ACCESSES CONTROL SYSTEM USING A BIOMETRIC DEVICE

DESCRIPTION

The present invention refers to a control system for the enabling/disabling of safety apparatuses, be them locks for the opening/closing of passages or alarm devices.

Present-day safety solutions using various (magnetic or RF) cards or the entering of PIN codes are not apt to ensure the required safety level. In fact these systems, at least when used individually, are easily subject to safety violations owing to the possibility of card duplication, loss, or unauthorized password or PIN disclosure. In those cases, it is possible that unauthorized third parties obtain the authorizations required to carry out determined actions and/or enter protected rooms, with the entailed safety violation.

Hence, object of the present invention is to solve said problems, by providing a control system as defined in independent claim 1.

Secondary features of the present invention are defined in the corresponding dependent claims thereof.

The present invention, by overcoming the abovementioned problems of the known art, entails several evident advantages.

In particular, it utilizes a user identification system based on the recognition of one of his/her fingerprints. Fingerprints exhibit constants, each one is unique and the corresponding pattern thereof may easily be stored at a minimal cost.

The system subject-matter of the present invention is based on a biometric device, which allowed to remarkably reduce the cost and also miniaturize the product, making this technology of easier use and marketing.

The main functions of the system according to the present invention are those of commanding the opening of doors, managing the control of open door and forced- open door by two distinct alarm signals and the command for switching on or off an alarm. Moreover, it has the option of setting off a silent alarm in case of coercion.

Among the main advantages deriving from the use of the present invention, surely relevant are the simplicity of installation, the ease of use and the flexibility in customization depending on specific needs. In fact, the user could record different fingers according to the associated function. In other words, it will be possible to use different fingers to activate/deactivate different functions, like, e.g., the opening of the door, the switching on of the alarm, the coercion, the enabling of user management (recording and erasing).

Moreover, thanks to its architecture, comprising a device located outside of the room to be protected, apt to read the fingerprint, and a device thereinside, apt to unblock the door and manage the alarms, it ensures inviolability even to the most experienced thieves. In fact, it is not possible to act in any way on the connections of the outside device to command the opening of the door or, even less, to disable the alarm.

A further advantage of the system according to the present invention lies in that it provides the option of integrations with other safety systems providing the use of PIN codes and/or various (Smart Card, RF, magnetic) cards. This makes it even sturdier with respect to any attempt at forcing it.

A still further advantage lies in that the system according to the present invention allows to increase even further the safety level, by implementing a user identification process based on a sequence of plural fingerprints, alike or different ones, of the subject. In fact, it will be possible to record a fingerprint sequence to ensure the identification of a single user, so as to add to the safety deriving from the biometric system also that induced by the use of identification codes.

Further advantages, as well as the features and the operation modes of the present invention, will be made apparent in the following detailed description of preferred embodiments thereof, given by way of example and not for limitative purposes, making reference to the figures of the annexed drawings, wherein: figure 1 is an exemplary block diagram of a system according to the present invention; figure 2 is a perspective view of a fingerprint reader according to the present invention; and figure 3 illustrates, by way of example, a possible application of the present invention.

The present invention will hereinafter be detailed making reference to the above- indicated figures.

As mentioned hereto, a system according to the present invention could advantageously be used to control the enabling and/or the disabling of one or more safety apparatuses of a controlled room, e.g. the opening/closing of doors, the activating/deactivating of alarm devices, etc., as will be described hereinafter.

Initially referring to figure I ₅ a system 1 according to the present invention comprises a first unit 2, in particular a biometric data reader, preferably a fingerprint reader.

Advantageously, such a reader could be used to detect a fingerprint of a user to

be identified and optionally authorized to access the room, or to activate alarm devices.

In general, the reader unit 2 comprises an authorized users file, in which some identifying data of authorized users' fingerprints are stored. Of course, along with that of fingerprint data, there could be provided the storing of other information, also depending on specific applicative needs.

The reader 2 further comprises means for comparing a detected fingerprint to identifying data stored in the authorized users file.

On the basis of the outcome of such a comparing, said comparing means could produce a positive or negative identification signal.

Such comparing means comprises processing and/or analysis software procedures apt to verify the match between the models of detected fingerprints and those of the stored ones. Therefore, as a result these procedures provide a positive identification signal when a model of a detected fingerprint matches one of the models stored in the authorized users file.

