Abstract: A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Abstract: A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Abstract: A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Abstract: A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Abstract: A method of operation triggers an alert when cameras or sensors determine an action e.g. entry into or occupancy of a reserved region. The system transmits a caution to the pilgrim to present a credential or affirm proper attire and safety equipage upon entry into the penumbra of the reserved region. Within the penumbra, a pilgrim may preempt the access control challenge or alert by presenting his credential or by signally his intention to enter the reserved region. A process of the surveillance and security system includes recording all entries and occupancy of reserved areas but suppressing alarms and alerts on the condition that a credential bearer is within the geo-fenced region. A reserved area has both umbra and penumbra regions with various effects of entry, occupancy, and presentation of credentials. Receiving a presented credential causes alerts to be preempted in the penumbra and to be unfaulted in the umbra.

Abstract: A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Abstract: A physical access control system triggers an alert when cameras or sensors determine an action e.g. entry into or occupancy of a reserved region. The system may caution the pilgrim to present a credential or affirm proper attire and safety equipage upon entry into the penumbra of the reserved region. Within the penumbra, a pilgrim may preempt the access control challenge or alert by presenting his credential or by signally his intention to enter the reserved region. A surveillance and security system records all entries and occupancy of reserved areas but suppresses alarms and alerts on the condition that a credential bearer is within the geo-fenced region. A reserved area has both umbra and penumbra regions with various effects of entry, occupancy, and presentation of credentials. Alerts can be preempted in the penumbra and unfaulted in the umbra by presentation of a credential.

Abstract: For each area of a service subscriber, an occupancy control server maintains an access control list and a census of authorized occupants within the area. The server receives a query from a mobile security device, checks for access control permission, and transmits an updated census of authorized occupants to each authorized occupant in the area. Each occupant transmits its identification indicia and responds to requests. Each occupant demands an encrypted credential from a responding mobile security device not found in the most recently updated list and relays it to the occupancy control server for validation.

Abstract: A wireless apparatus controls physical access through a portal by forward verification of a single origin code submitted by a mobile application device. A system forward verifies a single physical access control code upon each successful physical access request. The apparatus sets a flag that triggers an action when a single origin code is received out of sequence. The controller receives a plurality of physical access requests from a plurality of mobile application devices. The controller determines for each mobile application device a sequence of access requests comprising at least a first access request and a second access request. Upon authenticating the first access request, the controller writes into storage a forward verification code specific to an immediately subsequent second access request from the same app device. Upon receiving a successor, the controller performs an authentication process by matching the stored forward verification code associated with the predecessor.

Abstract: A wireless apparatus controls physical access through a portal by forward verification of one-time-use codes submitted by a mobile application device. A system forward verifies a single physical access control code upon each successful physical access request. The apparatus sets a flag that triggers an action when a one-time-use code is received out of sequence. The controller receives a plurality of physical access requests from a plurality of mobile application devices. The controller determines for each mobile application device a sequence of access requests comprising at least a first access request and a second access request. Upon authenticating the first access request, the controller writes into storage a forward verification code specific to an immediately subsequent second access request from the same app device. Upon receiving a successor, the controller performs an authentication process by matching the stored forward verification code associated with the predecessor.