Traditional access control credentials require authentication against a backend and have no mechanism to work offline. Also, traditional credentials such as badges typically have a photo to identify the credential holder. The forgery of the outward appearance of a credential to the extent that it will pass a visual inspection is easily possible, even when modern anti-forgery techniques are employed. This disclosure describes techniques that extend security credentials to provide secure, authenticated, offline access. An authorized person can validate a badge or other credential by tapping it against an authenticated credential reader. Data on the credential is containerized such that specific data objects are accessible by specific classes of credential readers. For example, a credential reader operated by a security officer may have access to name, image, and emergency contact information stored on the credential while a credential reader operated by a receptionist can have access to only the name and image.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Mercer, David; Paik, Steve; and Hewit, Ross, "Data Object Extensions for Access Control Credentials", Technical Disclosure Commons, (August 30, 2021)