WO2005091230A1 - Apparatus for monitoring remote work - Google Patents

Apparatus for monitoring remote work Download PDF

Info

Publication number
WO2005091230A1
WO2005091230A1 PCT/FI2005/050095 FI2005050095W WO2005091230A1 WO 2005091230 A1 WO2005091230 A1 WO 2005091230A1 FI 2005050095 W FI2005050095 W FI 2005050095W WO 2005091230 A1 WO2005091230 A1 WO 2005091230A1
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
time
information
remote
location information
Prior art date
Application number
PCT/FI2005/050095
Other languages
French (fr)
Inventor
Jouni Hult
Lauri Aarnio
Tero Silvennoinen
Heikki Roikonen
Original Assignee
Nixu Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nixu Oy filed Critical Nixu Oy
Publication of WO2005091230A1 publication Critical patent/WO2005091230A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C1/00Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people
    • G07C1/20Checking timed patrols, e.g. of watchman
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C1/00Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people
    • G07C1/10Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people together with the recording, indicating or registering of other data, e.g. of signs of identity
    • G07C1/16Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people together with the recording, indicating or registering of other data, e.g. of signs of identity wherein the time is indicated by marking an element, e.g. a card or tape, in a position determined by the time

Definitions

  • the invention relates to monitoring working hours at sites to which a remote worker is to pay a visit on a regular basis and the visit is to be verified.
  • workers for a cleaning company pay a visit to clean the premises of their employer's customer, on a regular basis.
  • the cleaning takes place once per workday, usually a couple of hours after the business hours of the customer company have come to an end for the day.
  • the employer has to be able to make sure that a worker has paid a visit to each site at a given time.
  • a similar situation occurs e.g. in security companies.
  • An object of the invention is to provide an apparatus for monitoring remote work, which apparatus produces information so as to enable a remote worker's visit to a given site at a given time to be verified.
  • the object of the invention is achieved by a monitoring apparatus which is characterized by what is disclosed in the independent claims.
  • Preferred embodiments of the invention are disclosed in the dependent claims.
  • a first aspect of the invention is a device for producing a time and location stamp, the device herein being called a "remote device" for short. Each remote work site is provided with a separate remote device.
  • Such a remote device includes: - means for producing time information; - means for producing direct or indirect location information; - means for producing cryptographic verification information, e.g. a certificate, on the basis of the time and location information so as to enable the time information and the location information to be decrypted from the cryptographic verification information.
  • Time information means that on the basis of a certificate produced by the apparatus, it is possible to determine the point in time at which a remote worker has paid a visit to a site.
  • the apparatus includes an internal clock circuit.
  • An alternative apparatus may include reception means for receiving external time information, delivered via a radio path, for instance. Time information resolution is preferably 1 to 5 minute(s). If the time information resolution is worse than this, the legal security of different different parties suffers.
  • time information is compact, which in this context means that time presentation information does not contain any unused bit combinations.
  • An example of non-compact time information is a conventional 24-hour expression of time. The hours may vary between 0 and 23, although two numerals could be used for indicating numerals 0 to 99. If the time information is non-compact, i.e. it includes unused bit combinations (such as hours 24 to 99), a set of formed certificates includes unused bit combinations in the same proportion.
  • a certificate can be kept very short, which makes the certificate easier to store by hand in particular.
  • An example of non-redundant time information is a running counter which measures time units, e.g. minutes, starting from some known point in time, e.g. since a start-up of the apparatus. If the starting time (date and time) of the running counter and the time unit used by the counter are known, it is a straightforward task to convert the time information into real time.
  • Location information means that on the basis of a certificate produced by a remote device, it is possible to determine that a remote worker has paid a visit to a site indicated by the location information. Location information may direct or indirect. Direct location information means that the location information indicates the location directly.
  • a monitoring apparatus may be provided with a positioning device, such as a GPS receiver, which indicates a location as geographical coordinates.
  • a positioning device such as a GPS receiver
  • a positioning device causes some problems.
  • positioning devices do not work indoors, which limits their use.
  • each remote device forms unique location information in plain text, e.g. "Acme Inc.”, which indicates the site.
  • a very simple implementation is one in which each remote device has a unique identifier, e.g. a serial number, and the provider of the remote work associates the unique identifiers with different remote work sites.
  • the location information can be determined from a unique identi- bomb on the basis of association only, e.g. by checking a table to see that location information "QV3N" corresponds with the location "Acme Inc.”.
  • the combined information contents of the time and location information should be small, no more than 50 bits.
  • a 31 -bit certificate can be presented using six characters, each one of which being a letter A to Z or a numeral 0 to 9.
  • the 31 bits can be used e.g. such that time information takes up 16 bits while location information (such as a device identifier) takes up 15 bits.
  • time information resolution is one minute
  • a period of a 16-bit time information is about 45 days.
  • a 15- bit device identifier enables 32 768 remote devices and as many remote work sites to be identified unambiguously.
