2.0 What Makes Up An Access Control System?

Every access control system centers around the need to control individual ability to gain access or egress through an entryway. An entryway may be an employee entrance, parking gate, garage door, loading dock, or any such barrier that can be secured.

The Five Main Parts Of An Access Control System Are As Follows:

2.1 Electro-Mechanically Controlled Locking Hardware

The most fundamental function of any access system is to secure an entryway. In an electronically based system, the locking device must be electrically controlled. This section outlines the most popular devices used.

Function: This is an auxiliary, electrically operated device that prevents the door from being opened when energized.

How it Works: The electromagnetic lock is mounted to the door frame, and a steel strike plate is mounted to the door, which holds the door closed. The two basic types of electromagnetic locks are "direct pull" and "shear".

The direct pull type is securely attached to the door frame and aligned with the strike plate mounted to the push side face of the door. When the lock is energized and the door is closed, the strike is magnetically held to the lock, holding the door secure. Typically the holding force of these devices is between 600 and 1500 pounds. When power is removed, the magnetic field is released and the door may be opened.

The shear variety uses a different method for locking. The strike plate is mounted in the top door edge facing upwards, and the lock is mounted in the door frame facing down. With the door closed and the lock energized, the strike plate - which has a small amount of vertical movement - is attracted to the lock. An opening in the strike plate captures a stationary protrusion on the face of the lock. This prevents the strike plate from sliding off the face of the lock.

Function: An electric lockset electrically locks or unlocks a knob, lever, or thumb piece on one or both sides of the lock.

How it Works: An electrically actuated solenoid replaces or duplicates the action of a key to lock or unlock the knob.

When used in an access control system in conjunction with a key pad, card reader, or other verification device, many restrictions may be imposed on that particular door. This might include such variables as days or times allowed to access/egress, or particular individuals that may or may not access/egress the door in question.

There are two basic types of electric locksets. The "Fail Safe", in which the lockset releases or unlocks at the loss of power, and "Fail Secure", in which the lockset engages or locks at the loss of power.

Note: Electric locksets require the use of a feed-through hinge or pivot as a means to supply power from the frame to the door.

Function: These provide wiring access from a frame to a swinging door by using insulated wires that are mechanically supported and protected between the two members.

How it Works: Feed-through hinges are available with up to eight conductors. The center section of the hinge pin is left out, leaving an area to coil the conductors, which are fed through two holes drilled through the leaves of the hinge. Feed-through offset pivots are constructed in a similar manner.

Feed-through hinges and pivots are used in the intermediate or center hinge position of the door. Their construction does not allow them to function as load bearing.

Door loops, also known as door cords, are surface applied versions of feed-through hinges and pivots. One mounting block is attached to the face of the frame, while the other is attached to the face of the door. A flexible metallic or plastic conduit is connected to each block through which the wiring is fed.

Function: This strike electrically releases the portion of the strike that holds a lock sets' latch bolt, thus allowing the door to open without retracting the latch bolt. This unit replaces the standard pocket strike for most types of latch bolts.

How it Works: The outer lip in the strike body holds the latch bolt of the lock in the pocket. The lip is help in position by a solenoid, and is allowed to pivot when power is applied (fail secure operation) or interrupted (fail safe operation) to the strike.

As with electric locksets, the electric strike is used for the remote control of doors. Although not as secure, this type of locking device is preferred when it is impractical to run wiring through a door, such as in glass doors.

.:Back to the top...

2.2 Access Credentials And Reader Technologies

An access credential is defined as the mechanism that is used to identify the individuals authorized to have access to the facility. The first step in conceiving an access control system is to determine the type of credential that will be used. It is one of the most critical parts to any access control system as it is the interface between man and machine.

The function of an access credential with respect to the access control system can be classified in three ways:

The following sections define the industry's most common types of card technologies, along with their respective strengths and weaknesses.

Transmissive Infrared
Sometimes referred to as "Differential Optics," transmissive infrared cards use a coding technology which involves passing a low-level infrared light through a homogenous plastic card. This produces a pattern of shadows that are detected and interpreted by an optical scanner (reader).

Unlike barcodes (another infrared technology), the light passes through the card instead of reflecting off the surface. Transmissive infrared codes are manufactured under a closely guarded, proprietary process. There are more than four billion unique codes, which are produced at random to ensure that no two cards are alike. The cards can be supplied with a smooth finish to create a photo ID badge.

Infrared readers contain no moving parts. All solid-state components offer trouble-free operation and very low maintenance.

Wiegand Effect
Wiegand-effect cards are also known as embedded wire cards. Developed by John Wiegand, the Wiegand effect is a pulse-generating phenomenon in a special alloy wire, which is processed to create two distinct magnetic regions in the same homogeneous piece of wire (referred to as a shell and a core). These two magnetic regions react differently to any applied magnetic field. The shell requires a strong magnetic field to reverse its magnetic polarity, whereas the core will reverse under weaker field conditions. The point at which the shell and core change to different polarity orientations causes the Wiegand pulse to generate, which is sensed by a pickup coil (the reader). When embedded into a card in distinct patterns, these wires are read as codes by the reader. Codes for these cards are unique, permanent, and unalterable.

Wiegand card readers are less subject to tampering. Foreign objects inserted into readers can be more easily dislodged than in other types of readers. Wiegand readers are usually unaffected by environmental conditions. The do not have any moving parts and are therefore relatively inexpensive to maintain.

Proximity cards, frequently called "prox" cards, use electronic circuits embedded inside strong plastic, which transfer their data when placed in "proximity" to the reading device.

