Self-contained programmable terminal for security systems

Information

  • Patent Grant
  • 4218690
  • Patent Number
    4,218,690
  • Date Filed
    Wednesday, February 1, 1978
    46 years ago
  • Date Issued
    Tuesday, August 19, 1980
    44 years ago
Abstract
A security system is disclosed which utilizes plural remote terminals for controlling access at plural locations throughout a secured area or building. Each of these remote terminals is capable of independent functioning, and includes a memory for storing plural independent identification numbers which define the personnel who will be granted access. These numbers stored in the terminal memories may be different from terminal to terminal, or may be uniform throughout the system, and may be the same as a list stored at a central processing location. Thus, access may be limited to the same group of individuals regardless of whether it is provided by a central memory list or a remote memory list. The remote memories provide total memory flexibility, so that the deletion of identification numbers from the list does not reduce the memory size. The memory, in addition to identification numbers, stores data defining real time access limitations for each of the individuals who will be granted access, so that flexibility in time of day access control is provided on a programmable basis.
Description

BACKGROUND OF THE INVENTION
This invention relates to security systems and, in the preferred embodiment, to magnetically encoded data card security systems in which access at a secured location is controlled by a comparison of data on a card inserted by personnel into the system with data stored in the system and defining those persons who shall be granted access. More particularly, this invention relates to a system in which, in addition to card data, keyboard data may be entered by persons wishing access, the keyboard data being a combination and permutation of the card data. In such a system, the present invention provides a substantially broader degree of flexibility in system control than was previously available, since it permits independent programming of terminals at each of plural remote locations in a system where the remote terminals, under normal circumstances, operate in conjunction with a central processor to regulate access. Thus, with this system flexibility, it is possible, even when communication is interrupted between the central processor and the remote terminals, to limit access at the remote terminals in accordance with either (a) the same identification list as is stored in the main memory, (b) a more stringent list, or (c) a more liberal list, as the user desires. Such flexibility has not heretofore been available. Furthermore, the ability to program a memory list to define who shall be provided access at each of the independent terminals, is accomplished in the present invention in a manner which permits identification numbers to be added and deleted from the system without affecting the system's memory capacity.
Security systems utilizing remote terminals to limit access at individual remote locations have, in the past, utilized static magnetic card readers at these remote locations for controlling access through electrically operable devices, such as doors, turnstiles, printers, etc. Prior art systems have been devised in which the remote card readers communicate with a central data processor or operate as stand-alone units.
The card or badge bearing encoded data used for controlling access is typically inserted into a slot of a reader which reads and decodes the data on the card. Advantageously, this data is encoded as a plurality of magnetically polarized spots in a sheet of magnetic material. Such encoded data normally includes an identification number or numbers identifying the card holder. During use, this number encoded by the card is compared with a number or numbers stored in the central computer terminal in multi-terminal systems using central processors or at the remote locations in totally stand-alone systems, all to ascertain whether the individual inserting the card is entitled to access to a building, room, parking lot, or the like.
In one prior art embodiment, the magnetically polarized spots are used to directly actuate a read relay or other moving switch mechanism located within the reader. In the state-of-the-art system, as is exemplified by U.S. Pat. No. 3,686,479 entitled "Static Reader System For Magnetic Cards", assigned to A-T-O, Inc., assignee of the present invention, electromagnetic solid state sensors are used. These sensors are disclosed and claimed in U.S. Pat. No. 3,717,749, also assigned to A-T-O, Inc. These patents are hereby incorporated in this disclosure by reference. Such systems have been found to be very reliable and are in use as access control systems in a number of different industries, universities, and government installations.
Operation of such systems as a part of a security network employing a central processor is disclosed and claimed in U.S. Pat. No. 4,004,134, also assigned to A-T-O, Inc., and also incorporated herein by reference. This latter system incorporates a central processor which periodically and sequentially polls each of the remote terminals in the system. The remote terminals are able to transfer data to the central processor only on receipt of a polling pulse. At the central terminal, data read at the remote location from an inserted card is compared with a master list which includes those persons who shall be given access at that remote location. Such systems, in the past, have permitted a limited degree of remote terminal operation, even if some or all of the interconnecting lines between the remote terminal and the central processor have been interrupted. The systems, however, generally require that a much simpler test be made of persons wishing entrance during such degraded mode operation, and thus the group of persons allowed access at such times is, of necessity, much larger than would normally be granted access. This is a distinct disadvantage in such systems, since it does not permit a controlled programmable access under all circumstances as is often required in secured locations.
An improved system for providing degraded operation in such a central processor-oriented system is disclosed and claimed in patent application Ser. No. 830,002, filed Sept. 1, 1977, entitled "Circuit For Controlling Automatic Off-Line Operation of An On-Line Card Reader", assigned to A-T-O, Inc., the assignee of the present invention, and incorporated herein by reference. Even in that improved system, there is no substantial system flexibility regarding the persons who will be granted access during degraded mode operation, and it is common in a system of that type to provide access during degraded mode operation to any person having a card coded for use within the overall security system, even if it is not coded for use at this particular remote location.
The communication lines used in a security system of this type, where a central processor is utilized for controlling the operation of plural remote terminals, provide an even greater level of security if the communication lines are monitored to assure that they are not tampered with and that their integrity is not degraded. A system for accomplishing this purpose is disclosed and claimed in U.S. patent application Ser. No. 827,994, filed Aug. 26, 1977, and entitled "System For Monitoring Integrity of Communication Lines In Security Systems Having Remote Terminals", this application being assigned to A-T-O, Inc., the assignee of the present invention and incorporated herein by reference.
