US20090282461A1 - Method of and system for controlling access to an automated media library - Google Patents
Method of and system for controlling access to an automated media library Download PDFInfo
- Publication number
- US20090282461A1 US20090282461A1 US12/116,801 US11680108A US2009282461A1 US 20090282461 A1 US20090282461 A1 US 20090282461A1 US 11680108 A US11680108 A US 11680108A US 2009282461 A1 US2009282461 A1 US 2009282461A1
- Authority
- US
- United States
- Prior art keywords
- access
- media
- import
- door
- library
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/37—Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/33—Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C2209/00—Indexing scheme relating to groups G07C9/00 - G07C9/38
- G07C2209/14—With a sequence of inputs of different identification information
Definitions
- the present invention relates in general to the field of physical security of computer storage media, and more particularly to a method of and system for controlling access to an automated media library.
- Automated media libraries provide a convenient and efficient means of storing and accessing large amounts of data.
- the data are stored on movable media, such as magnetic tape cartridges.
- the movable media are stored in racks or slots in a cabinet.
- a robotic media handler moves the media back and forth between the racks are slots and one or more media drives in the cabinet.
- the media drives are connected to a network.
- Media can be imported to or exported from the automated media library through an import/export station.
- the robotic media handler moves media back and forth between the library and the import export station. Additionally, doors are provided in the cabinet so that service or maintenance technicians can have access to the various mechanical and electrical components within the library cabinet.
- Automated media libraries are typically located in rooms that provide various levels of physical access control. At smaller installations, the media library may be located in a normal office. At larger installations, media libraries may be located in special dedicated rooms. The special dedicated rooms are typically locked and require a badge or the like to enter the room. Some organizations require that people requesting access to a media library be accompanied by a guard or other security personnel.
- the present invention provides a method of and a system for controlling access to an automated media library.
- the method receives a request for access to the library from an individual having an identity.
- Access may include importing media to the library, exporting media from the library, and opening a locked door to a cabinet containing the library. If the access includes the importing media, the method moves a robotic media handler to a locked import/export station. If the access includes exporting media, the method moves the requested media to the locked import/export station. If the access includes the opening the door, the method takes a first inventory of the media in the library.
- the method authenticates the identity of the individual and determines an access level associated with the individual. If the access level is insufficient for the requested access, the method denies the requested access and issues an alert.
- the method determines if the requested access requires a second authentication. If a second authentication is required, the method prompts the individual to perform the second authentication. If the second authentication is verified, the method logs the access by the individual and grants the access. If the access is granted and the access is importing or exporting media, the method unlocks the import/export station. If the access is granted and the access is opening the door, the method unlocks the door. The method closes and locks the import/export station a predetermined length of time after unlocking the import/export station. The method locks the door a predetermined length of time after unlocking the door and takes a second inventory of the media. The method issues an alert if the second inventory differs from the first inventory.
- FIG. 1 is a perspective view of an embodiment of an automated media library according to the present invention
- FIG. 2 is a block diagram of an embodiment of automated media library access control system according to the present invention.
- FIGS. 3A-FIG . 3 C comprise a flow chart an embodiment of automated media library access control processing according to the present invention.
- FIG. 4A-FIG . 3 C comprises a flow chart of an embodiment of automated media library access control authentication processing according to the present invention.
- media library 100 is an automated tape library; however, those skilled in the art will recognize that media library 100 may be adapted for use with other media.
- Media library 100 is housed in a cabinet 101 .
- Cabinet 101 is accessible from the outside through a front door 103 and the back door 105 .
- Front door 103 is normally secured by an electronically operated lock 107 .
- back door 105 is normally secured by an electronically operated lock 109 .
- Cabinet 101 houses the mechanical and electrical components of media library 100 as well as the media itself.
- Media library 100 includes a plurality of tape drives 111 .
- Media library 100 also includes storage slots for tape cartridges, such as tape cartridge 113 .
- a robot 115 is mounted for movement inside cabinet 101 to transport tape cartridges back and forth between the storage slots and the tape drives.
- Robot 115 may also include a barcode reader (not shown in FIG. 1 ) for inventorying tape cartridges in the library.
- Robot 115 is also operable to move tape cartridges back and forth between an import/export station 117 positioned in front door 103 .
- Import/export station is normally secured by an electronically operated lock (not shown in FIG. 1 ).
- Embodiments of the present invention control access to the interior of cabinet 101 by authenticating the identity of persons seeking access.
- authentication may be provided through a combination of user ID and password authentication and biometric authentication.
- a touch screen 119 is positioned in front door 103 .
- Touch screen 119 is adapted to display prompts and soft keys, or the like, to receive user input.
