DESC:FIELD OF INVENTION

[01] The present invention generally relates to a system and method for preventing unauthorised access to electronic and electrical equipment, appliances and instruments and more particularly to an advanced system for controlling power supply to electronic and electrical equipment, appliances and instruments to prevent unauthorised access to said electrical equipment, appliances and instruments and method therefor.

BACKGROUND OF INVENTION

[02] Electrical, Mechanical and Electronic equipment, systems, machinery, vehicles, appliances and instruments, etc. (herein after collectively referred to as “asset”) are meant for public usage or meant for use within an organisation, for example in a research facility or a laboratory, industries, government facilities, etc. They are accessed by a large number of people on a daily basis. In India and other developing economies, industrial equipment is shared between business establishments. This sharing also gives rise to scenarios where liability is unable to be fixed on the person or establishment which caused damage to the equipment or machinery. These instruments are often costly and require to be operated with care and sensitivity.

[03] Given the open access to these assets, it is observed that people who do not possess the requisite skill and proficiency in handling and operating them often cause damage to the assets. This causes inconveniences to other users. The down time caused by such damage causes a financial strain on the owner of the assets and may also require them to incur additional expenses in repair and maintenance.

[04] Furthermore, there is a need felt to monitor and track the activities of the users so that the assets availability for other users is optimised and responsibility may be fixed on the specific user who’s mishandling has caused the assets to malfunction.

[05] In above mentioned scenarios, the owner/management has to invest in administrative staff to monitor the usage and prevent unauthorised users from operating and handling the assets. This situation arises especially in publically funded educational institutions and universities where students and researchers operate the assets without adequate authorisation or training. Once damage has been identified in the instruments, it becomes difficult to identify the user who causes the damage due to incorrect handling of said assets.

[06] Conventional methods of screening and tracking users is inefficient and is prone to human error, whilst also involving costs in hiring and maintaining manpower for the same. Tracking has to be performed manually by maintaining physical registers of users and timestamps are likewise maintained. Long term maintenance of these records in themselves a significant challenge when performed manually. There is a severe need for an automated system and method for preventing unauthorised access to assets which can be advantageously deployed in any setup regardless of the nature and application of the asset.

OBJECT OF INVENTION

[07] It is an objective of the present invention to provide a system and method to overcome the aforementioned shortcomings.

[08] It is yet another objective of the present invention to provide a system and method which eliminates the need for manual authorisation and tracking of the users of an asset.

[09] It is an objective of the present invention to provide a system and method to prevent unauthorised use of assets as well as prevent the assets from power surge and voltage fluctuation related damage.

[10] It is another objective of the present invention to provide a system and method for tracking and reporting authorised as well as unauthorised use of the assets.

[11] Yet another objective of the invention is to provide a system and method which controls the power supply to the assets thereby preventing the unauthorised user from turning On/Off the asset and mishandling it.

[12] It is a further objective of the present invention to sensing, gather data, store, and process, analyse and communicate the data so generated.

[13] It is a further objective of the present invention to provide a system and method for smart utilisation of assets in above mentioned fields for productivity improvement, optimum & secured use of assets, which is efficient, simple, robust, cost effective and easy to manufacture, package, deploy and maintain.

SUMMARY OF INVENTION

[14] In light of the aforesaid objectives, the present invention provides an automated system and method for preventing unauthorised access to assets which can be advantageously deployed in any setup regardless of the nature and application of the asset. The invention helps address the shortcomings of the traditional systems and methods by controlling the power supply to the asset and establishing an Information Technology infrastructure which streamlines communication between the various authorities’ charged with monitoring and managing the use of the assets to increase overall efficiency. Other features include but are not limited to preventing power surge and voltage fluctuations from damaging the assets and presenting detailed data points regarding the time of use by authorised or unauthorised users.

