión al elemento cerradura, cuando se conecta, que permite que el giro de la llave se transfiera a los componentes mecánicos de la cerradura, para su apertura y cierre.3. - Personal identification system before electronic locks and other computer systems, according to first and second claims, characterized by having provided in the key element, a means of joining the lock element, when connected, which allows the rotation of the key is transferred to the mechanical components of the lock, for opening and close.
4.- Sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación, según reivindicaciones primera a tercera, caracterizado por el hecho de que el elemento DOS, bombín de cerradura, puede estar albergado y, o conectado con otros sistemas de computación. En este caso, el sistema de computación de la cerradura, dispone de otra interfaz de comunicaciones mediante la que puede comunicarse con la computadora local, o cualquier otro sistema de computación accesible mediante cualquier tipo de red de comunicaciones .4.- Personal identification system before electronic locks and other computer systems, according to claims one to three, characterized by the fact that the DOS element, lock cylinder, can be housed and, or connected to other computer systems. In this case, the lock computing system has another communication interface through which it can communicate with the local computer, or any other computer system accessible through any type of communications network.
5.- Sistema de identificación personal ante cerraduras electrónicas y otros sistemas de computación, según reivindicaciones primera a cuarta, como dispositivo utilizado para el manejo y control de cerraduras de viviendas , automóviles o cualquier tipo de cerraduras. Para identificar electrónicamente usuarios y servicios, como servicios de internet, servicios bancarios, servicios de la administración, u otros servicios electrónicos . Para firmar electrónicamente documentos, manejar dinero electrónico, gestionar y almacenar entradas, billetes de avión, tren u otros, o gestionar documentos electrónicos en general. 5.- Personal identification system before electronic locks and other computer systems, according to claims one to four, as a device used for the management and control of home, automobile or any type of locks. To electronically identify users and services, such as internet services, banking services, administration services, or other electronic services. To electronically sign documents, manage electronic money, manage and store tickets, plane, train or other tickets, or manage electronic documents in general.
PCT/ES2004/000166 2003-04-16 2004-04-16 Personal identification system for electronic locks and other computer systems WO2004093017A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ES200300904A ES2217968B1 (en) 2003-04-16 2003-04-16 SYSTEM AND PROCESS OF PERSONAL IDENTIFICATION BEFORE ELECTRONIC LOCKS AND OTHER COMPUTER SYSTEMS.
ESP200300904 2003-04-16

Publications (1)

Publication Number Publication Date
WO2004093017A1 true WO2004093017A1 (en) 2004-10-28

Family

ID=33186150

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/ES2004/000166 WO2004093017A1 (en) 2003-04-16 2004-04-16 Personal identification system for electronic locks and other computer systems

Country Status (2)

Country Link
ES (1) ES2217968B1 (en)
WO (1) WO2004093017A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8884762B2 (en) 2005-12-23 2014-11-11 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US8994497B2 (en) 2012-05-21 2015-03-31 Invue Security Products Inc. Cabinet lock key with audio indicators
US10087659B2 (en) 2014-11-18 2018-10-02 Invue Security Products Inc. Key and security device
US11017656B2 (en) 2011-06-27 2021-05-25 Invue Security Products Inc. Programmable security system and method for protecting merchandise

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4799258A (en) * 1984-02-13 1989-01-17 National Research Development Corporation Apparatus and methods for granting access to computers
US6000609A (en) * 1997-12-22 1999-12-14 Security People, Inc. Mechanical/electronic lock and key therefor
US20010028298A1 (en) * 2000-03-10 2001-10-11 Inqe Liden Key and lock device
US20020024418A1 (en) * 1999-08-11 2002-02-28 Ayala Raymond F. Method for a key to selectively allow access to an enclosure

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4799258A (en) * 1984-02-13 1989-01-17 National Research Development Corporation Apparatus and methods for granting access to computers
US6000609A (en) * 1997-12-22 1999-12-14 Security People, Inc. Mechanical/electronic lock and key therefor
US20020024418A1 (en) * 1999-08-11 2002-02-28 Ayala Raymond F. Method for a key to selectively allow access to an enclosure
US20010028298A1 (en) * 2000-03-10 2001-10-11 Inqe Liden Key and lock device