- a person seeking access to the interior of cabinet 101 may be prompted to enter a user ID, or the like, and password using touch screen 119 .
- the biometric authentication devices include an iris or retina scanner 121 and the hand or fingerprint scanner 123 . Processing and control of media library 100 is performed by a controller 125 , which may be a personal computer.
- the embodiment of the access control system of FIG. 1 is illustrated a block diagram form in FIG. 2 .
- Media handling robot 115 , cabinet front door lock 107 , touch screen 119 , and cabinet back door lock 109 are all in communication with controller 125 .
- communication may be over a network based on Ethernet and the TCP/IP protocol within automated media library 100 .
- the access control system also includes an electronically operated import/export station lock 201 in communication with controller 125 .
- a barcode reader 203 is also in communication with controller 125 .
- Iris/retina scanner 121 and hand/fingerprint scanner 123 are coupled to a multimodal biometric engine 205 , which is in communication with controller 125 .
- Multimodal biometric engine 125 may be a software component of controller 125 .
- Controller 125 is in communication with an administrator computer 207 . Communication between controller 125 and administrator computer 207 may be over a network. Administrator computer 207 may be located in an office or the like separated from automated media library 100 . Administrator computer 207 is adapted to receive access log information and alerts from controller 125 .
- FIG. 3A-FIG . 3 C comprise a flow chart of an embodiment of access control processing according to the present invention.
- Controller 125 waits for user input, as indicated at block 301 .
- the user specifies the operation which might be an import, export or open door request.
- the user input might be initiated by the user via administrative computer 207 or via the touch screen 119 of the automated library 101 . If, as determined at decision block 303 , the user input is import, controller 125 actuates robot 115 to move to import/export station 117 , as indicated at block 305 . If, as determined at decision block 307 , the user input is export, controller 125 prompts the user to identify the media to be exported, as indicated at block 309 .
- the identification of the tape cartridge is based on the volume serial number which uniquely identifies each tape cartridge in an automated library.
- the prompts and identification of media may be made using touch screen 119 or via administrative computer 207 depending from where the request in step 301 came.
- controller 125 actuates robot 115 to move the identified media to import/export station 117 , as indicated at block 311 . If, as determined at decision block 313 , the user input is open a door, controller 125 actuates robot 115 and barcode reader 203 to inventory the media in the library, as indicated at block 315 . If the user input is other than import, export, or open door, controller 125 performs other processing, as indicated generally at block 317 and subsequently the process ends.
- controller 125 After determining the type of access requested, controller 125 loads the systems authentication policy, as indicated at block 319 .
- the authentication policy provides access authority and authentication levels for various registered users. For example, some requesters (users), such as delivery or mailroom personnel, may have authority to import media to, but not to export media from, the library. Others, such as service or maintenance technicians, may have authority to open the doors of the library cabinet but not to remove media from the library. Also, requesters requesting certain actions may be required to provide higher levels of authentication.
- controller 125 After loading the authentication policy, controller 125 performs authentication, as indicated generally at block 321 , and described in detail with reference to FIGS. 4A-4C . Referring to FIG. 3B , after authentication, controller 125 determines, at decision block 323 if access is granted.
- controller 125 determines, at decision block 325 , if the requested access is import or export. If not, the requested access is to unlock a door and processing continues on FIG. 3C . If the requested access is import or export, controller 125 actuates lock 201 to unlock import/export station 117 , as indicated at block 327 .
- Controller 125 also starts a timer, as indicated at block 327 . Then, controller 125 waits for import/export station 117 to be closed, as determined at block decision block 329 , or the timer to time out, as determined at decision block 331 . If the timer times out before station 117 is closed, controller 125 issues an alert, as indicated at block 333 , and actuates lock 201 to lock import/export station 117 , as indicated at block 335 . Then controller 125 logs access completed, as indicated at block 337 . The determination whether the import/export station is opened or closed may be done through sensors associated with the import/export station (not shown).
- controller 125 if access has been granted to open the door, controller 125 operates a door lock 107 and/or 109 , thereby allowing door 103 and/or door 105 to be opened, and starts a timer, as indicated at block 339 . Then, controller 125 waits for the door to be closed, as determined at block decision block 341 , or the timer to time out, as determined at decision block 343 . If the timer times out before the door is closed, controller 125 issues an alert, as indicated at block 345 , and actuates locks 107 and/or 109 to lock the door or doors, as indicated at block 347 . The determination whether the door is opened or closed may be done through sensors associated with the door (not shown).