[15] A non-limiting embodiment is described herein in summary. An asset power management device comprising at least a microcontroller; a memory module being configured to store database comprising at least user profile, biometric profile, authorisation and restriction events, session data etc; a communications module; capable of wired and wireless communication; an authentication module; a relay module; where the microcontroller programmed to execute an authorisation verification protocol accepts inputs through the authentication module to execute the authorisation verification protocol and changes the state of the relay module to “ON” if the user seeking access is authorised to operate the asset and allows power supply to the asset. The microcontroller executing the authorisation verification protocol, activates at least an alarm module, generates at least a notification on at least a display module when the user is found to be unauthorised to access the asset. The authorisation verification protocol comprises at least one user profile being defined by at least one parameter including user name, user credentials, authorisation status, usage restrictions and; at least one database of authorised users, user credentials and usage restriction. The microcontroller programmed with the authorisation verification protocol performs a verification based on matching of the input from the authentication module with the user credentials stored in the database in the memory module. The microcontroller executing the authorisation verification protocol, logs and stores data including asset type, asset location, asset admin, asset health, asset failure event, user data, session data, total usage time, in the memory module and keeps the data available for data analysis and reporting through the communication module. The authentication module is preferably not but necessarily a biometric authentication based system or radio frequency identification (RFID) system or a quick response (QR) code based system or a password based system or a pin code based system or a combination thereof. The device is powered through an AC/DC adaptor which charges an internal battery although a setup without an internal batters just as well serves the purpose.

[16] The user inputs data into the device through at least keypad module or through a network enabled computing means through a communication module or through a combination thereof. The relay module is protected by a fuse to prevent the relay module from damage due to overload.

[17] The authorisation verification protocol comprised of a step of defining, adding and authorising a user as administrator which includes assigning an asset to the asset power management device and updating the database, creating an administrator profile and updating database, setting up the RTC and updating values in the database, initialising display module and authentication module, adding user as administrator and updating database, accepting and storing administrator’s credentials including biometric profile, password, pin code or a combination thereof, assigning ID to administrators credentials and updating database, linking administrator’s credential profile to his user profile and updating database. Another step is that of defining adding and authorising a user as new user which includes verifying administrator’s credentials, adding new user details, accepting and storing new user credentials including biometric profile, password, pin code or a combination thereof, assigning ID to new users credentials and updating database, linking new user’s credential profile to his user profile and updating database. The actual authorisation is performed by seeking authentication from user of asset comprising, accepting user credentials through the authentication module, matching accepted user credentials with the credential profiles in the database, denying access if matching is unsuccessful, fetching user profile from database and checking for authorisation, changing relay module state to “ON” if authorisation is valid, rejecting access if authorisation is invalid, switching relay module state to “OFF” if previously “ON”

[18] The interface of the system is simple effective, precise and robust. The system also enables its Administrator to be able to carry out analytics and track the user’s interaction pattern. The data set may then be used to analyse and identify actionable intelligence and spot and highlight trends.

[19] The system makes it easier and faster to maintain log records and exporting the records for further analysis. Frequency of use, time of use, duration of use, usage trends on various days of the week etc. can also be ascertained through the data generated by the system.

SHORT DESCRIPTION OF FIGURES

[20] Figure 1 is a block diagram of the asset power management device as per one embodiment of the invention.

[21] Figure 2A is an isometric view of an outer casing in which an asset power management device is housed.

[22] Figure 2B is an isometric view of the outer casing in which an asset power management device is housed.

[23] Figure 3A is a flowchart describing one embodiment of the invention for setting up Super User Profile and granting Administrator access through the authorisation verification protocol (300).

[24] Figure 3B is a flowchart describing one embodiment of the invention for setting up new user profile and granting access authorisation through the authorisation verification protocol (300).

[25] Figure 3C is a flowchart describing one embodiment of the invention for performing user authentication through the authorisation verification protocol (300).

DETAILED DESCRIPTION

[26] Description of one preferred but non-limiting embodiment of the present invention will now follow with reference to the above drawings.

[27] Figure 1 is a block diagram of an asset power management device 100 and its manipulation of the power supply to the asset 180 as per one embodiment of the invention. Figure 2A and 2B are isometric views of the casing in which the asset power management device 100 are housed. Figures 3A to 3C are the flow charts describing the authorisation verification protocol 300 (hereinafter referred to as “the protocol”) being administered by the device 100, as per one non - limiting embodiment of the invention.

[28] Referring to Figure 1, the asset power management device 100 (hereinafter referred to as “the device”) comprises of a microcontroller 125 which accepts inputs from the user through at least the Authentication module 130, Keypad module 160, communication module 150, RTC module 165 etc. The microcontroller is functionally connected to a display module 135, an alarm module 140, a memory module 145 and a relay module 115. The device 100 is powered by an AC/DC adopter 175 connected to a power source. The adaptor 175 charges an internal battery 170 and powers all the components in the circuit.