The system 1 further comprises a second unit 10, in particular a switching unit 10.

The switching unit 10 is connected to the biometric data reader 2 and is inputted the identification signal generated thereby following the detection of a fingerprint of a user to be identified.

The switching unit 10, depending on the identification signal, will activate corresponding means for enabling/disabling the safety apparatuses connected thereto, e.g. electric locks of passages and/or doors, alarm devices, etc.

As mentioned above, the recognition of the fingerprint, or of a mathematic model thereof, occurs on the basis of a comparing thereof to fingerprints and/or fingerprint models previously stored in an authorized users file.

Such a file is created and updated through procedures for recording users, who may be authorized at different safety and/or functionality levels.

Moreover, a same user could record plural functions and/or access modes, each one associated to a different finger, therefore to a different fingerprint.

A few such functions are described hereinafter:

- User verification;

- "Provisional" user recording;

- "Normal" user recording;

- "Anti-coercion" user recording;

- User recording for "alarm" switching on;

"Manager" user recording;

Single-user erasing upon recognition of fingerprint to be erased;

Single erasing for users recorded as provisional;

- Erasing all users;

- Safety level setting.

All operations of user verification, recording and erasing occur via predefined procedures to be carried out directly onto the fingerprint reader. For instance, there could be provided one or more programming keys to be pressed according to predefined sequences, a specific function corresponding to each of the latter. Also for this purpose, it will of course be advantageous to provide an access to the system by an "administrator" or "manager" user, to whom it is allowed to operate for recording and erasing other users, erasing the users file, and for any other operation that should be carried out exclusively by safely authorized personnel in charge.

Therefore, the identifying data of recorded users are stored in the authorized users file, to which the system will access to verify whether a user requesting identification is enabled or not enabled to the activation of a certain function.

Some examples of functions activable/deactivable using a control system according to the present invention are described hereinafter.

Advantageously, the switching unit has two outputs dedicated to the opening of a door. Depending on the type of lock used, the installer should connect an impulse output (impulse duration = 1 s) or a long output (impulse duration = 5 s).

Moreover, the system may provide an open-door alarm when, following an opening command from the outside, by recognition of an authorized user's fingerprint, or from the inside, by pressing of a suitable door-opening pushbutton, the door is not closed again within some seconds from the command.

The system may also provide an open-door alarm when the door is opened without opening command having occurred, from the inside as well as from the outside.

The system may provide a coercion alarm when, in order to access to the room, a finger recorded as "anti-coercion" is used. In this case, the system disables the alarm, opens the door and activates the coercion alarm. It may be used in conjunction with a connection to a radio bridge or a telephone dial.

The system provides an output dedicated to enabling the alarm. When an access is performed, along with the opening of the door, the alarm is disabled. When a recognition is performed with a finger recorded as "alarm", the same is enabled

with a 15 -second delay.

The system provides an input dedicated to the use of one or more pushbuttons for opening the door from the inside.

The system has an input dedicated for the use of a sensor for detecting the open or closed condition of the door.

The system has a dedicated input for the switching on of the alarm, i.e., inside of the room there may be installed a pushbutton for switching on the alarm. When pressed, the door-opening and alarm-enabling command is obtained, with a 15- second delay to allow exiting from the room, as if a user verification for switching on the alarm had been carried out.

The fingerprint reader integrates a sensor apt to detect the presence of the finger thereon. This allows to rapidly command a user verification and, therefore, to speed up the access.

From a design standpoint, an important feature of the system according to the present invention is that of the physical separation between the fingerprint reader 2 and the switching unit 10.

In fact, in order to improve safety, as it will be better described hereinafter, the fingerprint reader 2 is preferably located outside of the controlled room, whereas the switching unit 10 is preferably located thereinside, thereby being inaccessible to any ill-intentioned party wishing to tamper with the system to access, though unauthorized, the controlled room.

In fact, though the system unit in charge of user identification is the fingerprint reader 2, all safety apparatuses that have to be activated/deactivated are electrically connected to the switching unit 10, which in turn is driven via the identification signal. Of course, such an identification signal could be encoded so as not to be easily simulated from the outside of the room itself.

The connection between fingerprint reader 2 and switching unit 10 could be made with conventional data transmission techniques, e.g. using a serial data transmission cable, or even wireless radio devices.