- controller 125 After locking the door or doors, controller 125 actuates robot 115 and barcode reader 203 to perform a second inventory of the media library, as indicated at block 349 . Then, controller 125 compares the starting inventory to the ending inventory, as indicated at block 351 . If, as determined at decision block 353 , starting inventory is not equal to the ending inventory, controller 125 issues an alert, as indicated at block 355 , and logs access complete and the inventory difference, at block 357 . If, as determined at decision block 353 , the starting inventory equals the ending inventory, controller 125 logs access complete, at block 359 , and processing ends.
- FIGS. 4A-4C comprise a flow chart of an embodiment of authentication according to the present invention.
- Controller 125 receives a first authentication key, as indicated at block 401 .
- First authentication key may be a user ID and password provided by the user from administrative computer 207 or touch panel 119 of library 101 .
- Controller 125 determines, at decision block 403 , if the first authentication key is verified. If not, controller 125 increments an unauthorized access counter, as indicated at block 405 . If, as determined at decision block 407 , the count is less than or equal to a maximum number of retries, controller 125 prompts the requester (user) to retry, as indicated at block 409 , and the process returns to decision block 403 .
- the process proceeds to FIG. 4B , where the process logs the date, time, name and requested access, as indicated at block 425 , sends an alert, at block 427 , and zeros the unauthorized access counter, at block 429 . Then, the process returns access denied.
- the alert sent at block 427 may an audio or visual alarm, a text message or the like to an administrator or security official, or any other alert.
- controller 125 compares the requested access to the access-security level from the authentication policy, as indicated at block 411 . If, as determined at decision block 413 , the requested access is not authorized to the requester, processing proceeds to FIG. 4B . If access is authorized, controller 125 determines, at decision block 415 , if a second key is required. If not, processing proceeds to FIG. 4C where controller 125 logs the date, time, name, and requested access, at block 431 , and zeros the unauthorized access counter, at block 433 . The process then returns access granted.
- controller 125 prompts the requester to enter the second key, as indicated at block 417 .
- the second key may be one or more biometric identifiers. If, as determined at decision block 419 , the second key is verified, processing proceeds to FIG. 4C . If the second key is not verified, controller 125 increments the unauthorized access counter, as indicated at block 421 . If, as determined at decision block 423 , the count is less than or equal to a maximum number of retries, controller 125 prompts the requester to retry, as indicated at block 424 , and the process returns to decision block 419 . If the count is greater than the maximum number of retries, the process proceeds to FIG. 4B .
Abstract
A method of controlling access to an automated media library receives a request for access to the library from an individual having an identity. Access may include importing media to the library, exporting media from the library, and opening a locked door to a cabinet containing the library. If the access includes the importing media, the method moves a robotic media handler to a locked import/export station. If the access includes exporting media, the method moves the requested media to the locked import/export station. If the access includes the opening the door, the method takes a first inventory of the media in the library. The method authenticates the identity of the individual and determines an access level associated with the individual. If the access level is insufficient for the requested access, the method denies the requested access and issues an alert. If the access level is sufficient for the requested access, the method determines if the requested access requires a second authentication. If a second authentication is required, the method prompts the individual to perform the second authentication. If the second authentication is verified, the method logs the access by the individual and grants the access. If the access is granted and the access is importing or exporting media, the method unlocks the import/export station. If the access is granted and the access is opening the door, the method unlocks the door. The method closes and locks the import/export station a predetermined length of time after unlocking the import/export station. The method locks the door a predetermined length of time after unlocking the door and takes a second inventory of the media. The method issues an alert if the second inventory differs from the first inventory.
Description
- 1. Technical Field
- The present invention relates in general to the field of physical security of computer storage media, and more particularly to a method of and system for controlling access to an automated media library.
- 2. Description of the Related Art
- Automated media libraries provide a convenient and efficient means of storing and accessing large amounts of data. The data are stored on movable media, such as magnetic tape cartridges. The movable media are stored in racks or slots in a cabinet. A robotic media handler moves the media back and forth between the racks are slots and one or more media drives in the cabinet. The media drives are connected to a network.
- Media can be imported to or exported from the automated media library through an import/export station. The robotic media handler moves media back and forth between the library and the import export station. Additionally, doors are provided in the cabinet so that service or maintenance technicians can have access to the various mechanical and electrical components within the library cabinet.
- Automated media libraries are typically located in rooms that provide various levels of physical access control. At smaller installations, the media library may be located in a normal office. At larger installations, media libraries may be located in special dedicated rooms. The special dedicated rooms are typically locked and require a badge or the like to enter the room. Some organizations require that people requesting access to a media library be accompanied by a guard or other security personnel.