[29] The device 100 is an intermediary between the input power supply 105 powering the asset 180. A fuse 110 is provided between the input power 105 and the relay module to prevent the asset 180 and the device 100 from being subjected to damage due to overload. Power flows from the input power 105 to the fuse 110 into the relay 115. Depending on the state of the relay module 115, the output power is supplied to the asset 180. The relay module 115 operates in an “ON” state where it produces an output power 120 or an “OFF” state where it does not produce any output power 120. The device 100 therefore controls the power supply to the asset 180 in a smart manner.

[30] A user interacts with the device 100 through the authentication module 130 by providing user credentials preferably in the form of a biometric signature for verification and authentication. If the user is found to be authorised to operate the asset 180, the device 100 produces output power 120 and the asset 180 is powered. In the alternative, if the user is found to be unauthorised, the device 100 does not produce any output power 120 and the asset 180 is not powered on. In this scenario, the device generates an alarm sound through the alarm module 140, a display notification through the display module 135 and a communication through the communication module or a combination thereof to notify the user and the administrator of the unauthorised access. The display module 135 is preferably a 16 x 2 LCD display but a display known in the art with higher resolution may also be deployed.

[31] The authentication module 130 in the instant embodiment is an optical bio-metric fingerprint reader/sensor (R305) module with TTL UART interface for direct connections to a microcontroller UART. This module can directly interface with any 3.3V or 5V microcontroller. A suitable level converter or serial adapter is additionally provided for interfacing it with the serial port of an external computing device such as a Laptop computer.

[32] The memory module 145, is preferably an SD card read write module known in the art, which is configured to store all data essential and incidental to the functioning of the device 100. This data includes data relating to an authorisation verification protocol 300 such as database of user profile, administrator profile, administrator credentials, user credentials, device usage log, device timer log, device power on time, device power down time and other data necessary for the functioning of the device and also records a complete log of the session data etc. The microcontroller 125 is programmed with the authorisation verification protocol 300 which operated the device 100. This protocol 300 is described in greater detail with reference to relevant figures hereinafter.

[33] The RTC module 165 is an easily available real time clock known in the art configured to keep time and maintain time log for the various operations and functions of the device 100 and the protocol 300. The RTC module 165 is preferably low power based on DS1307 serial real-time clock (RTC) full binary-coded decimal (BCD) clock/calendar plus 56 bytes of NV SRAM. Address and data are transferred serially through an I2C bidirectional bus. The clock/calendar provides seconds, minutes, hours, day, date, month, and year information. The end of the month date is automatically adjusted for months with fewer than 31 days, including corrections for leap year. The clock operates in either the 24-hour or 12-hour format with AM/PM indicator. The DS1307 has a built-in power-sense circuit that detects power failures and automatically switches to the backup supply without disruption in its time keeping.

[34] There is further provided an emergency input module 155 which is preferably an RFID based trigger system well known in the art. The emergency module 155 by-passes the authentication module 130 to change the state of the relay module 115 in cases of emergency without the need for user verification and authentication. For example, the authorised user may be provided with an RFID card which is programmed to change the state of the relay module 115 from ON or OFF when it is brought into close contact with the device 100. Alternative the administrator may be provided with a password or a pin code combination which when entered through either through the Communication module 150 or through the Keypad module 160 enables her to override the protocol 300 in cases of emergency.

[35] The RFID module directly connects to any microcontroller UART or through a RS232 converter to a computer. It preferably capable of working with any 125 KHz RFID tags placed up to a distance of 10cm. The RFID module works on 5 Volts DC supply, draws less than 50mA and has an operating Frequency is 125Khz.

[36] The Communication module 150 is preferably wireless communication module for example a Global System for Mobile Communication (GSM) module comprising of a SIM card slot and an Antenna working in a supply voltage range of 3.4 ~ 4.4V. The GSM module works on a quad-band 850/900/1800/1900 MHz. Has GPRS multi-slot class 12/10. GPRS mobile station class B. Compliant to GSM phase 2/2+ Class 4 (2 W at 850/900MHz) and is controlled via AT commands in a manner known in the art. In another embodiment the communication module 150 can is advantageously a wired module preferably a USB type standard capable of being connected to an external computing device.