  • the information contents of the certificate include no more than 36 bits, which can be distributed e.g. such that time information takes up 20 bits while location information takes up 16 bits.
  • a period of time information is about two years and the number of unique device identifiers (remote work sites) may be 65 536.
  • a 41 -bit certificate can be presented using eight letters or numerals.
  • a certificate consists of numeral characters only, e.g. because it is to be fed to a central system via a voice channel, using e.g. DTMF voices or speech recognition, preferred information contents of the certificate include 33 bits, which can be presented using 10 numeral characters.
  • the remote device includes means for producing verification information, e.g. a cryptographic certificate, on the basis of time information and location information such that the time information and the location information can be decrypted from the cryptographic certificate.
  • a cryptographic certificate means that without some secret information, e.g.
  • no certificate (information) can be produced that would indicate that a remote worker has paid a visit to a given site at a given time.
  • the time information and the location information being decryptable from the cryptographic certificate means that the cryptographic certificate has to be formed employing a lossless algorithm. For instance, a hash code calculated from a combination of time and location information does not alone qualify for the purpose since a plurality of time and location information combinations exist which produce the same hash code, as is well known.
  • the algorithm that produces the certificate thus has to be lossless, e.g. it must not lose information. Additionally, it is advantageous that the algorithm that produces the certificate should not increase the number of bits, since in some applications the remote worker writes the certificate by hand. Therefore, e.g.
  • DES Digital Encryption Standard
  • RSA Raster- Shamir-Adlemann
  • Another aspect of the invention is a central system for processing the above-described certificate, i.e. a combined time and location stamp.
  • the central system includes reception means for receiving a message containing a cryptographic certificate; and a decryption algorithm for decrypting the cryptographic certificate and for producing direct or indirect location information on the basis of the contents of the cryptographic certificate.
  • Figure 1 shows a principle of the invention
  • Figure 2 is a block diagram of a remote device which produces a certificate containing a time stamp and a location stamp
  • Figure 3 is a block diagram showing a central system.
  • Figure 1 shows a principle of the invention.
  • the main parts of the invention are a group of remote devices 100, only one of which is shown in Figure 1 , and a central system 130.
  • a cleaning person 120 works for a cleaning company 150.
  • the cleaning company 150 has made a contract with a customer company 110 for cleaning a remote work site 112.
  • Reference number 122 designates the cleaning person's identifier in terms of the cleaning company 150. In this example, the cleaning person's identifier is "8196".
  • the invention makes it possible to verify that the cleaning person 120 has paid a visit to the remote work site 112 at a given time. This takes place in the following manner.
  • the remote work site is provided with a remote device 100 according to the invention.
  • a certificate which has been produced by the remote device 100 and which includes a cryptographically formed combination of time and location information, is e.g. "QBV 5FK", which is designated by reference number 102.
  • the cleaning person stores this in a memory.
  • a certificate is "P8V LUY", which is designated by reference number 104.
  • the cleaning person also stores this certificate in the memory.
  • the latter certificate 104 is shown in brackets since the remote device 100 shows only one certificate at a time.
  • the cleaning person 120 sends the central system 130 a message 126 which contains the certificates 102 and 104 corresponding with the starting and ending moments of the cleaning process.
  • the message 126 directly or indirectly indicates the cleaning person's identifier 122 ("8196").
  • a direct indication means e.g. that the message 126 contains the cleaning person's identifier 122.
  • An indirect indication can mean e.g. that the central system identifies the message 126 on the basis of the communication channel used by the sender. If, for example, the message 126 is sent by a mobile station 124, e.g.
  • the central system 130 decrypts the time and location stamps from the certificate and sends the cleaning company 150 a report 140 to indicate that the cleaning person whose identifier is "8196" has been at the site 112 indicated by the location stamp at the points in time indicated by the time stamps, in this example on 12 March 2004 at 19:32 and 21 :04, i.e. for about 1.5 hours.
  • the cleaning company may inform the customer company 110 of this, as indicated by reference number 152.
  • the above-described principle can, of course, be modified in many different ways. For example, it is not always necessary to separately store the starting and ending moments of remote work, i.e.
  • the central system 130 is shown as a separate unit, but it may, of course, also be maintained by the cleaning company 150 itself. It is also feasible that messages 126, 140 and/or 152 are not sent on a regular basis but only when it is necessary to show that a visit has been paid to a remote work site 112 as agreed.
  • FIG 2 is a block diagram showing a remote device according to a preferred embodiment of the invention (reference 100 in Figure 1 ), which produces a certificate containing a time stamp and a location stamp.
  • the remote device is provided with a time generator 202, e.g. an internal real-time clock or a receiver circuit for receiving time conveyed via a radio path.
  • the remote device is preferably provided with a logic 204 for converting time into a compact presentation format. As was explained above, a compact presentation is one which contains no unused bit combinations (such as hours 24 to 99).
  • the remote device 100 includes no real-time clock, but a simple counter to count time units since a startup of the remote device 100.
  • a simple counter may be a separate device or, if the remote device 100 has been implemented by a microprocessor, the counter may be implemented such that the microprocessor is provided with interrupts and the counter is stepped by a service routine thereof.
  • Such time produced by a counter is automatically compact.
