阅读说明：本技术 通过服务消费者设备提供对锁的访问 (Providing access to a lock through a service consumer device ) 是由 斯特凡·斯特伦贝里 肯尼斯·佩尔尼尔 索纳·辛格 于 2017-12-06 设计创作，主要内容包括：本发明公开了通过服务消费者设备提供对锁的访问。公开了一种用于提供对锁的访问以便提供服务的方法,所述锁与服务消费者相关联,该方法在服务消费者设备中执行并且包括以下步骤：接收访问所述锁的请求,所述请求基于所述服务消费者订购需要访问由所述锁保护的物理空间的服务；向所述服务消费者呈现第一消费者询问,询问是否准许要提供服务的服务提供商代理访问所述锁；接收指示所述服务消费者允许所述服务提供商代理访问由所述锁保护的物理空间的第一肯定消费者响应；以及向协调器委托对所述锁的访问,使得能够进一步向所述服务提供商代理委托对所述锁的访问。(The invention discloses providing access to a lock by a service consumer device. A method is disclosed for providing access to a lock for providing a service, the lock being associated with a service consumer, the method being performed in a service consumer device and comprising the steps of: receiving a request to access the lock, the request based on the service consumer ordering a service requiring access to a physical space protected by the lock; presenting a first consumer query to the service consumer asking whether a service provider agent to provide a service is granted access to the lock; receiving a first positive consumer response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock; and delegating access to the lock to a coordinator such that access to the lock can be further delegated to the service provider proxy.)

1. A method for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the method being performed in a service consumer device (4) and comprising the steps of:

receiving (40) a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (16) protected by the lock;

presenting (42) a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving (44) a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (16) protected by the lock; and

delegating (50) access to the lock to a coordinator such that access to the lock can be further delegated to the service provider agent.

2. The method of claim 1, wherein the step of delegating (50) access comprises delegating access only for a predetermined time.

3. The method of claim 1 or 2, wherein the request comprises a first public key of the coordinator; and wherein the step of delegating (50) comprises generating a delegation based on the first public key.

4. The method according to any of the preceding claims, further comprising the step of:

presenting (48) a second consumer query to the service consumer (2) asking whether the service provider agent to provide the service is granted access to the lock (10); and

receiving (49) a second positive response indicating that the service consumer (2) allows the service provider agent to access the physical space (16) protected by the lock;

wherein the step of delegating (50) access is performed only if the second positive response has been received.

5. The method according to claim 4, wherein the step of delegating (50) access is still performed when there is no response to the second consumer request.

6. The method according to claim 4, wherein the step of delegating (50) access is prevented from being performed when there is no response to the second consumer request.

7. The method according to any of claims 4 to 6, wherein the step of presenting (48) a second consumer request is performed only at a configured time before the service provider agent is required to access the lock (10).

8. The method according to any of claims 4 to 7, wherein the step of presenting (48) a second consumer request is performed only when a signal is received indicating that the service provider agent is within a configured distance from the lock (10).

9. The method according to any of the preceding claims, wherein for rendering a service by the service provider agent, the method is repeated except for the steps of presenting (42) a first consumer query and receiving (44) a first positive consumer response.

10. A service consumer device (4) for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the service consumer device (4) comprising:

a processor (60); and

a memory (64) storing instructions (67) that, when executed by the processor, cause the service consumer device (4) to:

receiving a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (16) protected by the lock;

presenting a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (16) protected by the lock; and

delegating access to the lock to a coordinator such that access to the lock can be further delegated to the service provider agent.

11. The service consumer device (4) as claimed in claim 10, wherein the instructions for delegating access comprise instructions (67) that, when executed by the processor, cause the service consumer device (4) to: access is granted only for a predetermined time.

12. The service consumer device (4) according to claim 10 or 11, wherein the request comprises a first public key of the coordinator; and wherein the instructions for delegating comprise instructions (67) that, when executed by the processor, cause the service consumer device (4) to: generating a delegate based on the first public key.