- Despite the security measures currently in place, there still is a possibility that persons having access to media libraries may take media without proper authority. For example, a person may have authority to enter a media library room for certain purposes. However, once in the room, the person may improperly take media from a library and the room.
- Data theft is a serious issue. It poses a risk for the intellectual property of the company. Additionally, organizations are required by law to protect certain employee records. Financial, product, business plans, trade secrets, and other confidential data must be protected from falling into unauthorized hands.
- The present invention provides a method of and a system for controlling access to an automated media library. The method receives a request for access to the library from an individual having an identity. Access may include importing media to the library, exporting media from the library, and opening a locked door to a cabinet containing the library. If the access includes the importing media, the method moves a robotic media handler to a locked import/export station. If the access includes exporting media, the method moves the requested media to the locked import/export station. If the access includes the opening the door, the method takes a first inventory of the media in the library. The method authenticates the identity of the individual and determines an access level associated with the individual. If the access level is insufficient for the requested access, the method denies the requested access and issues an alert. If the access level is sufficient for the requested access, the method determines if the requested access requires a second authentication. If a second authentication is required, the method prompts the individual to perform the second authentication. If the second authentication is verified, the method logs the access by the individual and grants the access. If the access is granted and the access is importing or exporting media, the method unlocks the import/export station. If the access is granted and the access is opening the door, the method unlocks the door. The method closes and locks the import/export station a predetermined length of time after unlocking the import/export station. The method locks the door a predetermined length of time after unlocking the door and takes a second inventory of the media. The method issues an alert if the second inventory differs from the first inventory.
- The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as a preferred mode of use, further purposes and advantages thereof, will best be understood by reference to the following detailed description of an illustrative embodiment when read in conjunction with the accompanying drawings, where:
-
FIG. 1 is a perspective view of an embodiment of an automated media library according to the present invention; -
FIG. 2 is a block diagram of an embodiment of automated media library access control system according to the present invention; -
FIGS. 3A-FIG . 3C comprise a flow chart an embodiment of automated media library access control processing according to the present invention; and, -
FIG. 4A-FIG . 3C comprises a flow chart of an embodiment of automated media library access control authentication processing according to the present invention. - Referring now to drawings, and first to
FIG. 1 , an embodiment of an automated media library according to the present invention is designated generally by thenumeral 100. In the illustrated embodiment,media library 100 is an automated tape library; however, those skilled in the art will recognize thatmedia library 100 may be adapted for use with other media. -
Media library 100 is housed in acabinet 101.Cabinet 101 is accessible from the outside through afront door 103 and theback door 105.Front door 103 is normally secured by an electronically operatedlock 107. Similarly,back door 105 is normally secured by an electronically operatedlock 109. -
Cabinet 101 houses the mechanical and electrical components ofmedia library 100 as well as the media itself.Media library 100 includes a plurality oftape drives 111.Media library 100 also includes storage slots for tape cartridges, such astape cartridge 113. Arobot 115 is mounted for movement insidecabinet 101 to transport tape cartridges back and forth between the storage slots and the tape drives.Robot 115 may also include a barcode reader (not shown inFIG. 1 ) for inventorying tape cartridges in the library.Robot 115 is also operable to move tape cartridges back and forth between an import/export station 117 positioned infront door 103. Import/export station is normally secured by an electronically operated lock (not shown inFIG. 1 ). - Embodiments of the present invention control access to the interior of
cabinet 101 by authenticating the identity of persons seeking access. In the embodiment ofFIG. 1 , authentication may be provided through a combination of user ID and password authentication and biometric authentication. Atouch screen 119 is positioned infront door 103.Touch screen 119 is adapted to display prompts and soft keys, or the like, to receive user input. A person seeking access to the interior ofcabinet 101 may be prompted to enter a user ID, or the like, and password usingtouch screen 119. In the illustrated embodiment, the biometric authentication devices include an iris orretina scanner 121 and the hand orfingerprint scanner 123. Processing and control ofmedia library 100 is performed by acontroller 125, which may be a personal computer. - The embodiment of the access control system of