  • many microprocessors are already provided with such a time counter implemented by hardware or software, but a separate logic 204 for converting time into a compact presentation format may still be useful because although the time presentation produced by the time counter were compact (e.g.
  • Reference number 206 designates direct or indirect location information.
  • the location information 206 is simply the unique device identifier of the remote device 100, or a derivative thereof.
  • Reference number 208 relates to an embodiment of the invention. Namely, in order for a certificate to be as easy to be written by hand as possible, the time presentation should only contain a small number of bits, which means that the time presentation is periodical and a period is not very long. This involves the danger that a deceitful remote worker finds out that the certificates recur periodically. The certificates can be prevented from recurring periodically e.g.
  • a routine 204 detects that a time period has come to an end, this causes a device-specific identifier 208 to undergo a change 208.
  • the central system has to take this into account when the certificate is decrypted and the identifier of the remote device is determined.
  • the time presentation and the device-specific identifier are conveyed to a cryptographic algorithm 210, which produces a certificate 212.
  • the certificate is shown to the user, such as a cleaning person, e.g. on a display 216.
  • the remote device may, for instance, show the certificate in response to a press of a button.
  • activating the display only when necessary saves the battery or accumulator of the remote device.
  • Another advantage is that the continuous changing of the certificate being shown by the remote device may disturb workers for the customer company, and this disturbance is avoided by activat- ing the display of the remote device only when necessary.
  • Still another advantage is that a deceitful remote worker cannot e.g. arrange a camera to photograph the display and leave the remote work site his- or herself.
  • the indicator of user activity such as a press key, locks, i.e.
  • the certificate may be presented also in ways other than the visual one.
  • the certificate may be presented acoustically, e.g. as DTMF (Dual Tone Multi Frequency) voices, which are known from telephone technology and which the remote worker may store by means of a sound recorder, in which case the message 126 in Figure 1 might refer to presenting such a recording via a conventional voice call channel.
  • DTMF Dual Tone Multi Frequency
  • the certificate may be transferred to a memory device to be carried around by the remote worker, by utilizing infrared or local radio technology, e.g. by a Bluetooth interface, such that the memory device may be a mobile station or a handheld computer equipped with an infrared or a Bluetooth interface.
  • the remote device 100 can be implemented as a battery- operated separate device. An advantage of such an implementation is that it is easy to install. Series-produced microprocessors provided with a display and one card are available wherein software implementing the functionality of the invention can be implemented.
  • the device identifier 206 (or the initial value thereof if the identifier is increased, as shown by reference number 208) is installed in connection with installing the software e.g.
  • the remote device may be integrated into other office automation, such as a telephone, a time clock or the like.
  • office automation such as a telephone, a time clock or the like.
  • An advantage of such an implementation is that the procedure of changing batteries is omitted.
  • a particularly advantageous implementation is one wherein the operating power is normally derived from outside the device, e.g. from an electrical or telephone network, but when the external electricity supply fails, the remote device is powered by an internal battery.
  • Figure 3 is a block diagram showing a central system (reference 130 in Figure 1 ).
  • Reference number 302 shows reception means by which the central system receives a message containing a certificate 304, such as a short message 126 disclosed in connection with Figure 1.
  • the reception means 302 are preferably arranged to support a plurality of different communication channels, such as a short message or another mobile station data message, Internet connection, DTMF voice input, etc.
  • the certificate 304 is conveyed to a decryption algorithm 306, which decrypts the encryption of the cryptographic algorithm 210 of the remote device and produces time information 308 and location information, in this example presented by a device identifier 312.
  • the time information 308 is conveyed to a time information processing logic 310, whose implementation depends on the time presentation used by the remote device, as explained in connection with block 204.
  • the central system may convert it into real time, i.e. into a date and time.
  • the central system may, on the basis of a table 320, convert the device identifier into plain text, e.g. into the name of the remote work site.
  • the central system 130 is maintained by any one of the providers of the remote work, such as a service provider separate from the cleaning company 150, it could be assumed that the management of the provider 150 of the remote work is provided with the table 320 containing the names of the sites in plain text, and the service provider maintaining the central system only provides it with the device identifiers of the remote devices. [0035] In connection with reference number 208 of the remote device, an advantageous feature was described according to which every time the routine 204 detects that a time period has come to an end, this causes the device-specific identifier 206 to undergo a change 208 in order to avoid recurrence of certificates when the time period starts anew.
  • the central system has to take this into account when the certificate is decrypted and the identifier of the remote device is determined. If, for example, x complete time periods have elapsed since a start-up of the remote device, the device identifier 206 has been increased by x, which, of course, must be subtracted in order to find out the correct device-specific identifier.
  • This function of the central system is designated by reference numbers 314 and 316.
  • Reference number 318 designates reporting of time and location stamps derived from the decrypted certificate, which may take place by means of any appropriate technology, e.g. electrically or on a piece of paper.