[37] The relay module 115 is one known in the art and is capable of being operated by the micro-controller 125 and is capable of operating on both single phase and three phase input power 105. All the components of the device 100 are preferably arranged on to a printed circuit board.

[38] Figures 2A and 2B shows a non-limiting embodiment of a casing 200 inside which the device 100 is housed. In the casing, an opening 210 provide with an adequate means to secure a display module 135. The casing 200 is provided with an opening 230 on one side to allow for the AC/DC power adaptor 175. The casing 200 is also provided with an opening 240 and adequate means to secure an authentication module 130 which in this embodiment is an optical biometric scanner capable of reading fingerprints. The casing 200 is formed by sinking the surface deeper so as to provide mounting space for the Keypad module 160 and adequate securing means are provided. Yet another opening 220 is provided on the top surface which houses a removable memory module 145.

[39] The authorisation verification protocol 300 is now described with reference to Figures 3A, 3B and 3C. Figure 3A is a flowchart describing one embodiment of the invention for setting up User Profiles and granting Administrator access to the authorisation verification protocol (300). All inputs may either be given through the communication module 150 or the keypad module 160 by the user. When the protocol 300 is run in step 305, the user is required to assign the device 100 to a specified asset and enter details relating to the asset including details such as nature of asset, technical specification, owner, made, build, model, year etc in step 307. In Step 309 the setup requests the user to create an administrator profile which has super user access. Upon having created a user profile for the administrator, the protocol accepts time date and calendar details and sets up the RTC module 165 and updates the values so configured in the database. The protocol 300 then initialises the display module 135 and the authentication module 130 in step 315 and proceeds to add administrator profile to the user profile database in step 317.

[40] In step 319 the protocol requests the administrator to perform a biometric scan to create an biometric profile of the user through the authentication module 130 and in step 312 when the scan is successful it assigns an identifier (ID) to the biometric profile and saves the data to the database in the memory module 145 in step 323. Instep 325 the biometric profile is linked to the administrator’s user profile and proceeds to display a confirmation message in step 327. This concludes the setup process.

[41] Figure 3B is a flowchart describing one embodiment of the invention for setting up new user profile and granting access authorisation through the authorisation verification protocol (300). In Step 329 the protocol initiates the process and performs Administrator biometric verification in step 331. If successful the protocol requests details of new user in step 339. Alternatively, if unsuccessful the device displays an error notification in step 335 and terminates the process in step 337.

[42] New User on boarding begins at step 339 and a user profile is created and stored in the database. In step 341 the device requests the new user to scan her fingerprints to create a biometric profile of this user. In step 343 a check to verify the scan is performed and if failure is registered, step 341 is performed again till success is achieved. In step 345 after the scan is successful it assigns an identifier (ID) to the biometric profile and saves the data to the database in the memory module 145. Instep 347 the biometric profile is linked to the newly created user profile and proceeds to display a confirmation message in step 349. This concludes the setting up of new user profile and granting access authorisation.

[43] Figure 3C is a flowchart describing one embodiment of the invention for performing user authentication through the authorisation verification protocol (300). The process is initiated at step 351 after which point in step 353 the device seeks authentication of the user seeking access to the asset 180. In Step 355 the users biometric signature is acquired through the authentication module 130 and proceeded to match with the biometric profiles in the database in step 357. In step 359, if a successful match is found, the process moves to step 361 wherein the linked user profile is fetched and in step 363 specific authorisation to access that asset 180 is checked. If the user is found to be unauthorised, an error notification is communicated in step 367 along with a “No Match. Try Again” message displayed on the display module 135. Instep 371 the status of the stat of the relay module is checked and relay module is set to “OFF” state if it was found to be in “ON” state. Alternatively, if in step 365, the user is found to be authorised, in step 373 the relay module’s state is changed to ON and output power 120 is supplied to the asset 180. Relay On message is displayed on the display module 135. In step 375 the process is terminated.

[44] A detailed log of each of the steps and events in the entire process is maintained by the device in the database in the memory module 145 which is maintained in an accessible manner for storage, reporting and subsequent analysis to identify actionable intelligence and trends. The device is capable of being programmed with updates and bug fixes through the communication module 150. Such enhancements are essentially in the nature of minor improvements to the ease of use and access and may be given effect either wirelessly or through wired connection.

