System and method for physical access control

摘要

The present invention provides, in one aspect, a system and method for managing authentication tokens that operate across multiple types of physical resources binding the tokens to one or more external electronic Identity Providers; generating tokens; authenticating the tokens at multiple physical resources; managing access to physical resources by linking the tokens to the electronic identities; translating the tokens to the appropriate physical token type based on infrastructure services available at the point of service; validating tokens at the physical resource; tracking and conveying usage information; and making use of social group relationships and other data defined by individual usage to, among other things, simplify the process of granting user-generated credentials to persons connected to a given individual via the Identity Provider or an external social network, for example.

主权项

1. A system for access control management, comprising:
at least one processor, and at least one memory storing instructions that, when executed by the at least one processor, cause the system to: store, by a credentialing and access control system, configuration data pertaining to access requirements for a plurality of physical resources, including a first physical resource and a second physical resource; bind, by the credentialing and access control system, required access conditions for accessing the first and second physical resources with an internal identity for at least one user and an external identity for the at least one user, with the external identity corresponding to identity and authentication information obtained by an identity provider external to the credentialing and access control system; receive, by the credentialing and access control system, identity and authentication information pertaining to the at least one user's external identity from the at least one user; and generate, for the at least one user and based on the received identity information, at least a first and a second resource token, with the first resource token permitting the at least one user to access the first physical resource and with the second resource token permitting the at least one user to access the second physical resource.