13. The service consumer device (4) as claimed in claim 10 or 12, further comprising instructions (67) which, when executed by the processor, cause the service consumer device (4) to:

presenting a second consumer query to the service consumer (2) asking whether the service provider agent to provide the service is granted access to the lock (10);

receiving a second positive response indicating that the service consumer (2) allows the service provider agent to access a physical space (16) protected by the lock; and

executing the instruction to delegate access only when the second positive response has been received.

14. A computer program (67, 91) for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the computer program comprising computer program code which, when run on a service consumer device (4), causes the service consumer device (4) to:

receiving a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (16) protected by the lock;

presenting a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (16) protected by the lock; and

delegating access to the lock to a coordinator such that access to the lock can be further delegated to the service provider agent.

15. A computer program product (64, 90) comprising a computer program according to claim 14 and a computer readable means on which the computer program is stored.

Technical Field

The present invention relates to a method, a service consumer device, a computer program and a computer program product for providing a service provider with access to a lock.

Background

Locks and keys have evolved from traditional purely mechanical locks. Electronic locks are becoming more and more popular today. For electronic locks, a mechanical key profile is not required for authentication of the user. The electronic lock can be unlocked, for example, using an electronic key stored on a special carrier (buckle, card, etc.) or in a smartphone. The electronic key and the electronic lock may communicate, for example, via a wireless interface. Such electronic locks provide a number of benefits, including increased flexibility in access rights management, audit trails, key management, and the like.

When an owner or user of such an electronic lock consumes a service, the person is referred to herein as a service consumer. The service may be any service that the person performing the service needs the electronic lock to be opened. For example, the service may be delivery of a product, a cleaning service, a builder/plumber/electrician, and so forth. In order to be able to consume the service, the service consumer therefore needs to provide access to the service provider using the electronic lock.

US 2015/0371468 a1 proposes a storage container for storing postal items, the container comprising: a container having a door; a locking device for locking the door; code input means for inputting a code to unlock the locking means; a weighing device for measuring the weight of the contents within the container; and a communication device for communicating the measured weight of the contents when the door is locked, wherein a code for unlocking the locking device varies with time. The proposed storage container is limited to providing access for delivery only. Such a solution is not suitable for general service access.

Disclosure of Invention

The aim is to provide a solution for providing access to locks that is applicable to all types of services.

According to a first aspect, a method for providing access to a lock for providing a service, the lock being associated with a service consumer is presented. The method is performed in a service consumer device and comprises the steps of: receiving a request to access a lock, the request based on a service consumer ordering a service requiring access to a physical space protected by the lock, the request including a first public key associated with a coordinator and a second public key associated with a service provider agent; presenting a first consumer query to the service consumer asking whether to grant access to the lock to a service provider agent that is to provide the service; receiving a first positive consumer response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock; and delegating access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

The step of delegating access may include delegating access only for a predetermined time.

The method may further comprise the steps of: presenting a second consumer query to the service consumer asking whether to grant access to the lock to a service provider agent that is to provide the service; and receiving a second positive response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock. In this case, the step of delegating access is performed only when the second positive response has been received.

The step of delegating access may still be performed when there is no response to the second consumer request.

The step of delegating access may be prevented from being performed when there is no response to the second consumer request.

In one embodiment, the step of sending the second consumer request is performed only at a configured time before the service provider agent is required to access the lock.

In one embodiment, the step of sending the second consumer request is performed only if a signal is received indicating that the service provider agent is within a configured distance from the lock.

The method may be repeated for rendering of the service by the service provider agent, except for the steps of presenting the first consumer query and receiving the first positive consumer response.

According to a second aspect, a service consumer device for providing access to a lock for providing a service is presented, the lock being associated with a service consumer. The service consumer device includes: a processor; and a memory storing instructions that, when executed by the processor, cause the service consumer device to: receiving a request to access a lock, the request based on a service consumer ordering a service requiring access to a physical space protected by the lock, the request including a first public key associated with a coordinator and a second public key associated with a service provider agent; presenting a first consumer query to the service consumer asking whether to grant access to the lock to a service provider agent that is to provide the service; receiving a first positive consumer response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock; and delegating access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

The instructions for delegating access may include instructions that, when executed by the processor, cause the service consumer device to: access is granted only for a predetermined time.