In order to access the rooms and switch off the alarm, or to switch it back on when exiting, the user should merely rest a finger on the fingerprint reader. The fingerprint verification and the execution of the command associated to the resting finger is automatic.

Finally, the entire system may be equipped with a buffer battery so as to ensure accesses even in the absence of power supply.

In addition to the foregoing, the system according to the present invention is

quite apt to be integrated with other forms of access control or the like, in order to further improve the safety features and increase the capabilities of implementing novel and improving functionalities.

For this purpose, the system could advantageously be equipped with an alphanumeric keypad for the entering (keying in) of recognition codes (PINs).

The keypad may be connected to the fingerprint reader. In this case a code, when entered, will be processed directly by the fingerprint reader that will be capable of assessing whether the user is enabled to carry out the operation. Advantageously, different enabling levels could be provided:

User recognition exclusively on the basis of the PIN entered: to carry out the operation, the user should merely enter the corresponding PIN on the keypad; or

User recognition on the basis of the PIN entered and the fingerprint: to carry out the operation, the user should both enter the PIN on the keypad and have his/her fingerprint verified.

On the basis of the outcome of such verifications, the user will or will not be enabled to the access or the required operation.

Alternatively, the reader could be interfaced to a pre-existing safety system provided with means for recognizing users and controlled by a keypad. In this case, to generate the identification signal, there could be added a fingerprint recognition functionality to the already existing PIN one, and a user recognition could be selected both with PIN and fingerprint and with only one of the two functionalities.

Advantageously, the system can also be equipped with a display for displaying information and/or the PINs to be assigned or entered. This facilitates some system administration operations, such as the recording and/or the erasing of users.

A further variant provides the integration of a (Smart Card, RF, magnetic) card reader. In that case as well, the reader integration modes can be different in order to attain different behaviors.

The smart card reader may operate independently from the fingerprint reader, and therefore be provided with a local intelligence for managing the users. In this case, in order to carry out the operation the user could both swipe the card on the reader or use only one of the two functions.

Alternatively, the card reader could be connected to the fingerprint reader and cooperate therewith in the recognition phase, transmitting thereto the data stored onto the smart card itself.

In that case, different enabling levels could be provided:

User recognition exclusively on the basis of the smart card: to carry out the step the user should merely swipe the card in the reader; or

User recognition on the basis of the smart card and the fingerprint: in order to carry out the step the user should both swipe the card in the reader and have his/her fingerprint verified.

On the basis of the outcome of these verifications, the user will or will not be enabled to the access or the required operation.

Still another option provided is that of using Read/Write cards. Advantageously, such cards may be exploited also for storing therein the model of one or more fingerprints. This option allows to avoid the creation of a fingerprint database aboard the devices.

Thus, for any kind of operation (administrator, door opening, alarm switching on, anti-coercion alarm sending, provisional) the following additional functionalities are possible:

User recognition by card-stored fingerprint: in order to carry out the operation, the user should first insert the card and then rest his/her finger on the reader: the device will verify that the model extracted from the image presently acquired matches one of those stored on the card. Of course, the different options described hereto could also be implemented in conjunction thereamong, thereby originating a control system with two or more safety levels, capable of implementing more articulated room access modes or specific management and/or administration functions.

Moreover, in all of the cases described hereto there may be implemented an event-recording (LOG) function, for control purposes. In that case, aboard the device there will be provided an additional memory and means for the recording of events on said memory, keeping track of a predetermined number of events, e.g., of what are the last N operations carried out and who carried them out. With the further addition of an internal clock, there may be stored also the information on the time at which said operations have been carried out. By having aboard a clock it is possible to limit the carrying out of specific operations, or the carrying out of the operation by specific users, at a predetermined time.

According to a further variant, the system also provides a card for managing the TCP/IP protocol.

Connecting the terminals in a network with a managing central computer allows room for multiple options, among which, e.g.: user recording and erasing from the central computer: this would allow the

use in structures having a customer reception, such as hotels, or in large- sized structures. Moreover it allows the instant enabling of a user to act at plural passages, being identified by the same ID at each of them, complex time card management role management user profile management batching users by access typology real-time monitoring of the condition of all entrances, remote controlling of exit conditions The present invention has hereto been described according to preferred embodiments thereof, given by way of a non-limiting example.

It is understood that other embodiments could be envisaged, all to be construed as falling within the protective scope thereof, as defined by the appended claims.