Access Control

access control systems

Access control (AC) is a crucial component of physical and information security that involves selectively restricting access to a place or other resource, while access management describes the associated processes.

Access can refer to consuming, entering, or using a resource, and authorization is required to gain permission to access a particular resource. Access control mechanisms are analogous to locks and login credentials, and they help to ensure that only authorized individuals can access protected resources.

Geographical access control can be enforced by personnel such as border guards, bouncers, and ticket-checkers, or through the use of a physical device like a turnstile.

To prevent circumventing access control, there may be fences or other physical barriers in place. An alternative method of access control is a system that verifies authorized presence, such as a ticket controller in transportation. Additionally, exit control is a variant that is utilized in various settings, such as at a shop checkout or at the borders of a country.

The term access control refers to the process of restricting entry to a property, building, or room to authorized individuals. This can be accomplished through physical means, such as a human guard, bouncer, or receptionist, or mechanical means, like locks and keys. Technological systems, such as access control systems that utilize a mantrap, may also be employed to achieve physical access control. Within these environments, physical key management may also be utilized as a means of managing and monitoring access to mechanically keyed areas or specific assets.

Physical access control is predicated on the factors of who, where, and when. An access control system determines who is authorized to enter or exit, where they are allowed to enter or exit, and when they are allowed to enter or exit. Historically, keys and locks were used to achieve this. When a door is locked, only an individual with a corresponding key can access it, depending on the lock’s configuration. However, mechanical locks and keys cannot restrict the keyholder’s access to specific times or dates, nor do they provide any records of the key used on a specific door. Additionally, keys can be easily copied or transferred to unauthorized individuals. In the event that a mechanical key is lost, or the keyholder is no longer authorized to use the protected area, the locks must be re-keyed.

Electronic access control systems leverage computers to address the limitations of mechanical locks and keys. A vast array of credentials can be utilized to replace traditional mechanical keys, and the electronic access control system grants access based on the credential presented. When access is approved, the door is unlocked for a predetermined amount of time, and the transaction is recorded. Conversely, when access is denied, the door remains locked, and the attempted access is recorded. The system will also monitor the door and set off an alarm if the door is forced open or held open for an excessive duration after being unlocked.

The electronic access control system operates as follows: when a credential is presented to a reader, the reader sends the credential’s information (typically a number) to a highly reliable processor, known as the control panel. The control panel then compares the credential’s number to an access control list, either granting or denying the request and sends a transaction log to a database.

In the event of access being denied based on the access control list, the door remains locked. If the credential number matches that on the access control list, the control panel activates a relay that unlocks the door. Additionally, the control panel is designed to disregard any door open signal to avoid triggering an alarm. Often, the reader provides visual feedback, such as a flashing red LED indicating access denied and a flashing green LED indicating access granted.

The above description highlights a single-factor transaction, which may be vulnerable to credential theft or misuse. In such a scenario, an individual with authorized access rights may give their credential to an unauthorized individual or have it taken from them, thereby compromising security. To address this issue, two-factor authentication can be implemented.

In a two-factor transaction, two factors are required to be presented for access to be granted. The first factor is the presented credential, and the second factor is typically a PIN, a second credential, operator intervention, or a biometric input. The combination of these two factors helps to ensure that only authorized individuals are granted access, even if a credential is stolen or misplaced. This provides an additional layer of security to the access control system and helps to mitigate the risk of unauthorized access.

In the context of access control, there are three primary factors of authentication that can be utilized to verify a user’s identity: something the user knows, something the user has, and something the user is.

  • The first factor is something the user knows, such as a password, pass-phrase, or PIN. This type of authentication requires the user to provide information that is only known to them and can be easily memorized.
  • The second factor is something the user has, such as a smart card or a key fob. This type of authentication requires the user to possess a physical item that can be used to authenticate their identity.
  • The third factor is something the user is, which refers to biometric authentication. This type of authentication involves verifying a user’s identity based on a unique physical attribute, such as a fingerprint or facial recognition.

By utilizing these different types of authentication factors, access control systems can provide greater levels of security and mitigate the risk of unauthorized access.

Passwords have long been a commonly used means of verifying a user’s identity before granting access to information systems. However, with the increasing prevalence of security breaches and identity theft, it has become apparent that relying solely on passwords is not always sufficient to protect sensitive information.

In recent years, a fourth factor of authentication has been recognized, known as “someone you know.” This factor involves the use of human authentication, where another person who is known to the user can provide additional verification of their identity in certain scenarios. For example, if a user has forgotten their smart card but is known to designated cohorts, the cohorts may be able to provide their own smart card and password in combination with the extant factor of the user in question, thus providing two factors for the user and allowing them to access the system with three factors overall.

This type of human authentication can provide an additional layer of security in situations where the user is unable to provide all necessary credentials or has lost access to them. By leveraging the knowledge of trusted individuals, access control systems can increase security and mitigate the risk of unauthorized access.

An access control system typically consists of several components that work together to manage and control access to a given area or resource. These components include:

  • Access control panel: Also known as a controller, this component is the brain of the system, processing and analyzing input from various sources to determine whether to grant or deny access.
  • Access-controlled entry: This includes physical barriers such as doors, turnstiles, parking gates, elevators, or other similar devices that restrict or control access to a specific area.
  • Reader: Typically installed near the entry, the reader is used to scan and authenticate the credential presented by the user.
  • Locking hardware: This includes devices such as electric door strikes and electromagnetic locks that can be activated or released by the access control system to control entry and exit.
  • Magnetic door switch: This component is used to monitor the position of the door, ensuring that it is securely closed and locked.
  • Request-to-exit (REX) devices: These devices are used to allow for safe and easy egress. When triggered, the REX temporarily disables the door alarm and unlocks the door to allow for an easy exit.

By combining these various components, an access control system can effectively manage and control access to a given area, improving security and mitigating the risk of unauthorized entry or exit.

Contact us today to learn more about how we can help your business stay connected, secure, and ready for the future.