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9858778B2 (en) 2005-12-23 2018-01-02 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US10297139B2 (en) 2005-12-23 2019-05-21 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US8896447B2 (en) 2005-12-23 2014-11-25 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9576452B2 (en) 2005-12-23 2017-02-21 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9135800B2 (en) 2005-12-23 2015-09-15 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9171441B2 (en) 2005-12-23 2015-10-27 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9269247B2 (en) 2005-12-23 2016-02-23 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9396631B2 (en) 2005-12-23 2016-07-19 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9478110B2 (en) 2005-12-23 2016-10-25 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9501913B2 (en) 2005-12-23 2016-11-22 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US11721198B2 (en) 2005-12-23 2023-08-08 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US9659472B2 (en) 2005-12-23 2017-05-23 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US10062266B1 (en) 2005-12-23 2018-08-28 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US10013867B2 (en) 2005-12-23 2018-07-03 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US8884762B2 (en) 2005-12-23 2014-11-11 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US10600313B2 (en) 2005-12-23 2020-03-24 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US8890691B2 (en) 2005-12-23 2014-11-18 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US10403122B2 (en) 2005-12-23 2019-09-03 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US11017656B2 (en) 2011-06-27 2021-05-25 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US11763664B2 (en) 2011-06-27 2023-09-19 Invue Security Products Inc. Programmable security system and method for protecting merchandise
US8994497B2 (en) 2012-05-21 2015-03-31 Invue Security Products Inc. Cabinet lock key with audio indicators
US10087659B2 (en) 2014-11-18 2018-10-02 Invue Security Products Inc. Key and security device
US11015373B2 (en) 2014-11-18 2021-05-25 Invue Security Products Inc. Key and security device
US11391070B2 (en) 2014-11-18 2022-07-19 Invue Security Products Inc. Key and security device

Also Published As

Publication number Publication date
ES2217968B1 (en) 2006-01-16
ES2217968A1 (en) 2004-11-01

Similar Documents

Publication Publication Date Title
ES2202344T3 (en) PROCEDURE FOR LOADING A MEMORY AREA PROTECTED FROM AN INFORMATION PROCESSING DEVICE AND ASSOCIATED DEVICE.
ES2388215T3 (en) Input control system
JP5274477B2 (en) Key storage and electronic key
CN101375259B (en) Data security system
ES2664947T3 (en) Lock lock and lock control procedure
US20030179075A1 (en) Property access system
US20060242423A1 (en) Isolated authentication device and associated methods
ES2906784T3 (en) Secure box with default content and dynamic management
US7543337B2 (en) System and method for automatic verification of the holder of an authorization document and automatic establishment of the authenticity and validity of the authorization document
ES2202131T3 (en) DEVICES AND METHOD FOR BIOMETRIC AUTHENTICATION.
WO1999008217A1 (en) Fingerprint collation
CN103227776A (en) Configuration method, configuration device, computer program product and control system
ES2272728T3 (en) ELECTRONIC PAYMENT TERMINAL, SMART CARD ADAPTED TO SUCH TERMINAL AND PROCEDURE FOR LOADING A SECRET KEY IN THE TERMINAL SAID.
US7065647B2 (en) Communication system, authentication communication device, control apparatus, and communication method
ES2643223T3 (en) Storage medium with encryption device
ES2774397A1 (en) METHOD AND SYSTEM FOR RECOVERY OF CRYPTOGRAPHIC KEYS FROM A BLOCK CHAIN NETWORK (Machine-translation by Google Translate, not legally binding)
US20220100830A1 (en) Lock system using fido authentication
WO2013186711A2 (en) Gatekeeper lock system
WO2002048485A1 (en) Fingerprint recognition key, lock, and control method
ES2217968B1 (en) SYSTEM AND PROCESS OF PERSONAL IDENTIFICATION BEFORE ELECTRONIC LOCKS AND OTHER COMPUTER SYSTEMS.
BRPI0807432A2 (en) PORTABLE AUTHENTICATION DEVICE
JP2005139644A (en) Key information distribution system
ES2336543T3 (en) DATA PROCESSING WITH A KEY.
ES2236137T3 (en) METHOD OF ANTICLONATION.
US20190028470A1 (en) Method For Verifying The Identity Of A Person

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)
122 Ep: pct application non-entry in european phase