It has also been known in the prior art to include at the remote location a keyboard. Typically such keyboard systems require that persons wishing access, in addition to the insertion of a magnetically encoded data card, are required to enter keyboard data, typically a sequence of digits. These digits have typically comprised a particular permutation and combination of the data encoded on the employee's card, the particular permutation and combination often being different for different remote terminals. Some prior systems have used hardwired permutation and combination circuits which did not permit alteration after the system was installed. A more advanced keyboard system, which permits programming of the particular permutation and combination after installation, is disclosed and claimed in U.S. patent application Ser. No. 830,004, filed Sept. 1, 1977, entitled "Remotely Programmable Keyboard Sequence For A Security System", assigned to A-T-O, Inc., the assignee of the present invention and incorporated herein by reference.
While these systems disclosed in the prior art have provided a relatively flexible, sophisticated security network, certain persistent problems have remained unsolved. One of these problems involves the fact that systems utilizing a central processor invariably provide very broadly based access during degraded communication line operation. In addition, the prior art systems in which remote terminals are used to store lists of identification numbers for selective access have permitted changes in the access lists only at the expense of reduced memory size since, in the prior art, the elimination of an identification number from a memory storage location has typically required the destruction of that memory location.
In addition, those prior art systems which utilized real-time clocks for limiting access through a particular terminal to different personnel at different times of day, have been fairly limited in their flexibility and typically required that a person be issued a new entrance card or badge if his time of entry was to be changed. Such systems, therefore, greatly reduced the flexibility of real-time access control. In addition, such systems have not provided plural overlapping time zones so that various personnel could be provided access at different times of day which were not mutually exclusive.
SUMMARY OF THE INVENTION
The present invention solves these persistent problems in the prior art and provides, through their solution, an extremely powerful and flexible terminal system for secured access control. This system includes independent programmable identification listings at each of the plural remote locations of those individuals who will be granted access at such locations. In addition, the system permits connection of a plurality of these remote terminals to a central processor which includes its own programmable memory listing of personnel who will be provided access at each of the remote locations. During normal operation, when a central processor is used, this central memory is used to provide access at each of the remote locations, since the use of a central processor permits a printer to be added to the system, which printer provides a record of personnel movement throughout the system on a continuous basis. The central processor system also permits programming of each of the remote units from a central location and thus makes the system easier to control and to operate.
Nevertheless, any difficulty in communication between the central processor and the remote terminals in this system will not degrade the system operation, since a complete list of personnel who will be provided access is stored in a programmable memory at the remote location. Thus, when faulty communication lines are detected, the system interrogates its own memory for access control, and the person inserting a card at the remote terminal has no way of determining that the communication lines are impaired.
Furthermore, the system of the present invention provides a flexible, solid state programmable memory which is operated in a manner which maintains identification numbers in numerical order within the memory. Such numerical ordering permits a binary search to be conducted so that an efficient determination can be made to determine whether a particular number is stored in the memory. When a number is deleted from the memory, the remaining entries in the memory are shifted to close the data order so that no voids remain. Thus, the end of the memory can always be checked to determine whether there is room for additional identification numbers.
It will be appreciated, of course, that since the terminals of the present invention have the capability of such stand-alone operation, they can be used in a totally stand-alone application where no central processor is provided. Even in such an application, these terminals permit total programming flexibility at each of the remote locations. It will be appreciated that, utilizing a terminal of this type, a mixed system, some terminals centrally controlled and some operated as stand-alone units, is permissible utilizing the same terminal throughout the system. In addition, it is possible to install a plurality of stand-alone terminals with the expectation that, at a later date as system requirements increase, a central processor may be added to control the already installed stand-alone remote terminals.
Whereas in the prior art systems which have time of day access control, a portion of a user's identification number typically included a time of day code, the present system utilizes such a time of day code only in combination with a user's identification number in memory. Thus, the user's card or badge does not itself define a time of day, and access at different remote locations may be provided using a single card at different times of day. In use, the present system responds to the insertion of a card by finding the user's identification number in memory and accessing an associated plurality of bits which determine the times of day at which access will be provided. If this defined time of day conforms with the time of day as monitored by real time clocks within the system, access will be provided. The time of day may be changed by changing each of plural clocks within the clock system itself. In addition, the particular clocks used for controlling access for each individual are programmable within the memory.





These and other advantages of the present invention are best understood through a reference to the drawings, in which:
FIG. 1 is a schematic diagram of the overall system of the present invention showing the primary elements of a central processing unit and plural remote units;
FIG. 2 is a more detailed schematic diagram showing the operation of the memory, memory control, and real-time sensor of the remote terminals of FIG. 1;
FIG. 3 is a flow chart showing the operation of an insertion loop counter and its associated electronic elements, all of which are shown in FIG. 2;
FIG. 4 is a flow chart showing the sequential operation of a deletion loop counter and its associated electronics, all as shown in FIG. 2; and
FIG. 5 is a schematic block diagram illustration of a programmable microprocessor system utilizing a program as included in this application for accomplishing the same basic functions provided by the hardwired embodiment of FIGS. 1-4.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Referring initially to FIG. 1, a central data processing unit 11 is shown connected to a particular remote terminal 13 by a pair of polling and data lines 15,17 and a pair of data lines 19 and 21. The polling lines 15 and 17, in a typical application, are unidirectional lines which enable the central data processing unit 11 to sequentially interrogate and send data to a plurality of remote terminals 13, 23, 25, etc. to determine which of these remote terminals require servicing. It will be understood throughout the remainder of the specification in this application that a large number of remote terminals may be connected to a single central processing unit 11 and that each of the remote terminals 23 and 25 performs substantially the functions described below with reference to the remote terminal 13.