Abstract

An apparatus for monitoring remote work, such as cleaning. A cleaning person (120) at a remote work site (112) reads a certificate (102, 104) from a remote device (100). He or she sends a central system (130) a message (126) containing the certificate (102, 104) and also indicating the cleaning person's identifier (122). The central system (130) decrypts time and location stamps from the certificate and sends a cleaning company (150) a report (140) indicating that the cleaning person whose identifier (122) is '8196' has paid a visit to the site (112) indicated by the location stamp at the points in time indicated by the time stamps. The cleaning company (150) may send a report (152) about this to a customer company (110).

Description

APPARATUS FOR MONITORING REMOTE WORK
BACKGROUND OF THE INVENTION [0001] The invention relates to monitoring working hours at sites to which a remote worker is to pay a visit on a regular basis and the visit is to be verified. [0002] For instance, workers for a cleaning company pay a visit to clean the premises of their employer's customer, on a regular basis. Typically, the cleaning takes place once per workday, usually a couple of hours after the business hours of the customer company have come to an end for the day. The employer has to be able to make sure that a worker has paid a visit to each site at a given time. A similar situation occurs e.g. in security companies.
BRIEF DESCRIPTION OF THE INVENTION [0003] An object of the invention is to provide an apparatus for monitoring remote work, which apparatus produces information so as to enable a remote worker's visit to a given site at a given time to be verified. The object of the invention is achieved by a monitoring apparatus which is characterized by what is disclosed in the independent claims. Preferred embodiments of the invention are disclosed in the dependent claims. [0004] A first aspect of the invention is a device for producing a time and location stamp, the device herein being called a "remote device" for short. Each remote work site is provided with a separate remote device. Such a remote device includes: - means for producing time information; - means for producing direct or indirect location information; - means for producing cryptographic verification information, e.g. a certificate, on the basis of the time and location information so as to enable the time information and the location information to be decrypted from the cryptographic verification information. [0005] Time information means that on the basis of a certificate produced by the apparatus, it is possible to determine the point in time at which a remote worker has paid a visit to a site. According to an embodiment, the apparatus includes an internal clock circuit. An alternative apparatus may include reception means for receiving external time information, delivered via a radio path, for instance. Time information resolution is preferably 1 to 5 minute(s). If the time information resolution is worse than this, the legal security of different different parties suffers. If, again, the time information resolution is better than one minute, the length of the certificate increases unnecessarily. This is a drawback particularly in applications where the remote worker writes the certificate by hand. [0006] According to an embodiment, time information is compact, which in this context means that time presentation information does not contain any unused bit combinations. An example of non-compact time information is a conventional 24-hour expression of time. The hours may vary between 0 and 23, although two numerals could be used for indicating numerals 0 to 99. If the time information is non-compact, i.e. it includes unused bit combinations (such as hours 24 to 99), a set of formed certificates includes unused bit combinations in the same proportion. If, again, the time information is compact, a certificate can be kept very short, which makes the certificate easier to store by hand in particular. An example of non-redundant time information is a running counter which measures time units, e.g. minutes, starting from some known point in time, e.g. since a start-up of the apparatus. If the starting time (date and time) of the running counter and the time unit used by the counter are known, it is a straightforward task to convert the time information into real time. [0007] Location information means that on the basis of a certificate produced by a remote device, it is possible to determine that a remote worker has paid a visit to a site indicated by the location information. Location information may direct or indirect. Direct location information means that the location information indicates the location directly. For instance, a monitoring apparatus may be provided with a positioning device, such as a GPS receiver, which indicates a location as geographical coordinates. However, such a positioning device causes some problems. First, positioning devices do not work indoors, which limits their use. Second, they consume a large amount of current. Third, location information expressed as geographical coordinates requires a large number of bits, which, in turn, increases the length of the certificate. [0008] Alternatively, each remote device forms unique location information in plain text, e.g. "Acme Inc.", which indicates the site. A very simple implementation is one in which each remote device has a unique identifier, e.g. a serial number, and the provider of the remote work associates the unique identifiers with different remote work sites. This is called indirect location information since the location information can be determined from a unique identi- fier on the basis of association only, e.g. by checking a table to see that location information "QV3N" corresponds with the location "Acme Inc.". [0009] In order to enable a certificate to be written by hand when necessary, it is advantageous that the combined information contents of the time and location information should be small, no more than 50 bits. For instance, a 31 -bit certificate can be presented using six characters, each one of which being a letter A to Z or a numeral 0 to 9. The 31 bits can be used e.g. such that time information takes up 16 bits while location information (such as a device identifier) takes up 15 bits. If the time information resolution is one minute, a period of a 16-bit time information is about 45 days. Similarly, a 15- bit device identifier enables 32 768 remote devices and as many remote work sites to be identified unambiguously. [0010] If, again, it is accepted that a certificate can be presented using seven letters or numerals, the information contents of the certificate include no more than 36 bits, which can be distributed e.g. such that time information takes up 20 bits while location information takes up 16 bits. In such a case, with a one-minute resolution, a period of time information is about two years and the number of unique device identifiers (remote work sites) may be 65 536. Similarly, a 41 -bit certificate can be presented using eight letters or numerals. [0011] If, again, a certificate consists of numeral characters only, e.g. because it is to be fed to a central system via a voice channel, using e.g. DTMF voices or speech recognition, preferred information contents of the certificate include 33 bits, which can be presented using 10 numeral characters. [0012] In addition to the means for producing time and location information, the remote device includes means for producing verification information, e.g. a cryptographic certificate, on the basis of time information and location information such that the time information and the location information can be decrypted from the cryptographic certificate. A cryptographic certificate means that without some secret information, e.g. an encryption key, no certificate (information) can be produced that would indicate that a remote worker has paid a visit to a given site at a given time. The time information and the location information being decryptable from the cryptographic certificate means that the cryptographic certificate has to be formed employing