The service consumer device further includes instructions that, when executed by the processor, cause the service consumer device to: presenting a second consumer query to the service consumer asking whether to grant access to the lock to a service provider agent that is to provide the service; receiving a second positive response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock; and executing the instruction to delegate access only if the second positive response has been received.

According to a third aspect, a computer program for providing access to a lock for providing a service is presented, the lock being associated with a service consumer. The computer program comprises computer program code which, when run on the service consumer device, causes the service consumer device to: receiving a request to access a lock, the request based on a service consumer ordering a service requiring access to a physical space protected by the lock, the request including a first public key associated with a coordinator and a second public key associated with a service provider agent; presenting a first consumer query to the service consumer asking whether to grant access to the lock to a service provider agent that is to provide the service; receiving a first positive consumer response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock; and delegating access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

According to a fourth aspect, a computer program product is presented, comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.

In general, all terms used in the claims should be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a)/an/the element, device, component, means, step, etc" are to be interpreted openly as referring to at least one instance of the element, device, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.

Drawings

The invention will now be described, by way of example, with reference to the accompanying drawings, in which:

FIG. 1 is a schematic diagram illustrating an environment in which embodiments presented herein may be applied;

fig. 2 is a sequence diagram showing communication in an example of providing a service in the environment of fig. 1;

FIG. 3 is a flow diagram illustrating an embodiment of a method for providing access to a lock to provide a service;

FIG. 4 is a schematic diagram showing components of the service consumer device of FIG. 1; and

fig. 5 illustrates one example of a computer program product comprising computer readable means.

Detailed Description

The present invention now will be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like reference numerals refer to like elements throughout the specification.

Fig. 1 is a schematic diagram illustrating an environment in which embodiments presented herein may be applied. Access to the physical space 16 is limited by a selectively unlockable physical barrier 15. The barrier 15 may be a door, gate, hatch, cabinet door, drawer, window, etc. The physical barrier 15 is disposed in the surrounding physical structure (walls, fences, ceilings, floors, etc.) and is located between the confined physical space 16 and the accessible physical space 14. Note that the accessible physical space 14 may itself be a restricted physical space, but with respect to the physical barrier 15, the accessible physical space 14 is accessible. In order to control the locked or unlocked state of the barrier 15, a lock 10 is provided.

The owner or user of lock 10 is represented herein as service consumer 2. The service consumer carries a service consumer device 4, the service consumer device 4 being a portable electronic device, such as a smartphone, mobile phone, tablet computer, laptop computer, or the like.

The lock 10 is an electronic lock that is capable of communicating with the service consumer device 4. The service consumer device 4 may in turn be connected or connectable to a plurality of similar locks, but not necessarily to a plurality of similar locks. The service consumer device 1 may configure the lock 10, for example, by adding and/or removing credentials that will be allowed to have access. This may be configured directly in the lock 10 or by delegating the right to access the lock according to credentials in the service consumer device. The lock 10 is an electronic lock and may be opened using a non-mechanical credential. For example, the credential may be an electronic key, and may be implemented as part of a mobile phone, smartphone, key fob, wearable device, smartphone case, access card, electronic physical key, or the like. The electronic key may communicate with the lock 10 via a wired or wireless interface, for example, using bluetooth, Bluetooth Low Energy (BLE), any IEEE 802.15 standard, Radio Frequency Identification (RFID), Near Field Communication (NFC).

There is also a service provider server 3 controlled by the service provider. The service provider may be, for example, a delivery company, a cleaning company, a construction company, a plumber, an electrician, and so forth. The service provider server 3 may also be provided by a third party on behalf of the service provider. This is particularly useful for small businesses that may not want to build their own service provider servers.

As explained in more detail below, the service consumer 2 orders services from a service provider that controls a service provider server 3.