It should be understood that the lines 15,17 are a line pair, the line 17, for example, providing a return for the line 15. Similarly, the line 21 provides a return for line 19. Polling signals and data which initiate at the central processor 11 are communicated to the remote terminal 13 on the line pair 15,17. Similarly, data signals produced at the remote terminal 13 are communicated to the central processor 11 on the line pair 19,21. It will be appreciated that words communicated on the line pairs 15,17 and 19,21 are most advantageously connected within the central and remote units 11,13 to shift registers 27-33. Thus, data sequentially clocked from register 27 onto lines 15,17 may be self-clocked, as shown by line 35 into shift register 29. Similarly, data sequentially clocked from the shift register 33 may be self-clocked, as shown by the connection 37, into the shift register 31.
Although the details of a line integrity monitoring system are not shown in FIG. 1 (in order to maintain the clarity of this disclosure), such a system is typically included in the communication system between the central processing unit 11 and the remote terminal 13, and is shown in FIG. 1 as a first line integrity monitor 39 within the remote terminal 13 interconnected between the shift registers 29 and 33, and a second line integrity monitor 41 in the central processing unit 11 interconnected between the shift register 31 and the shift register 27. The details of the line integrity monitoring circuits 39 and 41 are described in patent application Ser. No. 827,994, filed Aug. 26, 1977, mentioned previously. For the purpose of the present application, it is sufficient to understand that the line integrity monitoring system 41 causes the shift register 27 to sequentially poll the remote terminals 13,23,25, etc. by sending a polling signal on the lines 15 and 17. The remote terminals 13,23,25, etc., through the line integrity monitoring circuitry 39, respond to these polling signals by providing a calculated, predetermined response which is transmitted by way of the shift register 33 and data lines 19 and 21 to the shift register 31. This data returned from the remote terminal and placed in a shift register 31 is compared by the line integrity monitoring circuit 41 to determine whether an appropriate response has been received from the remote terminal and to thus verify the integrity of the lines 15,17,19,21. It will be understood by those skilled in this art that the continued integrity of these data and communication lines is extremely important, since systems built in accordance with the present invention are used to limit personnel access and the line integrity monitoring circuit 39,41 can provide an alarm, for example, at the central processor 11, whenever an intruder (or other cause) has interfered with the communication line network.
It is important to recognize at the outset of this disclosure that the remote terminal 13 is designed to operate as a stand-alone unit as well as a remote terminal for a central processor 11, and that it can therefore be utilized without the data communication lines 15 through 21, as described below.
A card reader or sensor 43, located in the remote terminal 13, substantially is described and claimed in U.S. Pat. Nos. 3,686,479 and 3,717,749, is used to sense magnetically encoded data on a card or badge inserted into the card reader 43. This data is transmitted, as by a line 45, to a buffer or storage register 47. In a typical system, the buffer 47 provides storage for five decimal digits, each of which can be any interger between zero and nine. The communication of these five digits requires four binary digits each, so that the interconnecting line 45, as well as the buffer 47, must be a 20-bit wide device. Data from the card inserted into the card reader 43 and supplying the 20 bits of information is typically placed into the register In the system of the present invention, this data will either be compared with data in a memory 49 (in the remote unit 13) to determine whether the five-digit identification number is present in the memory 49, or will be compared with data stored in the central processor 11, if it is connected. A degraded mode sensor 42 is typically connected in series between the buffer 47 and the memory 49 and is used to selectively send data from the buffer 47 via the shift register 33 to the central processor 11 or directly to the memory 49, depending upon the mode of operation of the terminal 13. If the terminal 13 is used as a stand-alone terminal, the degraded mode sensor 42 is bypassed so that the buffer 47 is linked directly to the memory system within the remote terminal. Alternatively, if the terminal 13 is used with a central processor, the degraded mode sensor 42 normally transmits data from the buffer 47 to the central processor unit via shift register 33 but can be used when the communication lines are degraded to transfer data from the buffer 47 directly to the memory 49 within the remote terminal. The degraded mode sensor may be substantially as described and claimed in patent application Ser. No. 830,002, filed Sept. 1, 1977, and referenced above.
If the memory 49 is being used, and stores an identification number identical to that in buffer 47, it will store, in conjunction with the number, a time code. This time code will be supplied by a memory control circuit 63, associated with the memory 49, to a real-time sensor circuit 51 which provides real-time input for the remote terminal 13. If the real-time input from the circuit 51 corresponds with the time data from the memory 49, the real-time circuit 51 will enable a gate 53 to provide access at the remote location, as through a door access control circuit 54.