a lossless algorithm. For instance, a hash code calculated from a combination of time and location information does not alone qualify for the purpose since a plurality of time and location information combinations exist which produce the same hash code, as is well known. The algorithm that produces the certificate thus has to be lossless, e.g. it must not lose information. Additionally, it is advantageous that the algorithm that produces the certificate should not increase the number of bits, since in some applications the remote worker writes the certificate by hand. Therefore, e.g. DES (Digital Encryption Standard) or RSA (Rivest- Shamir-Adlemann) algorithms, which are well known in the field, do not suit the purpose, at least not very well. For example, DES requires that the minimum length of material to be encoded in one go should be 64 bits, the presentation of which requiring e.g. 20 decimal numbers. Such a certificate would be im- practically long to be written by hand. An RSA algorithm is also problematic in that the certificate would be longer than required by the time and location information combination. A feasible algorithm for producing a cryptographic certificate is set forth in reference 1 by the name "Madryga". It is, however, preferable that the algorithm used is not exactly identical to the one set forth in reference 1 , but that the algorithm itself or some parameters thereof has/have been changed so as to make the certificates more difficult to forge. [0013] Another aspect of the invention is a central system for processing the above-described certificate, i.e. a combined time and location stamp. The central system includes reception means for receiving a message containing a cryptographic certificate; and a decryption algorithm for decrypting the cryptographic certificate and for producing direct or indirect location information on the basis of the contents of the cryptographic certificate.
BRIEF DESCRIPTION OF THE DRAWINGS [0014] The invention is now described in closer detail in connection with the preferred embodiments and with reference to the accompanying drawings, in which [0015] Figure 1 shows a principle of the invention; [0016] Figure 2 is a block diagram of a remote device which produces a certificate containing a time stamp and a location stamp; and [0017] Figure 3 is a block diagram showing a central system.
DETAILED DESCRIPTION OF THE INVENTION [0018] Figure 1 shows a principle of the invention. The main parts of the invention are a group of remote devices 100, only one of which is shown in Figure 1 , and a central system 130. For the sake of illustration, it is assumed that the remote work is cleaning, but naturally the invention is not restricted thereto. A cleaning person 120 works for a cleaning company 150. The cleaning company 150 has made a contract with a customer company 110 for cleaning a remote work site 112. Reference number 122 designates the cleaning person's identifier in terms of the cleaning company 150. In this example, the cleaning person's identifier is "8196". [0019] The invention makes it possible to verify that the cleaning person 120 has paid a visit to the remote work site 112 at a given time. This takes place in the following manner. The remote work site is provided with a remote device 100 according to the invention. When the cleaning person enters the remote work site 112, a certificate, which has been produced by the remote device 100 and which includes a cryptographically formed combination of time and location information, is e.g. "QBV 5FK", which is designated by reference number 102. The cleaning person stores this in a memory. When the cleaning person leaves the remote work site 112, a certificate is "P8V LUY", which is designated by reference number 104. The cleaning person also stores this certificate in the memory. The latter certificate 104 is shown in brackets since the remote device 100 shows only one certificate at a time. After the cleaning has come to an end, the cleaning person 120 sends the central system 130 a message 126 which contains the certificates 102 and 104 corresponding with the starting and ending moments of the cleaning process. In addition, the message 126 directly or indirectly indicates the cleaning person's identifier 122 ("8196"). A direct indication means e.g. that the message 126 contains the cleaning person's identifier 122. An indirect indication can mean e.g. that the central system identifies the message 126 on the basis of the communication channel used by the sender. If, for example, the message 126 is sent by a mobile station 124, e.g. as a short message, the number of the mobile station can be read in the identification information of the short message. [0020] The central system 130 decrypts the time and location stamps from the certificate and sends the cleaning company 150 a report 140 to indicate that the cleaning person whose identifier is "8196" has been at the site 112 indicated by the location stamp at the points in time indicated by the time stamps, in this example on 12 March 2004 at 19:32 and 21 :04, i.e. for about 1.5 hours. The cleaning company may inform the customer company 110 of this, as indicated by reference number 152. [0021] The above-described principle can, of course, be modified in many different ways. For example, it is not always necessary to separately store the starting and ending moments of remote work, i.e. the certificates 102 and 104, but one certificate per visit will suffice. This applies particularly to security work, wherein a visit to a site is usually a very short one. On the other hand, if it is to be ensured that a remote worker has really spent the entire time at a particular site, several certificates may be stored for each visit. [0022] In Figure 1 , the central system 130 is shown as a separate unit, but it may, of course, also be maintained by the cleaning company 150 itself. It is also feasible that messages 126, 140 and/or 152 are not sent on a regular basis but only when it is necessary to show that a visit has been paid to a remote work site 112 as agreed. In such a case, the cleaning person 120, for instance, may simply write down the certificates on a piece of paper for a potential later use. [0023] Figure 2 is a block diagram showing a remote device according to a preferred embodiment of the invention (reference 100 in Figure 1 ), which produces a certificate containing a time stamp and a location stamp. The remote device is provided with a time generator 202, e.g. an internal real-time clock or a receiver circuit for receiving time conveyed via a radio path. The remote device is preferably provided with a logic 204 for converting time into a compact presentation format. As was explained above, a compact presentation is one which contains no unused bit combinations (such as hours 24 to 99). [0024] According to an embodiment, the remote device 100 includes no real-time clock, but a simple counter to count time units since a startup of the remote device 100. Such a counter may be a separate device or, if the remote device 100 has been implemented by a microprocessor, the counter may be implemented such that the microprocessor is provided with interrupts and the counter is stepped by a service routine thereof. Such time produced by a counter is automatically compact. [0025] As is well known to those skilled in digital technology, many microprocessors are already provided with such a time counter implemented by hardware or software, but a separate logic 204 for converting time into a compact presentation format may still be useful because although the time presentation produced by the time counter were compact (e.g. xxx time units since a start-up of the system), the programming language or operating system supported by the microprocessor may return the time only in a 24-hour presen- tation format, which is not compact. In other words, no direct access exists via the application program executed in the microprocessor to the compact time counter but the contents of the time counter may be read e.g. through a TIME function, which returns the contents of the time counter in a non-compact 24- hour