FIG. 1 is illustrated a block diagram form inFIG. 2 .Media handling robot 115, cabinetfront door lock 107,touch screen 119, and cabinetback door lock 109 are all in communication withcontroller 125. In some embodiments, communication may be over a network based on Ethernet and the TCP/IP protocol withinautomated media library 100. The access control system also includes an electronically operated import/export station lock 201 in communication withcontroller 125. Abarcode reader 203 is also in communication withcontroller 125. Iris/retina scanner 121 and hand/fingerprint scanner 123 are coupled to a multimodalbiometric engine 205, which is in communication withcontroller 125. Multimodalbiometric engine 125 may be a software component ofcontroller 125. -
Controller 125 is in communication with anadministrator computer 207. Communication betweencontroller 125 andadministrator computer 207 may be over a network.Administrator computer 207 may be located in an office or the like separated fromautomated media library 100.Administrator computer 207 is adapted to receive access log information and alerts fromcontroller 125. -
FIG. 3A-FIG . 3C comprise a flow chart of an embodiment of access control processing according to the present invention.Controller 125 waits for user input, as indicated atblock 301. The user specifies the operation which might be an import, export or open door request. The user input might be initiated by the user viaadministrative computer 207 or via thetouch screen 119 of theautomated library 101. If, as determined atdecision block 303, the user input is import,controller 125 actuatesrobot 115 to move to import/export station 117, as indicated atblock 305. If, as determined atdecision block 307, the user input is export,controller 125 prompts the user to identify the media to be exported, as indicated atblock 309. The identification of the tape cartridge is based on the volume serial number which uniquely identifies each tape cartridge in an automated library. The prompts and identification of media may be made usingtouch screen 119 or viaadministrative computer 207 depending from where the request instep 301 came. After user has identified the media,controller 125 actuatesrobot 115 to move the identified media to import/export station 117, as indicated atblock 311. If, as determined atdecision block 313, the user input is open a door,controller 125 actuatesrobot 115 andbarcode reader 203 to inventory the media in the library, as indicated atblock 315. If the user input is other than import, export, or open door,controller 125 performs other processing, as indicated generally atblock 317 and subsequently the process ends. - After determining the type of access requested,
controller 125 loads the systems authentication policy, as indicated atblock 319. The authentication policy provides access authority and authentication levels for various registered users. For example, some requesters (users), such as delivery or mailroom personnel, may have authority to import media to, but not to export media from, the library. Others, such as service or maintenance technicians, may have authority to open the doors of the library cabinet but not to remove media from the library. Also, requesters requesting certain actions may be required to provide higher levels of authentication. After loading the authentication policy,controller 125 performs authentication, as indicated generally atblock 321, and described in detail with reference toFIGS. 4A-4C . Referring toFIG. 3B , after authentication,controller 125 determines, atdecision block 323 if access is granted. If not, processing ends. If access is granted,controller 125 determines, atdecision block 325, if the requested access is import or export. If not, the requested access is to unlock a door and processing continues onFIG. 3C . If the requested access is import or export,controller 125 actuates lock 201 to unlock import/export station 117, as indicated atblock 327. -
Controller 125 also starts a timer, as indicated atblock 327. Then,controller 125 waits for import/export station 117 to be closed, as determined atblock decision block 329, or the timer to time out, as determined atdecision block 331. If the timer times out beforestation 117 is closed,controller 125 issues an alert, as indicated atblock 333, and actuateslock 201 to lock import/export station 117, as indicated atblock 335. Thencontroller 125 logs access completed, as indicated atblock 337. The determination whether the import/export station is opened or closed may be done through sensors associated with the import/export station (not shown). - Referring to
FIG. 3C , if access has been granted to open the door,controller 125 operates adoor lock 107 and/or 109, thereby allowingdoor 103 and/ordoor 105 to be opened, and starts a timer, as indicated atblock 339. Then,controller 125 waits for the door to be closed, as determined atblock decision block 341, or the timer to time out, as determined atdecision block 343. If the timer times out before the door is closed,controller 125 issues an alert, as indicated atblock 345, and actuateslocks 107 and/or 109 to lock the door or doors, as indicated atblock 347. The determination whether the door is opened or closed may be done through sensors associated with the door (not shown). - After locking the door or doors,