In this system it is possible to provide, in addition to the memory 49, a secondary means for screening personnel for access. This mechanism includes a keyboard 55 attached to a buffer 57 and a circuit 59, referred to in FIG. 1 as an IDEC circuit. The IDEC circuit 59 is described in detail in patent application Ser. No. 830,004, filed Sept. 1, 1977 and referred to previously. For the purpose of the present application, it is sufficient to understand that the IDEC circuit 59 requires that the person requiring access at the door 54 must input a sequence of numbers at the keyboard 55, which is identical to a plurality of numbers read by the card reader 43, but altered in sequence. The IDEC circuit 59 responds to the data from the buffer 47 as well as the data from the buffer 57 to assure that the proper digits in the proper sequence are input at the keyboard 55. An output from the IDEC circuit 59 on line 61 is required at the gate 53, along with the output from the time of day circuit 51, in order to provide access at the door 54. It should be noted that the IDEC system 59 within the terminal 13 may be used regardless of whether the memory 49 or the central processor 11 memory is used for identification number comparisons.
It will be understood by those skilled in the art that the buffer 47 does not communicate directly with the memory 49, but rather is connected to a memory control 63 which accesses data to and from the memory 49, and organizes the data in memory. This memory control 63 is connected to the keyboard 55 for programming purposes, as shown by line 65, which is connected in series with a supervisor's access circuit 67. The supervisor's access circuit 67 is connected to the buffer 47 and assures that, unless a supervisor's card has been inserted in the card reader 43, the keyboard 55 cannot be used to change the identification numbers or time zones stored in the memory 49. Thus, the keyboard 55 is connected to the IDEC circuit 59 at all times, but is connected to the memory control circuit 63 only when a supervisor's card is used. The supervisor's access module 67 is described and claimed in patent application Ser. No. 827,993, filed Aug. 26, 1977, and referred to above. Although not shown in detail in FIG. 1, it will be understood from the description in that application that the circuit 67 compares data from the buffer 47 with a register to determine whether a supervisor's card has been inserted at the card reader 43, and permits access to the write logic incorporated in the memory control 63.
As has been common in the prior art, the central processor 11 may include a memory 69 and memory control 71 as well as a keyboard 73. Thus, the central processor, by monitoring data received from the remote unit 13 and placed in the shift register 31, may be used to grant or deny access through appropriate polling signals supplied from the memory 69 to the shift register 27. While the use, in general, of such a system at the central processor 11 forms a part of the present invention, the details are well known. Thus, the programming of the memory 69 utilizing the keyboard 73 and control 71 may be substantially identical to the programming described below for the memory 49 utilizing the memory control 63 and keyboard 55 at the remote unit. Furthermore, it should be understood that, using the techniques for programming which are described below, and well known communication techniques, it is possible through the communication lines 15-21 to interconnect the keyboard 73 with the memory control 63 in a standard fashion, so that the keyboard 73 may be used to program the memory 49 in one of the remote units 13.
It will also be understood that it is common at the central processor 11 to include a printer 73, typically connected to the memory control 71, for making a permanent record of access authorizations and denials at each of the remote units 13, so that the flow of personnel throughout the security system can be monitored.
Referring to FIG. 2, the details of the memory 49, the memory control 63 as well as the real-time sensor 51 and its connections to the gate 53 and door access control 55, will be described.
The memory 49 is shown schematically in FIG. 2 to include five columns of card identification data digits and a single column of time code digits. The memory 49 stores in numerical sequence the five-digit identification numbers corresponding to the cards or badges of those personnel who are to be granted access at this remote terminal. Following each such identification number is a time code between 1 and 8 delineating the times of day when that particular individual is to be granted access. This time of day control will be understood in more detail through the description which follows.
The memory 49 is a read and write memory, or RAM memory, as is commonly used in digital circuits and is accessed by means of an address buffer 77 which forms a part of the memory control 63. A data buffer 79 is directly connected to the memory 49 and is used to access data from the memory 49 in accordance with the address 77. In the simplest utilization of the memory 49, data from the card reader buffer 47 is supplied on a line 81 to a comparator 83 which is also supplied with data from the data buffer 79. The comparator 83 is designed to provide a signal on a plus line 85 whenever the number accessed from the card reader buffer 47 is smaller than the data from buffer 79, to provide a signal on a minus line 87 whenever the data from the buffer 47 is larger than the data from the buffer 79 and to supply a signal on a zero line 89 when the data from the card reader buffer 47 is identical to the card identification data read from the data buffer 79. It will be understood that, since the time code data is not available from the buffer 47, only the card identification number portion, that is, the most-significant five digits, from the memory 49 is compared in the comparator 83. If the identification number from the buffer 47 is identical to the identification number accessed from the memory 49, indicating that the identification number from the card is present in the memory 49, a gate 93 is enabled to transfer the last four binary bits, conducted from the data buffer 79 on line 91, to the real-time sensor 51. This line 91 carries the decimal digit 1 through 8 which identifies the time code when access is to be permitted for this particular individual. The signal on line 89 enables the gate 93, indicating that the user's identification number is stored in memory.
It can be seen that the signal on line 89 is used to enable the gate 93 to access the time code data to the real-time sensor 51. Except on rare coincidences, the line 89 will not provide a signal, however, until a search for this identification number has been completed.