presentation format. [0026] Reference number 206 designates direct or indirect location information. In this example, the location information 206 is simply the unique device identifier of the remote device 100, or a derivative thereof. If the identifier 206 is the unique identifier of the remote device 100, it indicates the location of the remote device indirectly such that the central system 130 or the cleaning company 150 maintains information on the installation sites of different remote devices, as shown by table 320 in Figure 3. [0027] Reference number 208 relates to an embodiment of the invention. Namely, in order for a certificate to be as easy to be written by hand as possible, the time presentation should only contain a small number of bits, which means that the time presentation is periodical and a period is not very long. This involves the danger that a deceitful remote worker finds out that the certificates recur periodically. The certificates can be prevented from recurring periodically e.g. such that when a routine 204 detects that a time period has come to an end, this causes a device-specific identifier 208 to undergo a change 208. Naturally, the central system has to take this into account when the certificate is decrypted and the identifier of the remote device is determined. [0028] The time presentation and the device-specific identifier are conveyed to a cryptographic algorithm 210, which produces a certificate 212. The certificate is shown to the user, such as a cleaning person, e.g. on a display 216. [0029] In certain applications, it is preferable if the remote device presents the certificate to the user only in response to some user activity, which is detected by a user activity detector 214. The remote device may, for instance, show the certificate in response to a press of a button. This provides several advantages. In an accumulator- or battery-operated remote device, for example, activating the display only when necessary saves the battery or accumulator of the remote device. Another advantage is that the continuous changing of the certificate being shown by the remote device may disturb workers for the customer company, and this disturbance is avoided by activat- ing the display of the remote device only when necessary. Still another advantage is that a deceitful remote worker cannot e.g. arrange a camera to photograph the display and leave the remote work site his- or herself. Furthermore, it is advantageous if the indicator of user activity, such as a press key, locks, i.e. freezes, the certificate for long enough such that it is easy to write down the certificate e.g. on a piece of paper or as a short message on a mobile station. [0030] The certificate may be presented also in ways other than the visual one. Instead of a visual display, or in addition thereto, the certificate may be presented acoustically, e.g. as DTMF (Dual Tone Multi Frequency) voices, which are known from telephone technology and which the remote worker may store by means of a sound recorder, in which case the message 126 in Figure 1 might refer to presenting such a recording via a conventional voice call channel. In such a case, it is advantageous that the certificate is presentable as numeral characters only. According to still another alternative, the certificate may be transferred to a memory device to be carried around by the remote worker, by utilizing infrared or local radio technology, e.g. by a Bluetooth interface, such that the memory device may be a mobile station or a handheld computer equipped with an infrared or a Bluetooth interface. [0031] The remote device 100 can be implemented as a battery- operated separate device. An advantage of such an implementation is that it is easy to install. Series-produced microprocessors provided with a display and one card are available wherein software implementing the functionality of the invention can be implemented. The device identifier 206 (or the initial value thereof if the identifier is increased, as shown by reference number 208) is installed in connection with installing the software e.g. such that the software of each remote device is provided with one device-specific data row wherefrom the identifier is read. [0032] Instead of a battery-operated separate device, the remote device may be integrated into other office automation, such as a telephone, a time clock or the like. An advantage of such an implementation is that the procedure of changing batteries is omitted. A particularly advantageous implementation is one wherein the operating power is normally derived from outside the device, e.g. from an electrical or telephone network, but when the external electricity supply fails, the remote device is powered by an internal battery. [0033] Figure 3 is a block diagram showing a central system (reference 130 in Figure 1 ). Reference number 302 shows reception means by which the central system receives a message containing a certificate 304, such as a short message 126 disclosed in connection with Figure 1. The reception means 302 are preferably arranged to support a plurality of different communication channels, such as a short message or another mobile station data message, Internet connection, DTMF voice input, etc. The certificate 304 is conveyed to a decryption algorithm 306, which decrypts the encryption of the cryptographic algorithm 210 of the remote device and produces time information 308 and location information, in this example presented by a device identifier 312. The time information 308 is conveyed to a time information processing logic 310, whose implementation depends on the time presentation used by the remote device, as explained in connection with block 204. If, for example, the remote device produces a compact time presentation, the central system may convert it into real time, i.e. into a date and time. [0034] If the location information is represented by the device identifier 312 of the remote device (having the same contents as the identifier 206 in Figure 2), the central system may, on the basis of a table 320, convert the device identifier into plain text, e.g. into the name of the remote work site. If the central system 130 is maintained by any one of the providers of the remote work, such as a service provider separate from the cleaning company 150, it could be assumed that the management of the provider 150 of the remote work is provided with the table 320 containing the names of the sites in plain text, and the service provider maintaining the central system only provides it with the device identifiers of the remote devices. [0035] In connection with reference number 208 of the remote device, an advantageous feature was described according to which every time the routine 204 detects that a time period has come to an end, this causes the device-specific identifier 206 to undergo a change 208 in order to avoid recurrence of certificates when the time period starts anew. If the remote device has been implemented with such a feature, the central system has to take this into account when the certificate is decrypted and the identifier of the remote device is determined. If, for example, x complete time periods have elapsed since a start-up of the remote device, the device identifier 206 has been increased by x, which, of course, must be subtracted in order to find out the correct device-specific identifier. This function of the central system is designated by reference numbers 314 and 316. [0036] Reference number 318 designates reporting of time and location stamps derived from the decrypted certificate, which may take place by means of any appropriate technology, e.g. electrically or on a piece of paper. [0037] It is apparent to one skilled in the art that as technology advances, the basic idea of the invention can be implemented in many different ways. The invention and its embodiments are thus not restricted to the above examples but may vary within the scope of the claims.
References 1. Schneier, Bruce: "Applied Cryptography", John Wiley and Sons, ISBN 0-471-11709-9, second edition, pp. 304 to 306. Reference 1 is incorporated in the present application by reference.