The service provider utilizes a service provider agent 6 for the service. The service provider agent 6 may be an employee of the service provider or a subcontractor. The service provider agent 6 carries a service provider agent device 7, the service provider agent device 7 being a portable electronic device such as a smartphone, mobile phone, tablet computer, laptop computer, etc. The functions described herein as being performed by the service provider proxy device 7 may be performed, for example, in a software application (also referred to as an app) executing on the service provider proxy device. In one embodiment, the service provider proxy device 7 may be used to provide an electronic key with a temporary credential to selectively control the opening of the lock 10.

The coordinator 5 is a server that coordinates communication between the different parties involved in this scenario providing services that require access to the restricted physical space 16.

Communication between the different nodes in fig. 1 may occur using local communication, e.g., using bluetooth, Bluetooth Low Energy (BLE), any IEEE 802.15 standard, any IEEE 802.11 standard, wireless USB (universal serial bus), USB, ethernet, serial connections (e.g., RS-485), etc., and/or through wide area communication such as cellular networks and the internet. At higher layers, the communication may be performed using the Internet Protocol (IP).

Fig. 2 is a sequence diagram showing communication in an example of providing a service in the environment of fig. 1.

First, the service consumer 2 sends an order 20 for a service to the service provider server 3. The order 20 may be an order made through an electronic service such as the internet, over the telephone, in person, etc. In the case where the order 20 is not electronic, the service provider's personnel enter the data of the order into the service provider server 3. It is noted that order 20 may be an indirect order from service consumer 2 via a third party, not necessarily directly from service consumer 2 to service provider server 3. For example, in the e-commerce example, service consumer 2 orders a physical product to be delivered from a vendor (a third party not shown in FIG. 2). The supplier in turn delivers the physical product to the service consumer 2 using a delivery company. The selection of the delivery company may be performed by the service consumer or provider. In this case, the service consumer 2 indirectly subscribes to the delivery service from the delivery company, which in this case is the service provider.

The service provider server 3 sends an access request 21a to the coordinator. The request 21a indicates that the service provider wants to access to open the lock of the service consumer. Request 21a includes an identifier (e.g., an email address or phone number) of service consumer 2 (or his/her lock 10) and optionally a suggested time or schedule for providing the service of order 20. Further, the request may include a public key of an encryption key pair including the public key and a private key. If service consumer 2 does not support access provisioning according to the rest of the sequence, this is reverted to service provider server 3 and the sequence ends. Otherwise, the coordinator sends a corresponding access request 2lb to the service consumer device 4. The request may include the public key of the coordinator. Optionally, the request further comprises a public key of the service provider. The service consumer device 4 then asks the service consumer 2 in an access request 21d whether the service provider will be allowed access using the lock 10, optionally also including a suggested time or time window. This may be provided, for example, as a query in a software application (also referred to as app) serving the consumer device 4.

The service consumer 2 accepts the request in a positive consumer response 22a (otherwise the sequence ends). The service consumer device 4 sends a corresponding positive consumer response ("may") 22b to the coordinator 5. The service consumer device 4 at this stage may generate an electronic delegate of the access rights of the lock 10, which is included in the positive consumer response 22 b. The delegation may be based on the public key of the coordinator (and optionally also the public key of the service provider) received in the request 21 b. In this way, the service consumer device ensures that only the coordinator can further delegate access rights (to the service provider proxy device) at a later stage. It should be noted that the delegation at this stage need not necessarily be based on the public key of the service provider, as long as the coordinator can delegate the access rights. The delegation is verified at the lock by ensuring a valid sequence of delegations from the service consumer to the service provider proxy device. Each delegate is a delegate of access rights from the delegate to the delegate and is provided electronically in a message to the delegate. Each delegate also includes any previous delegates. The principal signs the delegation using an electronic signature. In this way, when the service provider proxy device provides its commitments to the lock, the lock can verify that there is a valid sequence of commitments from the service consumer to the service provider proxy device by ensuring that the sequence is valid, the principal of the first commitment being the service consumer and the principal of the last commitment being the service provider proxy device.

