Time budget (AX2Go and virtual network) - LSM 3.6 Business + Prof.

The term “time budget” occurs in two different contexts:

AX2Go: Key update interval (days)
Virtual network: Dynamic time window

Both means that an identification medium can only be used for a limited time before the time budget needs to be topped up again. When topping up, the system checks whether authorisation changes have been made or whether the identification medium has even been blocked.

	AX2GO: Key update interval (days)	Virtual network: Dynamic time window
Adjustability	Max. 30 days since last top-up Adjustable to the exact day	Max. 255 hours (approx. 10 days) or up to a given time from topping up (e.g., from topping up until 8 p.m.) Adjustable to the exact hour
Topping up through	LSM.AX2Go service. As soon as the AX2Go and the LSM.AX2Go service both access the cloud and thus detect one other, the time budget is fully topped up again.	Virtual network gateways
Top-up frequency	With a few exceptions, the smartphone with the AX2Go is permanently connected to the Internet and thus to the cloud. This means that the time budget is fully topped up each time the LSM.AX2Go service connects to the cloud. The LSM.AX2Go service connects to the cloud immediately in the event of important changes (e.g. changes to authorisations); otherwise, it does so as specified in Slow cycle (min).	The time budget is topped up again once the identification medium is activated at the gateway, provided it has not been blocked.
Intended purpose	A smartphone may be set to flight mode and thus the connection to the LSM.AX2Go service could be interrupted intentionally. In this case, a change in authorisation would never reach the AX2Go. Key update interval (days) forces all AX2Go users to allow a connection between the AX2Go and LSM.AX2Go service on a regular basis. This prevents flight mode from being misused and inadvertently using a permission permanently.	In the virtual network, “Dynamic time window” performs two tasks: Forcing identification media to go to gateway Time limitation of authorisation in the event of lost identification media In the virtual network, data is transported from the gateway to the locking devices and back again using identification media. The more often the identification media are presented to the gateway, the more effectively data exchange works. With a limited time budget, you can ensure that all users go to the gateway on a regular basis. After deactivation (for example, following its loss), a stolen identification medium may not be utilised beyond the set time limit. Wholly independent of whether the deactivation was carried out at the locking device. The stolen identification medium’s time budget can no longer be renewed and thus expires.
Example (normal operation)	Example: time budget set to 30 days. A user’s AX2Go is connected to the LSM.AX2Go service via the cloud. Since the user is still authorised, the time budget is renewed to the full 30 days. The server hosting the LSM.AX2Go service is down for a few days due to maintenance work. Since the user’s AX2Go has a time budget of 30 days, the AX2Go can be used without problems during the entire maintenance work. Once the maintenance work is complete, the server will restart. The LSM.AX2Go service connects to the cloud and the user’s time budget is topped up. The user’s AX2Go functions uninterrupted at all times.	Example: budgeted time set at 10 hours. A user presents their identification medium on the gateway. The gateway connects to the database and determines that the identification medium has not been blocked and renews the time budget. The user may subsequently use their identification medium for 10 hours. They then activate their identification medium again at the gateway and receive a new time budget.
Example (problem)	Example: time budget set to 7 days. An authorisation is withdrawn from a AX2Go user. However, since the user knows that this authorisation is to be revoked and they want to operate the locking device at a later stage without being detected, they activate flight mode to prevent authorisation from being revoked. The AX2Go can no longer establish a connection to the cloud, so the time budget of the user concerned is no longer renewed. After the 7 days have elapsed, the user can no longer operate a locking device with their AX2Go and is forced to allow an online connection. This means that the revoked authorisation also reaches its AX2Go.	Example: budgeted time set at 10 hours. An identification medium is reported as stolen and is subsequently deactivated by the locking system administrator. Over time, the blocked IDs are distributed to the locking devices in the virtual network. However, some more remote locking devices have still not received a blocked ID ten hours later. However, the stolen identification medium can no longer be used on these locking devices. The time budget has expired and there will be no renewal due to deactivation.