Claims

CLAIMS 1. A device (100) for monitoring remote work, characterized in that the device includes: - means (202, 204) for producing time information; - means (206) for producing direct or indirect location information; - means (210) for producing a cryptographic certificate (102, 104, 212) on the basis of the time information and the location information so as to enable the time information and the location information to be decrypted from the cryptographic certificate. 2. A device as claimed in claim 1, characterized in that the time information is compact. 3. A device as claimed in claim 1 or 2, characterized in that it includes certificate presentation means (216) for presenting the certificate. 4. A device as claimed in claim 3, characterized in that it includes user activity detection means (214) configured to activate the certificate presentation means (216) for a predetermined period of time. 5. A device as claimed in claim 4, characterized in that the user activity detection means (214) are configured to freeze the certificate presentation means (216) for a predetermined period of time. 6. A device as claimed in any one of the preceding claims, characterized in that the time information is periodical, and the device includes means (208) for changing the location information per each period of the time information. 7. A device as claimed in any one of the preceding claims, characterized in that the information contents of the certificate include no more than 50 bits. 8. A device as claimed in any one of the preceding claims, characterized in that it is accumulator- or battery-operated. 9. A central system (130) for monitoring remote work, characterized in that the central system includes: - reception means (302) for receiving a message (126) containing a cryptographic certificate (304); and - a decryption algorithm (306) for decrypting the cryptographic certificate (304) and for producing time information (308) and direct or indirect lo- cation information (312) on the basis of the contents of the cryptographic certificate (304). 10. A central system as claimed in claim 9, characterized in that it includes means for receiving the certificate via a voice channel.
PCT/FI2005/050095 2004-03-22 2005-03-18 Apparatus for monitoring remote work WO2005091230A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20045090 2004-03-22
FI20045090A FI20045090A (en) 2004-03-22 2004-03-22 Monitoring device for teleworking

Publications (1)

Publication Number Publication Date
WO2005091230A1 true WO2005091230A1 (en) 2005-09-29

Family

ID=32039518

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2005/050095 WO2005091230A1 (en) 2004-03-22 2005-03-18 Apparatus for monitoring remote work

Country Status (2)