The coordinator sends a corresponding positive consumer response 22c to the service provider server 3, but the delegate need not be part of this positive consumer response 22 c. Instead, the coordinator 5 may store the delegation for later use. The service provider now knows that the consumer is ready (optionally under a suggested time, time window, or schedule) to accept delivery of the service.

Once the service provider has selected a service provider agent 6 (i.e. a natural person) to deliver the service, the service provider server 3 sends the selected agent message 23 to the coordinator 5. This need not occur immediately, and may occur for a significant period of time after the positive consumer response 22d is received by the service provider server 3.

Optionally, a second service consumer confirmation is now invoked. This may be useful, for example, if the service consumer happens to be at home and the service is package delivery. As explained in more detail below, this may be triggered at some time prior to the intended delivery of the service and/or when the service provider agent 6 is within a configured distance from the lock 10. Using the second consumer confirmation, the service consumer may choose whether to activate the credential for the service. When performing this second service consumer confirmation, the coordinator 5 sends a second consumer request 28a to the service consumer device 4. The service consumer device 4 again asks the user in the request for access 28b whether the service provider will be allowed access using the lock 10. This may for example be provided as a query in an application serving the consumer device 4.

The service consumer 2 accepts the second request in a second positive consumer response 29 a. Alternatively (not shown), the service consumer 2 rejects the second request, and the process ends. In case of acceptance, the service consumer device 4 sends a corresponding positive consumer response 22b to the coordinator 5. .

The coordinator 5 is now ready to further delegate access to the lock 10 by sending a delegate 30 of access to the service provider proxy device 7 to provide access to the service provider proxy 7. Further, the coordinator 5 sends a confirmation delegate 31 to the service provider server 3 to inform that the access right has been provided to the service provider proxy apparatus 7.

Once the service provider agent 6 arrives at the location of the lock 10, the service provider agent 6 provides an unlock input 32a to the service provider agent device 7 (e.g., using a user interface). The service provider proxy device 7 then uses the proxy (originating from the service consumer device 4) received from the coordinator to unlock 32b the lock 10. Alternatively, the service provider agent device 7 allows unlocking only if the delegated validity time contains the current time.

When the lock 10 is unlocked, the lock 10 sends an unlocked message 33a to the service provider proxy device 7, the service provider proxy device 7 sends a corresponding unlocked message to the coordinator 5, and the coordinator 5 in turn sends an unlocked message 33c to the service provider server 3. In this way, the service provider is made aware of the fact that the service provider agent 6 has unlocked the lock 10.

When the service provider agent 6 has performed the subscribed service, the service provider agent 6 provides a lock command 34a to the service provider agent device, which sends a corresponding lock message 34b to the lock 10 and indicates on the service provider agent device 7 that the service has been completed 35a, e.g. using its user interface. The service provider proxy device 7 sends a corresponding completion message 35b to the coordinator 5, after which the coordinator 5 sends a completion message 35c to the service provider server 3 and a completion message 35d to the service consumer device 4. The service consumer device 4 may then notify the service consumer 2 that the service has been performed.

FIG. 3 is a flow diagram illustrating an embodiment of a method for providing access to a lock to provide a service. As explained above, the lock is associated with the service consumer. The method is performed in the service consumer device 4 and corresponds to the actions of the service consumer device 4 shown in fig. 2 and described above.

In a receive access request step 40, an access request for a lock is received. The request is based on a service consumer ordering a service that requires access to a physical space protected by a lock. An access request may be received from coordinator 5. The request includes a first public key associated with the coordinator and a second public key associated with the service provider agent.

Thus, the request includes a first public key of the coordinator and the request includes a second public key of the service provider responsible for specifying the service provider agent.

In a present first consumer query step 42, the service consumer is presented with a first consumer query, asking whether the service provider agent that is to provide the service is granted access to the lock.

In a conditional receive first positive consumer response step 44, it is determined whether a first positive consumer response is received from the service consumer, wherein the positive consumer response indicates that the service consumer allows the service provider agent to access the physical space protected by the lock. If a first positive consumer response is received, the method proceeds to an optional presenting second consumer query step 48 or delegated access step 50. Otherwise, the method ends.