[45] The embodiments discussed herein is non-limiting. It will be understood by those skilled in the art that one or more aspects of this invention can meet certain objectives, while one or more other aspects can lead to certain other objectives. Other objects, features, benefits and advantages of the present invention will be apparent in this Summary and descriptions of the disclosed embodiment, and will be readily apparent to those skilled in the art. Such objects, features, benefits and advantages will be apparent from the above as taken in conjunction with the accompanying figures and all reasonable inferences to be drawn therefrom. It is may be noted that from the above described embodiment, possible changes and modifications will become evident to a person skilled in the art. All such modifications and changes are within the scope of this invention.
,CLAIMS:WE CLAIM

1. An asset power management device (100) comprising
a microcontroller (125);
a memory module (145) being configured to store database comprising at least user profile, biometric profile, authorisation and restriction events and session data;
a communications module (150) capable of wired and wireless communication;
an authentication module (130);
a relay module (115);
wherein the microcontroller (125) programmed to execute an authorisation verification protocol (300) accepts input through at least the authentication module (130) to execute the authorisation verification protocol (300) and changes the state of the relay module (115) to “ON” if a user seeking access is authorised to operate the asset (180).

2. An asset power management device (100) as claimed in claim 1 wherein the microcontroller (125) executing the authorisation verification protocol (300), activates at least an alarm module (140), generates at least a notification on at least a display module (135) when the user is found to be unauthorised to access the asset (180).

3. An asset power management device (100) as claimed in claim 1 and 2 wherein the authorisation verification protocol (300) comprises
at least one user profile being defined by at least one parameter including user name, user credentials, authorisation status, usage restriction and;
at least one database of authorised users, user credentials and usage restriction;
wherein the microcontroller (125) programmed with the authorisation verification protocol (300) performs a verification based on matching of the input from the authentication module (130) with the user credentials stored in a database in the memory module (145).
4. An asset power management device (100) as claimed in claim 1 wherein the microcontroller (125) executing the authorisation verification protocol (300), logs and stores data including asset type, asset location, asset administrator, asset health, asset failure event, user data, session data, total usage time in the database in the memory module (145) and keeps the data available for data analysis and reporting through the communication module (150).

5. An asset power management device (100) as claimed in claim 1 wherein the authentication module (130) is a biometric authentication based system or radio frequency identification (RFID) system or a quick response (QR) code based system or a password based system or a pin code based system or a combination thereof.

6. An asset power management device (100) as claimed in claim 1 wherein the device (100) is powered through an AC/DC adaptor (175) which charges an internal battery (170).

7. An asset power management device (100) as claimed in claim 1 wherein the user inputs data in the device (100) through a keypad module (160) or through a network enabled computing means through a communication module (160) or through a combination thereof.

8. An asset power management device (100) as claimed in claim 1 wherein the relay module (115) is protected by a fuse (110) to prevent the relay module (115) from damage due to overload.

9. A method for managing power to asset (180) using an asset power management device (100) comprising

- a step of defining, adding and authorising a user as administrator comprising
a) assigning an asset (180) to the asset power management device (100) and updating the database,
b) creating an administrator profile and updating database,
c) setting up the RTC (165) and updating values in the database,
d) initialising display module (135) and authentication module (130)
e) adding user as administrator and updating database,
f) accepting and storing administrator’s credentials including biometric profile, password, pin code or a combination thereof,
g) assigning ID to administrators credentials and updating database,
h) linking administrator’s credential profile to his user profile and updating database;

- a step of defining adding and authorising a user as new user comprising,
a) verifying administrator’s credentials
b) adding new user details
c) accepting and storing new user credentials including biometric profile, password, pin code or a combination thereof,
d) assigning ID to new users credentials and updating database,
e) linking new user’s credential profile to his user profile and updating database;

- a step for seeking authentication from user of asset (180) comprising,
a) accepting user credentials through the authentication module (130)
b) matching accepted user credentials with the credential profiles in the database
c) denying access if matching is unsuccessful
d) fetching user profile from database and checking for authorisation
e) changing relay module (115) state to “ON” if authorisation is valid
f) rejecting access if authorisation is invalid, switching relay module (115) state to “OFF” if previously “ON”