controller 125 actuatesrobot 115 andbarcode reader 203 to perform a second inventory of the media library, as indicated atblock 349. Then,controller 125 compares the starting inventory to the ending inventory, as indicated atblock 351. If, as determined atdecision block 353, starting inventory is not equal to the ending inventory,controller 125 issues an alert, as indicated atblock 355, and logs access complete and the inventory difference, atblock 357. If, as determined atdecision block 353, the starting inventory equals the ending inventory,controller 125 logs access complete, atblock 359, and processing ends. -
FIGS. 4A-4C comprise a flow chart of an embodiment of authentication according to the present invention.Controller 125 receives a first authentication key, as indicated atblock 401. First authentication key may be a user ID and password provided by the user fromadministrative computer 207 ortouch panel 119 oflibrary 101.Controller 125 determines, atdecision block 403, if the first authentication key is verified. If not,controller 125 increments an unauthorized access counter, as indicated atblock 405. If, as determined atdecision block 407, the count is less than or equal to a maximum number of retries,controller 125 prompts the requester (user) to retry, as indicated atblock 409, and the process returns todecision block 403. If the count is greater than the maximum number of retries, the process proceeds toFIG. 4B , where the process logs the date, time, name and requested access, as indicated atblock 425, sends an alert, atblock 427, and zeros the unauthorized access counter, atblock 429. Then, the process returns access denied. The alert sent atblock 427 may an audio or visual alarm, a text message or the like to an administrator or security official, or any other alert. - Returning to decision block 403, if the first authentication key is verified,
controller 125 compares the requested access to the access-security level from the authentication policy, as indicated atblock 411. If, as determined atdecision block 413, the requested access is not authorized to the requester, processing proceeds toFIG. 4B . If access is authorized,controller 125 determines, atdecision block 415, if a second key is required. If not, processing proceeds toFIG. 4C wherecontroller 125 logs the date, time, name, and requested access, atblock 431, and zeros the unauthorized access counter, atblock 433. The process then returns access granted. - If, as determined at
decision block 415, a second key is required,controller 125 prompts the requester to enter the second key, as indicated atblock 417. The second key may be one or more biometric identifiers. If, as determined atdecision block 419, the second key is verified, processing proceeds toFIG. 4C . If the second key is not verified,controller 125 increments the unauthorized access counter, as indicated atblock 421. If, as determined atdecision block 423, the count is less than or equal to a maximum number of retries,controller 125 prompts the requester to retry, as indicated atblock 424, and the process returns todecision block 419. If the count is greater than the maximum number of retries, the process proceeds toFIG. 4B . - From the foregoing, it will be apparent to those skilled in the art that systems and methods according to the present invention are well adapted to overcome the shortcomings of the prior art. While the present invention has been described with reference to presently preferred embodiments, those skilled in the art, given the benefit of the foregoing description, will recognize alternative embodiments. Accordingly, the foregoing description is intended for purposes of illustration and not of limitation.
Claims (2)
1. (canceled)
2. An automated media library, which comprises:
a cabinet, said cabinet including a door and an import/export station;
a robotic media handler inside said cabinet;
means for receiving a request for access to said library from an individual having an identity, said access including import of media to said library, export of media from said library, and opening said door;
if said access includes said import of media, means for moving a robotic media handler to said import/export station;
if said access includes said export of media, means for actuating said robotic media handler to move requested media to said import/export station;
if said access includes said opening said door, means for taking a first inventory of the media in said library;
means for authenticating the identity of said individual;
means for determining an access level associated with said individual;
if said access level is insufficient for said requested access, means for denying said requested access and issuing an alert;
if said access level is sufficient for said requested access, means for determining if said requested access requires a second authentication;
if a second authentication is required, means for prompting said individual to perform said second authentication;
if said second authentication is verified, means for logging said access by said individual and granting said access;
if said access is granted and said access is import or export of media, means for opening said import/export station;