Using this validation process by the service consumer, the service consumer needs to provide an acceptance that the lock needs to be opened for the service provider agent that provides the service. This provides feedback to the service provider who is then free to prepare delivery of the service.

In an optional present second consumer query step 48, the service consumer is presented with a second consumer query, asking whether the service provider agent that is to provide the service is granted access to the lock.

Optionally, presenting the second consumer query step 48 is performed only at a configured time before the service provider agent is required to access the lock. Additionally or alternatively, presenting the second consumer query step 48 is performed only when a signal is received indicating that the service provider agent is within a configured distance from the lock. This step may be triggered, for example, when the service provider agent is a certain distance from the lock 10 within the time of validity of the transient credential.

In an optional conditional receive second positive consumer response step 49, it is determined whether a second positive response is received from the service consumer, the second positive response indicating that the service consumer allows the service provider agent to access the physical space protected by the lock. If this is the case, the method proceeds to the delegated access step 50. Otherwise, the method ends.

In this manner, the service consumer is given the option of accepting or rejecting activation of the temporary credential. For example, if a service is intended to be performed at home and the service consumer is just at home, the service consumer may choose to open the door himself/herself, so that the temporary credential is never activated in the lock 10.

When there is no response to the second consumer query, this may be configured to imply that the service consumer denies access or that the service consumer accepts access by the service provider agent.

In a delegate access step 50, the coordinator is delegated access to the lock. This includes encrypting at least a portion of the delegate with a first public key and encrypting at least a portion of the delegate with a second public key. Further, the service consumer device electronically signs the delegate. Delegating access enables further delegation of access to the lock to the service provider proxy, which is performed by the lock, as described above with reference to the sequence of delegations.

In other words, this step includes generating the delegate based on the first public key and the second public key. For example, a portion of the delegate may be encrypted using the first public key, allowing only the coordinator to decrypt the portion. Similarly, a portion of the delegate may be encrypted using the second public key, allowing only the service provider to decrypt the portion. In this way, the coordinator securely relays data to the service provider proxy using the delegation process even when access is delegated to the coordinator for further delegation to the service provider proxy.

The method is repeated for rendering of the service by the service provider agent, e.g., weekly cleanup, except for the steps of presenting the first consumer query and receiving the first positive consumer response.

Fig. 4 is a schematic diagram illustrating components of the service consumer device 4 of fig. 1. The processor 60 is provided using any combination of one or more suitable Central Processing Units (CPUs), multiprocessors, microcontrollers, Digital Signal Processors (DSPs), application specific integrated circuits, etc., capable of executing the software instructions 67 stored in the memory 64, the software instructions 67 thus being a computer program product. The processor 60 may be configured to perform the method described above with reference to fig. 3.

The memory 64 may be any combination of read-write memory (RAM) and read-only memory (ROM). The memory 64 also includes persistent storage, which may be, for example, any one or combination of magnetic memory, optical memory, solid state memory, or even remotely mounted memory.

A data memory 66 is also provided for reading and/or storing data during execution of software instructions in the processor 60. The data storage 66 may be any combination of read-write memory (RAM) and read-only memory (ROM).

The service consumer device 4 also comprises an I/O interface 62 for communicating with other external entities, such as the lock 10, the coordinator and the service consumer device. The I/O interface 62 may include components to communicate through any one or more of the following: any IEEE 802.11 standard, wireless USB (universal serial bus), USB, ethernet, serial connection (e.g., RS-485), Bluetooth Low Energy (BLE), any IEEE 802.15 standard, Radio Frequency Identification (RFID), Near Field Communication (NFC), etc.

Other components of the service consumer device 4 are omitted in order not to obscure the concepts presented herein.

Fig. 5 illustrates one example of a computer program product comprising computer readable means. On which a computer program 91 may be stored which may cause a processor to perform a method according to embodiments described herein. In this example, the computer program product is an optical disc, such as a CD (compact disc) or DVD (digital versatile disc) or blu-ray disc. As mentioned above, a computer program product, such as the computer program product 64 of fig. 4, may also be implemented in the memory of the device. Although the computer program 91 is here schematically shown as a track on the optical disc shown, the computer program may be stored in any way suitable for a computer program product, such as a removable solid state memory, e.g. a Universal Serial Bus (USB) drive.