A search is accomplished as follows. In all cases, the address buffer 77 is initially accessed to the center location of the memory 49. This is accomplished by a shift register 95 which includes nine bit positions, eight of which are filled by consecutive zeroes and one of which is filled by a one. The binary 1 is in the most-significant bit position at the beginning of any data search. Thus, the binary number 1,0,0,0,0,0,0,0,0 is accessed on a line 97 from the shift register 95 and ORed in a gate 99 with a temporary address buffer 101 which, at the beginning of the search, stores the nine-digit binary number 0,0,0,0,0,0,0,0,0. This address is supplied to the address buffer 77 and selects the center position in the memory 49. In response to this accessing, the data buffer 79 is supplied with the center word in the memory 49, and this word is automatically compared with the identification number from the card data buffer 47. If the identification number, accessed at this central point from the memory 49, is smaller than the card identification number from the buffer 47, a signal will be produced on line 85 which will enable a gate 103 to supply the data from the address buffer 77 to the temporary address buffer 101. The temporary address buffer 101 in this instance will contain the word 1,0,0,0,0,0,0,0,0, designating the center location in memory 49. The signal on line 85 is also supplied through an OR gate 105 to a delay 107 which in turn clocks the shift register 95.
The shift register 95 is made recirculating by the connection 108, and the 1 in the most-significant bit position is thus clocked to the second most-significant bit position. If, on the other hand, the number accessed at the central location in the memory 49 is larger than the identification number from the buffer 47, a signal will be produced on line 87 which will recirculate (using gate 105 and delay 107) by one bit the shift register 95, but will not enable the gate 103. The number in the address buffer 77 will thus not be supplied to the temporary address buffer 101.
This searching routine continues so that each time that the comparator 83 produces a plus or minus output signal on line 85 or 87, the binary number in the shift register 95 is circulated by one count. The circulated number in this register 95 is ORed with the temporary address buffer 101, to change the address buffer 77 and thus address a new location in the memory. At the same time, the temporary address buffer is supplied with the additional digit from the shift register 95 only if the output from the comparator 83 indicates that the data is at a higher address location in the memory 49. Thus, the search continues, one bit at a time, in a normal binary search fashion. At each step, the next most-significant bit of the address buffer 77 is made a one if the data is at a higher address in the memory 49. Alternatively, the next most-significant bit of the address buffer 77 is made a zero if the data is at a lower address in the memory 49. This selective addressing is accomplished by either enabling or not enabling, respectively, the gate 103. Ultimately, this search process will locate the position in memory 49 at which the data from the buffer 47 should be stored, and if such data is stored in the memory 49, the data buffer 79 will store the same card identification number as is accessed on line 81, so that a zero signal will be produced on line 89 to gate the time code to the real-time sensor 51. Alternatively, if the search is completed, so that a binary one exists in the least-significant bit position of the shift register 97, this bit will be shifted on the last signal from the delay 107 to the most-significant bit position. As the one digit is thus shifted by the line 108, it is coupled by line 109 to temporarily disable a gate 111 which temporarily prohibits signals from the OR gate 105 from again actuating the shift register 95, and the search is thus terminated. This same signal on line 109 is used to clear the temporary address buffer 101.
If the search terminates without a zero signal being provided on line 89 from the comparator 83, no signals are produced which will enable the gate 93, and access will not be permitted to the card holder. Obviously, at any time during the search that a zero signal is produced, the search stops, since no signal is supplied to the OR gate 105, and access is immediately permitted if the time of day code compares favorably with the real time, as will be explained in more detail below.
The remainder of the circuitry associated with the memory control circuit 63 is utilized primarily for programming the memory 49 to add or delete identification numbers from the memory 49 or to search the memory 49 for programming purposes, so that the system user may provide access at this remote location for only selected personnel. As previously explained, a supervisor's card is utilized to provide program access, and this access supplies keyboard data from the program access control circuit 67 to a buffer 113, shown in FIG. 2. In a number of cases, the programmer will utilize the keyboard to place an identification number in the buffer 113, followed by a code indicating the operation to be conducted. Thus, for example, the programmer may place an identification number in the buffer 113 and utilize an additional keystroke to indicate that this identificationnumber is to be inserted into the memory, so that an additional employee will be granted access. Alternatively, the additional keystroke may be used to delete this number from memory or simply to search the memory for this member. In some cases, only a single keystroke is used, as, for example, when the programmer wishes to simply increment or decrement the memory address register 77.
Whenever signals are present on line 67 indicating that program access control has been granted, a line 115 coupled to line 67 enables a display 117, the first five digits of which, that is, the identification number digits of which, are provided by the buffer 113. The last digit, reserved for the time code digit from the memory 49, is supplied by the line 91 to the display 117. Thus, the programmer can see the identification number that the keys into the buffer 113, but his last keystroke which indicates the operation he wishes to perform, will not operate the display 117. Rather, the last keystroke will begin a search or other operation which will result in data being placed in the data buffer 79. Ultimately, the last digit of the display 117 will indicate the results of the search or other step by displaying the last digit from the data buffer 79.
The identification number from the buffer 113 is coupled by a line 119 to the comparator 83, while the least-significant bit is coupled by a line 121 to a plurality of comparators. If the least-significant keystroke identifies a memory address incrementing step, data identical to the keystroke is supplied by a buffer 123 so that a comparator 125 supplies a signal on line 127 to an adder 129 which adds unity from a register 131 to the current value of the address buffer 77, as supplied on line 133, and supplies the sum back to the address buffer 77 on line 135. Thus, each time that this keystroke is entered, the address in register 77 is incremented by one location, as required by the programmer. In a similar fashion, a decrementing keystroke will compare favorably in a comparator 137 with data from a buffer 139 to provide a signal on line 141 to add a minus one in a buffer 143 to the value in the address buffer 77, as accessed on line 145, so that an adder 147 provides on line 149 a decremented address, permitting the programmer to decrement the memory location address in register 77 for programming purposes.
