ELECTRICAL DEVICE

FIELD OF THE DISCLOSURE

[0001] The present disclosure relates generally to a method of, and a system for, authenticating one or more users to operate one or more electrical devices in a network.

BACKGROUND

[0002] Network-based equipment, information and services need to be protected from unintended or unauthorized access, change or destruction, and is of growing importance in line with the increasing reliance on online computer systems of most societies worldwide. Hence, authenticating the identity of an individual user to reduce the risk of unauthorized access to such equipment is critical for system security. Various techniques for authenticating the identity of the user generally include requiring the presentation of a first factor defined by something the user knows (e.g., a password, a personal identification number (ΡΓΝ), etc.) in combination with at least one other factor, such as something the user has (e.g., a smart card, a hardware or software token, etc.) and/or something the user is (e.g., a biometric characteristic).

[0003] As advantageous as such authentication techniques are, however, they are generally made available only to those governmental, medical, scientific, and engineering organizations requiring the highest security protocols and are seldom granted to more conventional commercial users, such as business offices. The availability of such authentication techniques is limited by the desire on the part of the commercial users to keep their operational costs down. Multi-factor credentials are expensive, require end-user training, and require sophisticated support processes. Hardware and software tokens add to additional system costs. Larger deployments also have to factor in the increased costs associated with inventory management, shipment, and replacement of such tokens.

[0004] Accordingly, there is a need to authenticate one or more users to operate one or more electrical devices or equipment in a network in a more cost-efficient manner without sacrificing system security.

BRIEF DESCRIPTION OF THE FIGURES

[0005] The accompanying figures, where like reference numerals refer to identical or functionally similar elements throughout the separate views, together with the detailed description below, are incorporated in and form part of the specification, and serve to further illustrate embodiments of concepts that include the claimed invention, and explain various principles and advantages of those embodiments.

[0006] FIG. 1 is a diagrammatic view of a system for authenticating a user to operate one or more electrical devices in a network in accordance with this disclosure.

[0007] FIG. 2 is a diagrammatic view of some of the components mounted in a mobile communications device depicted in FIG. 1.

[0008] FIG. 3 is a flow chart of a method of authenticating a user to operate one or more electrical devices in a network in accordance with this disclosure.

DETAILED DESCRIPTION

[0009] In accordance with one feature of this invention, a method of authenticating a user to operate an electrical device in a network is performed by encoding an identification symbol with identification data that identifies the user, by capturing and storing an image of the identification symbol, by encoding a composite symbol with the identification data and with operating data that enables the electrical device to be operated, by associating the composite symbol with the electrical device to be operated, by capturing an image of the composite symbol, by comparing the images, and by enabling the user to operate the electrical device when the identification data in the composite symbol matches the identification data in the identification symbol.

[0010] Advantageously, the identification symbol is printed on a portable medium, e.g., a card, a badge, or the like, carried by the user, and is preferably configured as a two-dimensional symbol, e.g., a Quick Response (QR) code, a Portable Data File (PDF) 417 code, a Data Matrix (DM) code, or the like. All of these codes are capable of storing data in a quantity much greater than the conventional one-dimensional Universal Product Code (UPC) symbol. Each image is captured by a solid-state imaging sensor mounted in a mobile communications device, such as a smartphone or cellphone having a built-in camera, carried and operated by the user.

[0011] The composite symbol, which likewise may be configured as a two-dimensional symbol, e.g., a QR code, a PDF417 code, a DM code, or the like, is displayed in close association with the electrical device to be operated. Preferably, the composite symbol is printed on a medium, e.g., a sheet of paper, which is affixed in the vicinity of the electrical device to be operated. If the electrical device has a screen, then the composite symbol may be displayed thereon. The composite symbol is preferably encoded with a plurality of identification data from a group of users, each enabled to operate the electrical device when the identification data for any individual user in the composite symbol matches the identification data in the identification symbol for that individual user.

[0012] The printing of the identification symbol and the composite symbol is a very cost- effective authentication technique for commercial users to keep their operational costs down. End-user training, sophisticated support processes, and hardware and software tokens are no longer required. The large data storage available in the composite symbol enables multiple users to independently access each electrical device.

[0013] In accordance with another feature of this invention, a system for authenticating a user to operate an electrical device in a network, includes an identification symbol encoded with identification data that identifies the user, and a composite symbol encoded with the identification data and with operating data that enables the electrical device to be operated. The composite symbol is associated with the electrical device to be operated. A solid-state imaging sensor captures an image of the identification symbol, and also captures an image of the composite symbol. A controller compares the images, and enables the user to operate the electrical device when the identification data in the composite symbol matches the identification data in the identification symbol.

[0014] Turning now to the drawings, reference numeral 10 in FIG. 1 generally identifies a mobile communications device, such as a smartphone or cellphone, having, among other things, a keyboard 12, a display screen 14, a radio frequency (RF) transceiver module 16, and an antenna 18 operative for communicating over a bi-directional wireless link 20 with a network 22 that is in communication over a bi-directional wireless link 26 with a network server 24. As schematically shown in FIG. 2, the communications device 10 includes a built-in camera having an imager or image sensor 30 and an imaging lens assembly 32 mounted behind a rear window 28 on the communications device 10. The sensor 30 is a solid-state device, for example, a charge coupled device (CCD) or a complementary metal oxide semiconductor (CMOS) device having an array of addressable photocells or pixels arranged in mutually orthogonal rows and columns, and operative for detecting return light captured by the imaging lens assembly 32 over a field of view 36 centered on an imaging or optical axis 34 through the rear window 28. The return light is scattered and/or reflected from a target 40, as described below, over the field of view. The target 40 may be located anywhere in a working range of distances between a close- in working distance (WD1) and a far-out working distance (WD2) relative to the window 28.