The invention has mainly been described above with reference to some embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims.

Regarding the implementation mode including the above embodiment, the following technical solutions are also disclosed:

scheme 1. a method for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the method being performed in a service consumer device (4) and comprising the steps of:

receiving (40) a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (11) protected by the lock, the request comprising a first public key associated with a coordinator and a second public key associated with a service provider agent;

presenting (42) a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving (44) a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (11) protected by the lock; and

delegating (50) access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

Scheme 2. the method according to scheme 1, wherein the step of delegating (50) access comprises delegating access only for a predetermined time.

Scheme 3. the method according to any of the preceding schemes, further comprising the steps of:

presenting (48) a second consumer query to the service consumer (2) asking whether the service provider agent to provide the service is granted access to the lock (10); and

receiving (49) a second positive response indicating that the service consumer (2) allows the service provider agent to access the physical space (11) protected by the lock;

wherein the step of delegating (50) access is performed only if the second positive response has been received.

Scheme 4. the method according to scheme 3, wherein the step of delegating (50) access is still performed when there is no response to the second consumer request.

Scheme 5. the method according to scheme 3, wherein the step of delegating (50) access is prevented from being performed when there is no response to the second consumer request.

Scheme 6. the method according to any of the schemes 3 to 5, wherein the step of sending (48) a second consumer request is performed only at a configured time before the service provider agent is required to access the lock (10).

Scheme 7. the method according to any of the schemes 3 to 6, wherein the step of sending (48) a second consumer request is only performed if a signal is received indicating that the service provider agent is within a configured distance from the lock (10).

Scheme 8. the method according to any of the preceding schemes, wherein for rendering a service by the service provider agent, the method is repeated except for the steps of presenting (42) a first consumer query and receiving (44) a first positive consumer response.

A service consumer device (4) for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the service consumer device (4) comprising:

a processor (60); and

a memory (64) storing instructions (67) that, when executed by the processor, cause the service consumer device (4) to:

receiving a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (11) protected by the lock, the request comprising a first public key associated with a coordinator and a second public key associated with a service provider agent;

presenting a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (11) protected by the lock; and

delegating access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

Scheme 10. the service consumer device (4) according to scheme 9, wherein the instructions for delegating access comprise instructions (67) that, when executed by the processor, cause the service consumer device (4) to: access is granted only for a predetermined time.

Scheme 11. the service consumer device (4) according to scheme 9 or 10, further comprising instructions (67) which, when executed by the processor, cause the service consumer device (4) to:

presenting a second consumer query to the service consumer (2) asking whether the service provider agent to provide the service is granted access to the lock (10);

receiving a second positive response indicating that the service consumer (2) allows the service provider agent to access a physical space (11) protected by the lock; and

executing the instruction for delegating access only when the second positive response has been received.

A computer program (67, 91) for providing access to a lock (10) for providing a service, the lock (10) being associated with a service consumer (2), the computer program comprising computer program code which, when run on a service consumer device (4), causes the service consumer device (4) to:

receiving a request to access the lock (10), the request based on the service consumer (2) ordering a service requiring access to a physical space (11) protected by the lock, the request comprising a first public key associated with a coordinator and a second public key associated with a service provider agent;

presenting a first consumer query to the service consumer (2) asking whether a service provider agent (6) to provide a service is granted access to the lock (10);

receiving a first positive consumer response indicating that the service consumer (2) allows the service provider agent to access a physical space (11) protected by the lock; and

delegating access to the lock to the coordinator, including encrypting at least a portion of the delegation using the first public key, encrypting at least a portion of the delegation using the second public key, and electronically signing the delegation, such that access to the lock can be further delegated to the service provider agent.

Scheme 13 a computer program product (64, 90) comprising a computer program according to scheme 12 and a computer readable means on which the computer program is stored.