If the programmer utilizes a keystroke which requires a search of the memory 69, after first introducing an identification number into the buffer 113, a search routine will be implemented which will search the memory 49 to determine whether the identification number in the buffer 113 exists in the memory 49 and, if so, during what time zones that individual is allowed access. This is accomplished by first comparing the keystroke data with a search keystroke indication in a buffer 151, so that a comparator 153 provides a signal on line 155 to enable a gate 157 which supplies the identification number from the buffer 113 to the comparator 83. The comparator 83 then initiates a search routine in a binary fashion, as previously described, to ultimately provide on lines 91 the decimal digit indicating the time access code for this particular identification number, which time access code will be displayed on the display 117 along with the identification number which was searched. If the identification number is not in the memory 49, a zero output signal on line 89 will not be produced by the comparator 83, and the gate 93 will not be enabled. Thus, no display will appear in the least-significant bit position of the display 117. Alternatively, the system could be designed to provide a zero in the least-significant bit position of the display 117 if the searched identification number is not present in the memory 49.
If, as the least-significant bit after the insertion of an identification number in the buffer 113, the programmer depresses a key which provides an instruction to insert this identification number as a new or additional identification number in the memory 49, a comparator 159 will provide an output signal because of identity between the keystroke data and data from a buffer 161, the signal being provided from the comparator 159 on line 163 to initiate the operation of a counter 165. This operation is initiated by placing the pulse on the clocking input 167 of the counter 165 so that the counter counts to its first position, placing an output signal on a 1 count line 169. When a signal is present on line 169, a comparator 171 compares a delimiter register 173 with a register 175 which stores a count equivalent to the last storage location in the memory 49. The delimiter register 173, as will be understood through the following description, is continuously updated so that it stores a number equal to the number of words stored in the memory 49. When the number in the delimiter register 173 is equal to the number stored in the register 175, this is an indication that the memory 49 is full and the comparator 171 will produce a signal on line 177 to energize a front panel display 179 indicating to the programmer that the memory is full, and that no additional identification numbers should be inserted without first deleting some identification numbers. Furthermore, the full memory indication is not connected to clock the counter 165, so the insert routine will not continue.
If the memory 49 is not full, the comparator 171 will produce a signal on line 181 indicating that the registers 173 and 175 did not store equal numbers. This signal on line 181 is used for clocking the counter 165 to its second count position, producing a signal on line 183. The programmer will have been told that, prior to an insert operation, a search operation should be conducted using the comparator 153 so that, at the time the insert operation is conducted, the address buffer 77 will be addressing the memory 49 at a location immediately preceding or immediately following the location where the new identification number should be inserted. At the end of the search routine, the comparator 83 will provide a plus signal on line 85 if the new data word should immediately precede the present location of the address buffer 77 or a minus signal if it should immediately follow this word. During the insert routine, the output lines of the comparator 83 are checked at the second clock position by ANDing the line 183 in gates 185 and 187 with the minus line 87 and plus line 85, respectively, from the comparator 83. If the minus line 87 contains a logic signal, the AND gate 185 produces an output signal on line 189 to again clock the counter 165 to produce an output signal on its 3-count line 191. If, on the other hand, the plus line 85 is at a positive level, the AND gate 187 will provide a signal on line 193 to a buffer 195 enabling that buffer 195 to input on a plurality of lines 197 to the counter 165 a 6-count, so that the counter 165 will jump from its 2-count position to its 6-count position. This latter step is necessary so that if the new data word is to be stored at the next data position in memory 49 (a plus signal on line 85), a routine will be implemented which skips a data position in the memory 49. If, on the other hand, the present data position where the address buffer 77 presently points is not to be skipped (since the new data word is to go at this present position), the next series of steps between count 2 and count 6 of the counter 165 are used for removing and temporarily storing the presently addressed word from the memory 49, as will be seen from a description of these steps.
When the signal on line 189 clocks the counter 165 to its three count, the signal on line 191 enables a gate 194 so that data from the data buffer 79 is accessed in parallel to a temporary storage buffer 196. This step is used to save the identification number in the current memory location. It will be seen as this description follows that the current memory location is stored in the next lower memory location, while the word from that lower position is, in turn, stored in the next succeeding lower position. Thus, when a new word is placed in memory 49, the counter 165 is used to sequence a repeating routine which shifts the remaining data in the memory 49 toward the bottom of the memory 49 by one step, making room at the proper location in numerical order for the newly added data word.
Once the current identification number has been stored in the temporary register 196, a delay 198 connected to the line 191 is used to clock the counter 165 to its 4-count position. This 4-count position provides a signal on line 201 which enables a gate 203 connecting the buffer 113 to write logic 205 associated with the memory 49. Thus, at count 4, the data previously stored in the current memory location is automatically erased and the new identification number is written in this storage location. A delay circuit 207 connected to the line 201 is used to again clock the counter 165 at the completion of this writing operation so that the counter produces a 5-count output on line 211 which accesses the data word from the temporary buffer 196 into the buffer 113, erasing the number previously stored in the buffer 113, by enabling a gate 213 interconnecting these buffers. This places the number previously stored in the memory 49 (which was removed to make room for the new word) into the buffer 113, so that, on the next circulation of the counter 165, it can be written into the next successive location in the memory 49.