Country Link
FI (1) FI20045090A (en)
WO (1) WO2005091230A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2490718A (en) * 2011-05-12 2012-11-14 Degould Ltd An attendance device
FR2979731A1 (en) * 2011-09-06 2013-03-08 Electricite De France METHOD AND SYSTEM FOR DIGITAL CERTIFICATION OF THE ASSOCIATION BETWEEN AN ENTITY AND A PLACE
GB2503454A (en) * 2012-06-26 2014-01-01 Acclaimed Security Ltd A patrol logging system
GB2509957A (en) * 2013-01-18 2014-07-23 Daniel George Gould A device to be used to confirm attendance
EP3203444A1 (en) * 2016-01-08 2017-08-09 Getraline Local tracking unit for maintenance of a device and method for validating a mission for intervention on the device
US10911946B2 (en) 2017-01-04 2021-02-02 Getraline Local unit for monitoring the maintenance of an item of equipment and method for the validation of a task on the item of equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4857883A (en) * 1985-08-23 1989-08-15 Amano Corporation Call device-attached patrol recorder
FR2763723A1 (en) * 1997-05-20 1998-11-27 Himalaya DEVICE FOR IDENTIFYING AND LOCATING A PERSON
DE10209792A1 (en) * 2002-03-01 2003-09-11 Gerald Merkel Control and monitoring system, e.g. for acquisition of time related event data, e.g. stopping times, work times, etc. for when personnel are using vehicles, machinery, etc., which ensures collected data cannot be falsified
WO2004025575A1 (en) * 2002-09-15 2004-03-25 Magnus Maurex Method for position notification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4857883A (en) * 1985-08-23 1989-08-15 Amano Corporation Call device-attached patrol recorder
FR2763723A1 (en) * 1997-05-20 1998-11-27 Himalaya DEVICE FOR IDENTIFYING AND LOCATING A PERSON
DE10209792A1 (en) * 2002-03-01 2003-09-11 Gerald Merkel Control and monitoring system, e.g. for acquisition of time related event data, e.g. stopping times, work times, etc. for when personnel are using vehicles, machinery, etc., which ensures collected data cannot be falsified
WO2004025575A1 (en) * 2002-09-15 2004-03-25 Magnus Maurex Method for position notification

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2490718A (en) * 2011-05-12 2012-11-14 Degould Ltd An attendance device
FR2979731A1 (en) * 2011-09-06 2013-03-08 Electricite De France METHOD AND SYSTEM FOR DIGITAL CERTIFICATION OF THE ASSOCIATION BETWEEN AN ENTITY AND A PLACE
WO2013034860A1 (en) * 2011-09-06 2013-03-14 Electricite De France Method and system of digitally certifying the association between an entity and a place
US9344428B2 (en) 2011-09-06 2016-05-17 Electricite De France Method and system for digitally certifying the association between an entity and a place
GB2503454A (en) * 2012-06-26 2014-01-01 Acclaimed Security Ltd A patrol logging system
GB2509957A (en) * 2013-01-18 2014-07-23 Daniel George Gould A device to be used to confirm attendance
WO2014111725A2 (en) * 2013-01-18 2014-07-24 Gould Daniel George An attendance device
WO2014111725A3 (en) * 2013-01-18 2014-12-18 Gould Daniel George An attendance device
GB2509957B (en) * 2013-01-18 2016-04-06 Daniel George Gould An attendance device
EP3203444A1 (en) * 2016-01-08 2017-08-09 Getraline Local tracking unit for maintenance of a device and method for validating a mission for intervention on the device
US10911946B2 (en) 2017-01-04 2021-02-02 Getraline Local unit for monitoring the maintenance of an item of equipment and method for the validation of a task on the item of equipment

Also Published As

Publication number Publication date
FI20045090A0 (en) 2004-03-22
FI20045090A (en) 2005-09-23

Similar Documents

Publication Publication Date Title
JP3558488B2 (en) Cryptographic communication system
US20070257813A1 (en) Secure network bootstrap of devices in an automatic meter reading network
WO2005091230A1 (en) Apparatus for monitoring remote work
US9667444B2 (en) Data transmission and reception system with accurate time information
US20020104004A1 (en) Method and apparatus for synchronizing real-time clocks of time stamping cryptographic modules
JP5090066B2 (en) Data storage device, management server, integrated circuit, data update system, home appliance, data update method, encryption method, and encryption / decryption key generation method
RU2008133798A (en) NETWORK SECURITY SYSTEM AND METHOD OF ITS APPLICATION
CN101019371A (en) Time authentication device, time authentication method, computer program, recording medium, integrated circuit, and time authentication system
CN103827636A (en) System and method to manage utility meter communications
KR20090012546A (en) Apparatus and method for authentication using mobilephone card
CN105246061A (en) Service terminal of mobile communication service
CN110866261A (en) Data processing method and device based on block chain and storage medium
CA2557971A1 (en) System and method for session provision
CN106209373A (en) Key generation system, data stamped signature and encryption system and method
WO2014111725A2 (en) An attendance device
CN110570197B (en) Data processing method and device based on block chain
US20090009359A1 (en) Method of Monitoring Commodity Consumption
CN101960775A (en) Be used to distribute the method and system of the sequence number that carries unique information and multidate information
CN103731827B (en) A kind of hand-held audio communication device and method for electronic certificate authentication
US20020184157A1 (en) Method and apparatus for registering a usage value of commodity
JP2006059283A (en) Testament document management system
GB2490718A (en) An attendance device
JPH1021302A (en) User's information collecting system
JP4854210B2 (en) Thermal power generation operation management system
CN114064354A (en) Double-interface independent backup data storage module and electronic instrument analysis processing method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase