There are many situations where it would be desirable if a particular device could be protected such that it could be accessed and/or utilized only by individuals authorized to do so at the particular time. For example, there are many industrial, government and other applications where a safe, file cabinet, desk drawers or other container may store information and material for which it is desired that access be limited to a select group of authorized individuals. Further, while during some hours, such as normal business hours, it may be desirable that a larger group of individuals be granted access, at other times, such as during non-business hours, on weekends and on holidays, it may be desirable that access be limited to a much smaller group. In addition, where an organization is operating with different shifts, it may be desirable to grant authorization for access to certain individuals during certain hours and to a different group of individuals during other hours, with a third more limited group of individuals being granted access during non-business hours. There may be some overlap of the individuals in the various groups. It is also desirable that the system be able to react quickly to changes in authorized individuals to reflect the hiring and firing of authorized persons, authorized persons being on vacation, and other changes in authorized personnel; and it is also desirable that the individuals being granted access at particular times be easily altered to reflect changes in work shifts and security status. In short, it is desirable that such systems provide full programmability of authorized individuals in a simple manner which may be quickly implemented.
Further, for high security applications, a "two-man/N-man" rule may be applied, with access to a safe, file cabinet, other container like device being granted only when appropriate inputs are received from two or more authorized individuals (hereinafter "N-man rule"). The same flexibility indicated above is desirable where an N-man rule is utilized as where only a single authorized individual is granted access to the container. In particular, the system should provide full programmability in determining combinations of individuals who will be permitted access to the container.
In addition to the above, it is desirable that such a system provide a complete audit trail of accesses to the container, including the individual or individuals granted access, the time such access was granted, and the time the container was relocked. Further, while relocking may be performed by the individual having access to the system, in some applications it may also be desirable that the system automatically relock after some time period to assure that a user does not inadvertently leave the container unlocked. It is also desirable that a central control be provided for all containers in a particular facility, or portion thereof, which central facility maintains audit trail records, updates and amended authorizations to the system and which, when an emergency or other unusual circumstance arises, can react quickly to change authorizations or prevent any access to the container. Such an unusual circumstance might, for example, be where it is determined that there has been a security breach at the facility.
In some applications, particularly where there is a time relock and/or a capability for relocking the container remotely from a central control, it is desirable that it also be possible to close the container (for example, close the drawer of a file cabinet) so that the container can be locked. Where such capability exists, it would also be desirable if the container could also automatically be opened when it is unlocked. Further, in some applications, it is desirable that the above capabilities exist on a drawer-by-drawer basis for a file cabinet. It is also desirable that, while there be central control, each individual container have its own free standing locking system. Free standing shall mean, for purposes of this invention, that the locking system or mechanism, or other protection mechanism, is not connected by wires or other electrical connectors to a central computer. RF or other electromagnetic communication or other non-wired links may however be permitted.
Finally, it is desirable that the security of such a system be enhanced by providing at least two factor security. There are currently three factors which are utilizable in security applications. The most common of these is what an authorized individual secretly knows, for example, a personal identification code (PIN). The second factor is something the person has, for example, a token, key or card. An example of this is the card utilized to gain access to bank ATM systems. The third possible factor is something the person is, for example a fingerprint, a voice signature or the like. For enhanced security, a system for granting access to a container should utilize two or more such factors, for example, something the person secretly knows and something the person has.
While currently existing security systems, devices and methods for containers, such as combination locks, may provide certain ones of the objectives indicated above, some of these objectives are not provided by any currently existing free standing, independent security method or apparatus for a container, and no currently existing container security method or apparatus provides all or a substantial portion of such objectives. A need therefore exists for improved container security method and apparatus adapted for providing the various objectives indicated above.
Another situation in which a need exists for an improved security method and apparatus is in the protection of devices which are subject to theft, unauthorized use or other misappropriation. One way to discourage such theft or misappropriation is to assure that the device, if misappropriated, will become useless to the misappropriator. Thus, if a car on being stolen has its entire ignition system disabled such that it cannot be driven, or has its wheels locked such that they cannot be moved even by a standard tow truck, it becomes of little value to a thief. Similarly, if a radio, computer, or other electronic device has a major component disabled such that it either is inoperative or generates useless noise if misappropriated, then there is little incentive for such misappropriation.
There are three possible modes in which such a method or apparatus might operate. The first mode is a turn-on mode wherein some type of security code is required in order for the device to be used at all. Thus, a coded input may be provided to enable or turn on a cable TV box at a subscriber site. The second mode is a turn-off mode wherein, when it is discovered that the device has been misappropriated, or when a period of authorized use has expired, the device may be disabled so that it is no longer usable. This mode is sometimes more convenient in that it does not require the rightful owner to input a code in order to normally use the device while still permitting the device to be disabled and rendered of no value to a misappropriator if the device is stolen. A third possible mode is a "keep-alive" mode wherein the device requires periodic receipt of coded input in order to remain operative, and stops operating if such a coded input is not received for some period of time. In some applications, number of uses or some other factor(s) may be substituted for time in keep-alive mode. Two or more modes may also be employed in some applications.
Again, it is desirable that such coded input be a two factor input to assure a higher security level. In very high security applications, where, for example, it is desired to wipe clean the memory of a stolen computer of all data and programs contained therein, the availability of N-man rule for turn-off (i.e. erase) mode might also be desirable.
Since a method and apparatus for providing such device security does not currently exist, it is a further object of the invention to provide an improved method and apparatus having such device security capabilities.