A delay 215 connected to line 211 clocks the counter 165 after the data has been accessed into the buffer 113 and the counter 165 then provides a 6-count output on line 217 which is connected to line 127 to increment the addressed location in the memory 49 as previously described. The line 217 is additionally connected through a delay 219 to clock the counter 165 to its seventh and final output position. It will be recognized that, at the sixth count position, the signal on line 217 incremented the memory 49 location so that the next successive memory word is being accessed. This memory word should be larger than the word currently in the buffer 113, unless we have reached the end of the data in the memory 49, in which case the new word would be 0,0,0,0 and thus smaller than the word stored presently in the buffer 113. Thus, the signals on lines 85 and 87 can be utilized to determine whether the insert routine should stop. The signal on line 221, indicating count 7, is ANDed with the signal on line 85 in AND gate 223 and with the signal on line 87 in AND gate 225. If the AND gate 223 produces an output signal, this signal is connected to an incrementing circuit 227 which is, in turn, connected to increment the delimiting register 173 adding one count to this register. If, on the other hand, the memory transfer operation has not been completed, the output signal from gate 225 will be used, through a delay 229, to clock the counter 165 back to its 3-count position by utilizing a 3-count register 231 to place a count of three in the counter 165. Thus, the sequence continuously loops through counts 3 through 7 until each of the words in the memory 49 has been shifted down one count, and the delimiter register 173 has been incremented. This entire insert routine is shown in the flow chart of FIG. 3. It can be seen from that fow chart that each element of memory data is shifted toward the end of the memory by one position to make room for the new element. The delimiter is then incremented and the process comes to a stop.
A similar process is generated by a keyboard keystroke which provides on line 121 a delete signal which compares favorably with a delete word stored in a buffer 233. This sequence is shown in the flow chart of FIG. 4 and can be followed there as well as in the schematic diagram of FIG. 2. Signals from the comparator 235 connected to the buffer 233 indicate that a keystroke demanding a data element deletion from the memory 49 has been made. This signal on line 237 is used to provide the initial input to a counter 245 used to sequence the deletion process. During the data deletion process, it is desired to delete the element of data located during a search operation and to shift all of the remaining data within the memory 49 to close the gap. Thus, the remaining data in the memory 49 must be moved up in the memory by one data position, and the delimiter 173 must be decremented by one count.
This is accomplished by utilizing the signal on 237 to initially increment the address buffer 77 by providing a signal on line 127. A delay 239 is used to assure that this incrementing has been accomplished, and then provides a signal on line 241 to enable a buffer 243 storing a 2-count to input this 2-count into the counter 245 used for sequencing the deletion process. In response to the 2-count from the buffer 243, the counter 245 provides a 2-count output on line 247 which reads the data word at the incremented location into the temporary buffer 196 by enabling gate 194. In addition, through a delay 249, the signal 247 increments the counter 245 at its clocking input 251. The counter 245 then provides a 3-count output on line 253 which is connected to line 141 to decrement the address in the buffer 77. Line 253 is additionally connected through a delay 255 to clock the counter 245 to a 4-count position producing a signal on line 257. This signal is used to enable gates 213 and 203 to access the data from the temporary buffer 195 to the write logic 205. This logic 205 then writes the word in the temporary buffer 195 into the memory location addressed by the buffer 77 in the memory 49. The signal on line 257, in addition, provides a delayed output from a delay circuit 259 to clock the counter 245 to its 5-count position which provides a signal on line 261. Line 261 is connected to the line 127 to increment the address buffer 77. This signal is also delayed in a delay circuit 263 to provide an additional clocking input to the counter 245. In response to this additional clocking input, the counter 245 provide a 1 output on line 267 which is connected to line 127 to increment the address buffer 77 a second time, and is additionally ANDed in gates 269 and 271 with the plus signal 85 and minus signal 87. If a minus signal 87 is present, the end of search has been reached and the delimiter register is decremented by decrementer 272. If a plus signal is present, the gate 269 provides, through a delay 273, a clocking input to the counter 245 to repeat the data shifting process on the next data word. It can thus be seen that the counter 245 is used to sequence a repeating cycle of steps which are used as a looping function to shift all of the data words in the memory one step toward the beginning of the memory in order to close the gap in the memory which results from deleting a data word therefrom. The flow chart of FIG. 4 diagrams this process utilizing element numbers from the schematic of FIG. 2.
When, in the course of a searching operation, an identification number is located, it was explained previously that the data buffer 79 provides, through gate 93, a 4-bit output indicating the time of day when access is to be provided for the person having this identification number. This number is accessed by the real-time sensor 51 which, as shown in FIG. 2, includes three separate clocks, 301, 303, and 305, each of which can provide the closure of switch in response to a particular time of day setting. Thus, for example, the clock 301 may be set to provide a switch closure from 8:00 A.M. to 5:00 P.M., the clock 303 from 5:00 P.M. to midnight, and the clock 305 from midnight to 8:00 A.M. These three clock switches are accessed to a comparator 307 which is, in turn, provided with signals from the gate 93. If the signals from gate 93 conform to the switch closures from the clocks 301 through 305, access is permitted by placing a signal from the comparator 307 on line 309 to gate 53. In a typical arrangement, the comparator 307 will provide an output signal on line 309 if any one of the clock 301-305 is providing a switch closure and the signal from gate 93 has a 1-bit on the corresponding line indicating that this employee is to be provided access at the time of day indicated by this switch closure. It can be seen that by setting the clocks 301-305 and by giving a particular employee access at combinations of times from 1, 2, or 3 of these clocks, total flexibility in timing control can be achieved. Furthermore, by providing a time code on the fourth line from the gate 93, the comparator 307 can be made to provide an output signal on line 309 at any time of day, irrespective of the condition of the clocks 301 through 305, so that, for example, supervisory personnel can be granted access at all times.