if said access is granted and said access is opening said door, means for unlocking said door;
means for closing and locking said import/export station a predetermined length of time after opening said import/export station;
means for locking said door a predetermined length of time after unlocking said door and taking a second inventory of said media; and,
means for issuing an alert if said second inventory differs from said first inventory.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/116,801 US20090282461A1 (en) | 2008-05-07 | 2008-05-07 | Method of and system for controlling access to an automated media library |
US12/355,383 US8230501B2 (en) | 2008-05-07 | 2009-01-16 | Controlling access to an automated media library |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/116,801 US20090282461A1 (en) | 2008-05-07 | 2008-05-07 | Method of and system for controlling access to an automated media library |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/355,383 Continuation US8230501B2 (en) | 2008-05-07 | 2009-01-16 | Controlling access to an automated media library |
Publications (1)
Publication Number | Publication Date |
---|---|
US20090282461A1 true US20090282461A1 (en) | 2009-11-12 |
Family
ID=41266375
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/116,801 Abandoned US20090282461A1 (en) | 2008-05-07 | 2008-05-07 | Method of and system for controlling access to an automated media library |
US12/355,383 Expired - Fee Related US8230501B2 (en) | 2008-05-07 | 2009-01-16 | Controlling access to an automated media library |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/355,383 Expired - Fee Related US8230501B2 (en) | 2008-05-07 | 2009-01-16 | Controlling access to an automated media library |
Country Status (1)
Country | Link |
---|---|
US (2) | US20090282461A1 (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100014179A1 (en) * | 2008-07-17 | 2010-01-21 | Quantum Corporation | Media library system and method for monitoring changes in inventory of media cartridges |
US20120233687A1 (en) * | 2011-03-08 | 2012-09-13 | Metivier Pascal | Secure method for controlling the opening of lock devices by means of a communicating object such as a mobile phone |
US9762394B1 (en) * | 2016-02-29 | 2017-09-12 | Facefirst, Inc. | Access manager |
US20210142084A1 (en) * | 2008-07-21 | 2021-05-13 | Facefirst, Inc. | Managed notification system |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100295658A1 (en) * | 2009-05-21 | 2010-11-25 | Shu-Chin Chen | Intelligent lock |
US9042607B2 (en) * | 2011-05-02 | 2015-05-26 | Omnicell, Inc. | System and method for user access of dispensing unit |
US20130305353A1 (en) * | 2012-05-10 | 2013-11-14 | Rutherford Controls International Corp. | Low Power Driver System and Method for Controlling The Same |
US9092633B2 (en) | 2013-01-17 | 2015-07-28 | International Business Machines Corporation | Authorizing removable medium access |
CA2911719A1 (en) * | 2013-04-16 | 2014-10-23 | Imageware Systems, Inc. | Conditional and situational biometric authentication and enrollment |
US9916854B2 (en) * | 2016-06-06 | 2018-03-13 | Dell Products L.P. | Systems and methods for removing media from a sequential media drive |
CN107635113A (en) * | 2017-09-12 | 2018-01-26 | 中山大学 | It is a kind of to remind the intelligent anti-theft system locked a door |
CN112052346B (en) * | 2020-09-11 | 2022-06-10 | 讯飞智元信息科技有限公司 | Method and device for updating real personnel library, electronic equipment and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5377269A (en) * | 1992-10-29 | 1994-12-27 | Intelligent Security Systems, Inc. | Security access and monitoring system for personal computer |
US6286079B1 (en) * | 1999-01-11 | 2001-09-04 | International Business Machines Corporation | Interruptible inventory of a mass data storage library |
US6353581B1 (en) * | 1997-11-14 | 2002-03-05 | Overland Data, Inc. | Media access in a media library |
US20030191971A1 (en) * | 1998-12-23 | 2003-10-09 | Worldcom, Inc. | Method of and system for controlling internet access |
US6865053B2 (en) * | 2003-01-13 | 2005-03-08 | International Business Machines Corporation | System and method of cleaning an automated tape library with a pass-through cleaning tool using cleaning tape |
US20070043958A1 (en) * | 2005-08-19 | 2007-02-22 | Fujitsu Limited | Method of managing recording medium, library apparatus and information processing apparatus |
US7210938B2 (en) * | 2001-05-09 | 2007-05-01 | K12.Com | System and method of virtual schooling |
US20070239569A1 (en) * | 2000-03-07 | 2007-10-11 | Michael Lucas | Systems and methods for managing assets |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5819309A (en) * | 1996-02-09 | 1998-10-06 | Overland Data, Inc. | Automated tape cartridge library with accelerated calibration |
US6246642B1 (en) * | 1999-04-13 | 2001-06-12 | Hewlett-Packard Company | Automated optical detection system and method |
US6722564B2 (en) * | 2001-12-06 | 2004-04-20 | Storage Technology Corporation | Method, apparatus, and program for determining correct cartridge orientation in an automated tape library |
US7594114B2 (en) * | 2002-09-16 | 2009-09-22 | General Electric Company | Authentication apparatus and method for universal appliance communication controller |
US20050177724A1 (en) * | 2004-01-16 | 2005-08-11 | Valiuddin Ali | Authentication system and method |