[0015] In order to increase the amount of the return light captured by the sensor 30, especially in dimly lit environments and/or at far range reading, an illuminating light assembly is also mounted in the device 10 and includes an illumination light source, e.g., a light emitting diode (LED) 42, and an illuminating lens assembly 44 configured to efficiently generate a pattern of illumination light on and along the target 40 to be read by image capture. At least part of the scattered and/or reflected return light is derived from the pattern of illumination light on and along the target 40.

[0016] As also shown in FIG. 2, the sensor 30, the LED 42, and the RF module 16 are operatively connected to a controller or microprocessor 46 operative for controlling the operation of these components. A memory 48 is connected and accessible to the controller 46. Preferably, the microprocessor 46 is the same as the one used for processing the return light from the target 40 and for decoding the captured target images when the target is an encoded symbol. In operation, the microprocessor 46 sends a command signal to energize the LED 42 for a short exposure time period, say 500 microseconds or less, and energizes and exposes the sensor 30 to collect the return light, e.g., illumination light and/or ambient light, from the target 40 only during said exposure time period. A typical sensor 30 needs about 18-33 milliseconds to acquire the entire target image and operates at a frame rate of about 30-60 frames per second.

[0017] Returning to FIG. 1, an identification symbol 50 is encoded with identification data that identifies a user desiring access to operate one or more of the electrical devices 102, 104, and 106 connected over bi-directional wireless links to the network 22. The identification symbol 50 is printed on a portable medium 52, e.g., a card, a badge, or the like, carried by the user, and is configured as either a one-dimensional Universal Product Code (UPC) symbol, or preferably, as shown, a two-dimensional symbol, e.g., a Quick Response (QR) code, a Portable Data File (PDF) 417 code, a Data Matrix (DM) code, or the like. The printing is performed with ink on a substrate, such as a paper sheet. The imaging sensor 30 is operated by the user to capture an image of the identification symbol 50 (see the displayed image on screen 14), and to store the captured image, for example, in the memory 48.

[0018] A composite symbol 100, preferably two-dimensional, is encoded with the aforementioned identification data and with operating data that enables one or more of the electrical devices 102, 104, and 106 to be operated. The composite symbol 100 is associated with each electrical device to be operated. The composite symbol 100, which may be a QR code, a PDF417 code, a DM code, or the like, is displayed in close association with the electrical device to be operated. Preferably, the composite symbol 100 is printed on respective media 1 12, 1 14, and 1 16, e.g., sheets of paper, which are respectively affixed in the vicinity of the electrical devices to be operated. If any electrical device has a screen, then the composite symbol 100 may be displayed thereon.

[0019] The imaging sensor 30 is again operated by the user to capture an image of the composite symbol 100 associated with any of the devices 102, 104, and 106, to which the user desires access. Thus, the aforementioned target 40 represents both the identification symbol 50 and the composite symbol 100, whose images are captured at different times. The controller 46 compares the images, and enables the user to operate the electrical device when the identification data in the composite symbol 100 matches the identification data in the identification symbol 50.

[0020] The large data storage available in the composite symbol 100 enables multiple users to independently access each electrical device. In effect, the composite symbol 100 serves as a read only memory (ROM). Thus, the composite symbol 100 is preferably encoded with a plurality of identification data from a group of users, each enabled to operate the respective electrical device when the identification data for any individual user in the composite symbol 100 matches the identification data in the identification symbol 50 for that individual user. The ink-printing of the identification symbol 50 and the composite symbol 100 is a very cost- effective authentication technique for commercial users to keep their operational costs down. End-user training, sophisticated support processes, and hardware and software tokens are no longer required.

[0021] The devices 102, 104, and 106 have been illustrated as a desktop computer, a printer, and lighting fixtures, preferably with dimmers, respectively, merely for ease of illustration. It will be understood that any network device can be so authenticated and controlled in accordance with this invention. As used herein, the term electrical device signifies any electronic device, or even a mechanical device having an electrical component, such as an electronic controller. Also, in applications requiring even more security, then the images of one or more identification symbols 50 may be required to be captured before being granted access to any one device.

[0022] In addition, the large data storage available in the composite symbol 100 enables the composite symbol to also be encoded with Boolean logic data that enables the user to operate the electrical device when a Boolean logic condition with respect to another electrical device has been satisfied. For example, the composite symbol associated with the computer 102 or the printer 104 may be encoded to not operate unless the lighting 106 has already been operated. As another example, the composite symbol associated with the printer 104 may be encoded to not operate unless the computer 102 has already been operated. Thus, the Boolean logic data in the composite symbol serves as a Boolean logic controller and can be made as simple or complex as desired for a particular venue. Examples of Boolean logic conditions include, for example, such logic operators as AND, OR, NOR, NOT, NAND, XOR, and XNOR operators, or a combination of such operators, preferably configured in an algorithm.

[0023] FIG. 3 depicts a flow chart indicating the steps performed in authenticating the user to operate one or more of the electrical devices 102, 104, and 106 in the network 22. In step 200, the identification symbol 50 is encoded with identification data that identifies the user. In step 202, an image of the identification symbol 50 is captured and stored. In step 204, the composite symbol 100 is encoded with the identification data, and with operating data that enables any electrical device 102, 104, and 106 to be operated, and optionally with the aforementioned Boolean logic data. In step 206, the composite symbol 100 is associated with the electrical device to be operated. In step 208, an image of the composite symbol 100 is captured. In step 210, the images are compared. In step 212, the user is enabled to operate the electrical device when the identification data in the composite symbol 100 matches the identification data in the identification symbol 50, and optionally when the aforementioned Boolean logic condition has been satisfied.