Referring once again to FIG. 1, it bears repeating that the remote terminal 13 of the present invention will operate utilizing its own memory 49 and memory control 63 in the manner described. Alternatively, this same remote unit can be utilized by accessing data directly from the buffer 47 through the degraded mode sensor 42, shown in FIG. 1, and comparable so that described in patent application Ser. No. 830,002, filed Sept. 1, 1977, and referenced above. This degraded mode sensor 42 will limit access at this remote terminal in accordance with data stored in the memory 69 in the main processing unit 11 until such time as the communication lines are degraded. At that time, the memory 49 and its memory control 63 will be utilized for limiting access. It can be seen, therefore, that the terminal 13 of the present invention can be used either as a stand-alone terminal by bypassing the degraded mode sensor 42, or may be used as a remote terminal with a central processor system 11, utilizing the degraded mode sensor 42 to impose stand-alone operation only if data lines are degraded.
The present invention permits the same data to be stored in the memory 69 and the memory 49 so that, even during degraded mode operation, although one of the printer 75 may be lost (so that personnel flow data is no longer available), nevertheless the same limited number of personnel may be granted access at this remote location, so that security is not degraded.
The preceding embodiment described in reference to FIGS. 1 through 4 is illustrative of a hardwired circuit for performing the functions of the present invention. In the preferred embodiment, the functions of the remote units 13 are performed by a microprocessor, as illustrated in FIG. 5. This microprocessor includes a central processing unit 401, such as a Motorola 6800, which is connected with a memory unit 403, such as an AMI Model SF101. In addition, a scratch pad memory 405 can provided, such as a Motorola 6810. The central processing unit 401 is also connected to a read only memory 407 in a typical fashion to store the control steps for the central processing unit.
As is typical, the central processing unit 401 interfaces with a communication interface unit, such as a Motorola 6850, 409, for communicating with the central processor 11, and may interfere, in addition, with the card sensor 43 and real-time sensor 51, similar to those shown in FIG. 1. A peripheral interface adapter 411, such as a Motorola 6820, is used to connect the central processing unit 401 to the door access control 54, such as a door strike. The keyboard 55 of FIG. 1 may also be connected to the central processing unit 401 through the main data and control bus 413.
It will be recognized by those skilled in the art that the data processing unit, shown in FIG. 5, is typical of many other similar data processing units. What makes this processing unit unique is a program stored in the read-only memory 407 for controlling the operation of the central processing unit 401. This program, written for the Motorola 6800, is as follows: ##SPC1## ##SPC2## ##SPC3## ##SPC4## ##SPC5## ##SPC6## ##SPC7## ##SPC8##
Claims
  • 1. A security access system, comprising:
  • a central processor, comprising:
  • a programmable memory storing data specifying personnel access at plural remote terminals; and
  • means for communicating with said plural remote terminals; and
  • plural remote terminals connected by said communicating means with said central processor, each comprising:
  • a programmable memory within said terminal storing data specifying personnel access for said remote terminal; and
  • means within said terminal for providing selective, programmable access at a remote location in response to either said central processor memory data or said remote terminal memory data.
  • 2. A security access system, as defined in claim 1, wherein said remote terminal additionally comprises:
  • means for programming said memory for storing different personnel access data in an ordered stack comprising:
  • means for deleting individual access data from said stack;
  • means for compressing said stack whenever said stack comprises memory locations from which access data has been deleted; and
  • means for maintaining the order of said stack.
  • 3. A security access system, as defined in claim 1, wherein said remote terminal additionally comprises:
  • means for storing data specifying times of day for access for said same personnel; and
  • means for comparing said stored time of day data with real time to provide selective access.
  • 4. A security access system, as defined in claim 3, wherein said means storing time of day access data is programmable.
  • 5. A security access system, as defined in claim 4, wherein said comparing means comprises plural real-time clocks, each of which is independently setable to provide access at different times of day.
  • 6. A security access system, as defined in claim 1, wherein said remote terminal means for providing access at a remote location in response to either said central processor memory data or said remote terminal memory data comprises means for determining the integrity of communication lines with said central processor and for providing access in response to said remote terminal memory data if said communication lines are faulty.
  • 7. A security access system, as defined in claim 1, wherein said remote terminal additionally comprises:
  • keyboard means;
  • means connecting said keyboard means to program said memory; and
  • means connected to said keyboard means and said memory for providing selective access at said remote location in response to data entered on said keyboard means by personnel requesting access.
  • 8. A security access system, as defined in claim 7, wherein said data entered on said keyboard means for providing access is a predetermined permutation and combination of data stored in said memory.
US Referenced Citations (7)
Number Name Date Kind
3781805 O'Neal, Jr. Dec 1973
3848229 Perron et al. Nov 1974
3859634 Perron et al. Jan 1975
3866173 Moorman et al. Feb 1975
3959633 Lawrence et al. May 1976
4025760 Trenkamp May 1977
4097727 Ulch Jun 1978