US7076327B1 (en) * | 2004-06-30 | 2006-07-11 | Emc Corporation | Simultaneous processing of media requests |
-
2008
- 2008-05-07 US US12/116,801 patent/US20090282461A1/en not_active Abandoned
-
2009
- 2009-01-16 US US12/355,383 patent/US8230501B2/en not_active Expired - Fee Related
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5377269A (en) * | 1992-10-29 | 1994-12-27 | Intelligent Security Systems, Inc. | Security access and monitoring system for personal computer |
US6353581B1 (en) * | 1997-11-14 | 2002-03-05 | Overland Data, Inc. | Media access in a media library |
US20030191971A1 (en) * | 1998-12-23 | 2003-10-09 | Worldcom, Inc. | Method of and system for controlling internet access |
US6286079B1 (en) * | 1999-01-11 | 2001-09-04 | International Business Machines Corporation | Interruptible inventory of a mass data storage library |
US20070239569A1 (en) * | 2000-03-07 | 2007-10-11 | Michael Lucas | Systems and methods for managing assets |
US7210938B2 (en) * | 2001-05-09 | 2007-05-01 | K12.Com | System and method of virtual schooling |
US6865053B2 (en) * | 2003-01-13 | 2005-03-08 | International Business Machines Corporation | System and method of cleaning an automated tape library with a pass-through cleaning tool using cleaning tape |
US20070043958A1 (en) * | 2005-08-19 | 2007-02-22 | Fujitsu Limited | Method of managing recording medium, library apparatus and information processing apparatus |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100014179A1 (en) * | 2008-07-17 | 2010-01-21 | Quantum Corporation | Media library system and method for monitoring changes in inventory of media cartridges |
US9343100B2 (en) * | 2008-07-17 | 2016-05-17 | Quantum Corporation | Media library system and method for monitoring changes in inventory of media cartridges |
US11532152B2 (en) * | 2008-07-21 | 2022-12-20 | Facefirst, Inc. | Managed notification system |
US20210142084A1 (en) * | 2008-07-21 | 2021-05-13 | Facefirst, Inc. | Managed notification system |
US20120233687A1 (en) * | 2011-03-08 | 2012-09-13 | Metivier Pascal | Secure method for controlling the opening of lock devices by means of a communicating object such as a mobile phone |
US8793784B2 (en) * | 2011-03-08 | 2014-07-29 | Openways Sas | Secure method for controlling the opening of lock devices by means of a communicating object such as a mobile phone |
US9998283B2 (en) * | 2016-02-29 | 2018-06-12 | Facefirst, Inc. | Access manager |
US20180302225A1 (en) * | 2016-02-29 | 2018-10-18 | Facefirst, Inc. | Access manager |
US10361863B2 (en) * | 2016-02-29 | 2019-07-23 | Facefirst, Inc. | Access manager |
US20190342100A1 (en) * | 2016-02-29 | 2019-11-07 | Facefirst, Inc. | Access manager |
US10797880B2 (en) * | 2016-02-29 | 2020-10-06 | Facefirst, Inc. | Access manager |
US20210021421A1 (en) * | 2016-02-29 | 2021-01-21 | Facefirst, Inc. | Access manager |
US20180013564A1 (en) * | 2016-02-29 | 2018-01-11 | Facefirst, Inc. | Access manager |
US9762394B1 (en) * | 2016-02-29 | 2017-09-12 | Facefirst, Inc. | Access manager |
US11956365B2 (en) * | 2016-02-29 | 2024-04-09 | Facefirst, Inc. | Access manager |
Also Published As
Publication number | Publication date |
---|---|
US20090278654A1 (en) | 2009-11-12 |
US8230501B2 (en) | 2012-07-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8230501B2 (en) | Controlling access to an automated media library | |
US11321978B2 (en) | Systems and methods for secure lock systems with redundant access control | |
US9230380B2 (en) | Lockable enclosure having improved access system | |
US20070188303A1 (en) | Method, apparatus and system for controlling access to a storage unit | |
US20060139148A1 (en) | Method, apparatus and system for controlling access to a cabinet | |
US20030046553A1 (en) | Use of biometrics to provide physical and logic access to computer devices | |
JP5064663B2 (en) | Document management system | |
US20180091503A1 (en) | Networked storage system and method | |
EP1776671A1 (en) | Identification with rfid asset locator for entry authorization | |
US20140320259A1 (en) | Biometric security apparatus for access and control of a physical locking storage unit | |
US20040039920A1 (en) | Security cabinet system for controlling with user's id data | |
CN110677436A (en) | Object access authority management background system, device and user terminal | |
US20200051350A1 (en) | Auditable security system for secure enclosures | |
US20160110530A1 (en) | Method and a system for authenticating a user in terms of a cloud based access control system | |
US10424142B2 (en) | Access control system bypass for audit and electronic safe locks | |
US20060088192A1 (en) | Identification system | |
KR102076352B1 (en) | Cash box managmenet system using user terminal | |
JP2000145219A (en) | Lock management system | |
JP4347138B2 (en) | Access control device | |
JP4647408B2 (en) | Entrance / exit management system and management server | |
JP6496222B2 (en) | Room lock management system | |
US11842587B1 (en) | System, comprising a lock unit for a cabinet and at least one portable user terminal | |
TWM565736U (en) | Biometric multi-function locker | |
US11620460B1 (en) | Method and system for issuing and storing key/keycard | |
TWI476734B (en) | Multiple access control method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HAUSTEIN, NILS;KRICK, FRANK;WINARSKI, DANIEL J.;REEL/FRAME:021221/0085;SIGNING DATES FROM 20080505 TO 20080507 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |