초록 ▼

The present invention is generally directed toward a mobile device that can be used in a secure access system. More specifically, the mobile device can have credential data loaded thereon remotely updated, enabled, disabled, revoked, or otherwise altered with a message sent from, for example, a cont

The present invention is generally directed toward a mobile device that can be used in a secure access system. More specifically, the mobile device can have credential data loaded thereon remotely updated, enabled, disabled, revoked, or otherwise altered with a message sent from, for example, a control panel and/or controller in the system.

대표청구항 ▼

What is claimed is: 1. A method of remotely maintaining a secure access system, comprising: receiving, at a secure access system controller, a credential update for at least one user of the secure access system; in response to receiving the credential update, said controller automatically initiatin

What is claimed is: 1. A method of remotely maintaining a secure access system, comprising: receiving, at a secure access system controller, a credential update for at least one user of the secure access system; in response to receiving the credential update, said controller automatically initiating a system update process, the system update process comprising: generating a message comprising information representing the credential update; determining at least one target for said message, wherein said at least one target comprises at least one mobile device associated with the at least one user; and transmitting said message to said at least one target; and wherein said at least one mobile device has a first set of credential data stored thereon, wherein upon receiving said message from said controller, said first set of credential data is changed to a second different set of credential data, wherein said message is transmitted to said at least one mobile device without receiving a request for said message from said at least one user, wherein said at least one mobile device is a smart mobile device, wherein said first set of credential data comprises self-authenticating data, wherein said second set of credential data comprises different self-authenticating data, and wherein said self-authenticating data enables said at least one mobile device to make a determination of its own access rights with respect to an asset. 2. The method of claim 1, wherein the system update process further comprises transmitting said message to at least one of a reader and a database. 3. The method of claim 1, wherein said first set of credential data has at least one of a key, password, unique ID, encryption scheme, and transmission protocol that is different in said second set of credential data. 4. The method of claim 1, further comprising, in the event that said at least one mobile device does not receive said message and is subsequently presented to a reader, determining, by said reader, that said at least one mobile device is invalid. 5. The method of claim 1, wherein said credential updates are received at the controller on a periodic basis. 6. The method of claim 1, further comprising: receiving said message at said at least one mobile device; and modifying at least a portion of memory of said at least one mobile device according to said updated credential information. 7. The method of claim 6, wherein said modifying comprises at least one of disabling and revoking at least a portion of said memory. 8. The method of claim 6, further comprising: disabling at least a portion of said memory unless an enabling message is received. 9. The method of claim 1, further comprising de-enrolling a user of at least one mobile device from an access list, wherein said credential update is generated in response to de-enrolling said user from said access list. 10. The method of claim 1, wherein said message is transmitted over a cellular communication network. 11. The method of claim 1, wherein said message is transmitted by at least one of a radio frequency signal and a near field communication signal. 12. The method of claim 1, further comprising: presenting said at least one mobile device to a reader; generating a second message comprising information related to said at least one mobile device being presented to said reader; and sending said second message to at least one of a database, controller, and another mobile device. 13. The method of claim 12, wherein said second message is sent via a short message service (SMS) message. 14. The method of claim 1, wherein said credential update is pushed toward said at least one mobile device without any solicitation by said at least one mobile device or a user of said at least one mobile device. 15. The method of claim 1, further comprising: determining, by said at least one mobile device, that said at least one mobile device is not allowed access to the asset; and in response to determining that said at least one mobile device is not allowed access to the asset, performing one of the following substeps: (i) sending a signal back to a reader; and (ii) doing nothing. 16. A secure access system, comprising: at least one mobile device comprising memory, wherein said memory comprises credential information; a controller that is operable to receive a credential update for at least one user of the secure access system and in response to receiving the credential update automatically initiate a system update process, wherein during the system update process the controller is operable to automatically cause a message to be generated that comprises said updated credential, and cause said message to be transmitted to said at least one mobile device associated with said at least one user, wherein credential information on said memory is altered in response to receiving said message, wherein said credential update is initiated by an entity other than said at least one user, wherein said at least one mobile device is a smart mobile device, wherein said credential information comprises self-authenticating data, wherein said self-authenticating data is altered, and wherein said self-authenticating data enables said at least one mobile device to make a determination of its own access rights with respect to an asset. 17. The system of claim 16, further comprising: at least one reader for determining an authenticity of said at least one mobile device; and a database for maintaining information related to said system, wherein said controller is further operable to cause a second message to be generated that comprises said updated credential and cause said second message to be transmitted to at least one of said reader and said database. 18. The system of claim 17, wherein, in the event that said at least one mobile device does not receive said message, credentials of said at least one mobile device become obsolete. 19. The system of claim 18, wherein, upon presentation of said at least one mobile device to said at least one reader, the authenticity of said at least one mobile device is determined to be invalid. 20. The system of claim 16, wherein said credential information altered on said memory comprises at least one of a key, password, unique ID, encryption scheme, and transmission protocol. 21. The system of claim 16, wherein credential updates are received at said controller on a periodic basis. 22. The system of claim 16, wherein credential information on said memory is at least one of disabled and revoked in response to receiving said message. 23. The system of claim 16, wherein said mobile device comprises a timing-out mechanism, wherein said timing-out mechanism is operable to disable said memory unless an enabling message is received from said controller. 24. The system of claim 16, wherein said controller causes said message to be transmitted to said mobile device via at least one of a global system for mobile communications, a digital cellular system, and a personal communications system. 25. The system of claim 16, wherein said at least one mobile device is at least one of a cellular phone, and personal digital assistant. 26. The system of claim 16, wherein said credential update is initiated in response to de-enrolling at least one user from a list of authorized users. 27. The system of claim 16, wherein said at least one mobile device comprises a plurality of mobile devices, and wherein credential information in each one of the plurality of mobile devices is altered. 28. The system of claim 16, wherein said at least one mobile device comprises a plurality of mobile devices, and wherein credential information in less than all of the plurality of mobile devices is altered. 29. The system of claim 16, wherein said message is transmitted via at least one of a radio frequency and near field communication signal. 30. The system of claim 16, wherein said message is transmitted via a cellular communications network. 31. The system of claim 16, wherein said credential update is pushed toward said at least one mobile device without any solicitation by said at least one mobile device or a user of said at least one mobile device. 32. The system of claim 16, wherein said at least one mobile device is adapted to make a self-determination that it is not allowed access to the asset and, in response to determining that it is not allowed access to the asset, either (i) send a signal indicating the self-determination or (ii) do nothing. 33. A mobile device for use by a user in a secure access system, comprising: a memory, wherein said memory comprises credential information; and an interface operable to communicate with a reader and further operable to receive messages relating to updated-credential information, wherein, upon receipt of a first message, said credential information for the user is automatically changed from a first state to a second state, wherein said messages relating to updated-credential information are received without said at least one user transmitting a request for said messages, wherein said credential information comprises self-authenticating data, wherein said self-authenticating data is different between said first state and said second state, and wherein said self-authenticating data enables said mobile device to make a determination of its own access rights with respect to an asset. 34. The device of claim 33, wherein, in the event that said first message is not received, said credential information is maintained in said first state and as a result becomes obsolete. 35. The device of claim 34, wherein said reader is operable to determine an authenticity of said mobile device based at least in part upon said credential information, and upon presentation of said mobile device to said reader, the authenticity of said mobile device is determined to be invalid. 36. The device of claim 33, wherein said reader is associated with a controller and the controller is operable to determine an authenticity of said mobile device based at least in part upon said credential information. 37. The device of claim 36, wherein said reader is operable to determine an authenticity of said mobile device based at least in part upon said credential information. 38. The device of claim 33, wherein said credential information comprises at least one of a key, password, unique ID, encryption scheme, and transmission protocol. 39. The device of claim 33, wherein said at least one of a key, password, unique ID, encryption scheme, and transmission protocol is different in said first state than in said second state. 40. The device of claim 33, further comprising a timing-out mechanism, wherein said timing-out mechanism is operable to disable said memory unless an enabling message is received. 41. The device of claim 33, wherein a near field communications protocol is used by said first interface to communicate with said reader. 42. The device of claim 33, wherein said mobile device is adapted to make a self-determination that it is not allowed access to the asset and, in response to determining that it is not allowed access to the asset, either (i) send a signal indicating the self-determination or (ii) do nothing.