Proximity cards represent the fasted-growing reader technology in the industry. They are available as thin as a credit card, or can be offered as a key fob. The cards are available in ISO quality, and can be supplied with a smooth finish to easily create a photo ID badge.

Manufacturers classify proximity cards as passive or active. Passive cards use radio frequency resonant circuits consisting of resistors, capacitors, and inductors. These cards do not contain a battery, but rather, they draw their power from the reader itself. This system is highly susceptible to Radio Frequency (RF) interference, and the cards must be presented parallel to the reader in order to get maximum read range. Active proximity cards (also called powered proximity cards) are powered by a battery (typically lithium). The battery supplies power to the internal circuitry, which significantly increases the read range, sometimes from inches to feet.

Magnetic Stripe Card
The magnetic stripe card is not regarded as a high security card technology. It is the most popular card because it is among the most inexpensive card technologies available, and is capable of storing large amounts of information. Cost is particularly important to large installations such as colleges and universities. A key advantage to magnetic stripe is its ability to be encoded by the end-user. It is a practical and money-saving point in an environment where a high volume of cards is used. Information on magnetic strip cards is encoded on tracks. Most magnetic stripes can have up to three tracks, with one being utilized for access control.

The primary disadvantage for magnetic stripe is that the coding technology is well known, making duplication easy. The specifications for encoding and reading are set forth as an ANSI standard, and are therefore public knowledge.

Encoders and cards are available from several vendors. Most cards can be encoded with off-the-shelf card encoders, such as Elcom or Magtek. Since off-the-shelf equipment is so easy to obtain, it is easy to create or duplicate a card.

The cards are also susceptible to wear and corruption. The magnetic medium is placed on the exterior of the card, which makes physical contact with the head inside the reader, thus wearing the card. If the card comes in proximity of a magnetic field, the encoded data will be corrupted.

The two basic types of magnetic strip cards available are "high coercivity" and "low coercivity." Coercivity is defined as the magnetic material's ability to accept and retain data. High coercivity cards require very large electrical or magnetic sources to corrupt them, but are more expensive. Low coercivity cards are more susceptible to erasure and corruption, but are less expensive.

Barium Ferrite
Barium ferrite is also known as magnetic spot, magnetic dot or magnetic core. These cards are made by sandwiching barium ferrite, a flexible magnetized material between two outside layers of PVC. Encoding is in the form of spots on a polarized magnetic field, which is electrically induced into the barium ferrite. The card is typically read when inserted into a reader where the magnetically encoded areas activate sensors.

They are generally inexpensive, but not as low in cost as magnetic stripe cards. Traditionally, the barium ferrite material in the card has a relatively short life, usually about one year. Newer cards feature high coercivity barium ferrite, which significantly increases card life, but could easily erase magnetic strip cards, due to the amount of magnetized material inside the card.

This technology is susceptible to duplication. Generally, these cards and their readers have been used in high volume turnover applications such as parking lots. Both the card and the reader are subject to wear and consequently cost more in replacement and maintenance.

Hollerith Card
For half a century, this 80-column card with square holes served as a method of recording, inputting, storing and sorting data for the computer industry. Data is entered on the card by punching physical holes into an area 80 columns wide and 12 rows high and read by passing the card under a line of photoelectric sensors.

The wide availability of this equipment brought about the invention of the Hollerith card access control system. A 32-column card was used because of its convenient size and the equipment needed to code and read it already existed.

Since the code on a Hollerith card is easily readable and the equipment needed to make them is so widely available, it did not achieve much acceptance as a security system. However, the cards are still being used as time cards and job-cost accounting systems, where there is little reason to duplicate them for illicit purposes. These are also used in hotels as replacements for metal keys; the technology is not secure but it is inexpensive.

Optical Bar Code
Optical bar codes consist of a series of printed stripes spaced to represent coded data, most commonly known at supermarket checkout lines. The technology has been around for nearly 40 years.

The advantage of optical bar codes is that they can be read by passing a single photo detector over them, unlike optical character recognition, which requires sophisticated optical and electronics systems or even Hollerith, which requires multiple read heads in a line.

Optical bar coding is inferior as a security option because it is visible to any observer and is therefore not difficult to duplicate. It is therefore usually regarded as a low security option. However, versions for higher security applications in a non-visible form, readable only by ultraviolet or infrared light, are becoming available.

SMART cards contain an intelligent microchip, which communicates with the reader. The SMART card has both a coded memory and a microprocessor chip, giving it capabilities for data storage and manipulations that are much greater than other technologies. The card is essentially a "computer in your pocket," and can hold a large amount of data that can be updated each time the chip communicates with the system.

SMART cards are available in a "contact" or "contactless" format. The contact format requires the card to be placed in direct contact with the reader in order to function. The contactless card works like a proximity card, and will communicate with the reader once it enters the effective read range around the reader (this range varies by both card and reader).

SMART cards are very popular throughout Europe and Asia, and many European telephone companies have, in fact, standardized on this emerging technology. To date, they have not been widely accepted in the United States access control market due to their higher prices. However, as the market requires more integration of subsystems, the powerful SMART card is becoming an attractive option.

.:Back to the top...

2.3 Biometric Devices And Technologies

Biometrics is an automated method of verifying or recognizing the identity of a living person based on a physiological or behavioral characteristic. This means that a mechanism scans and captures a digital or analog image of a person's characteristic, such as a fingerprint, hand silhouette, or even a blood vessel pattern on the back of an eye (called a retinal scan). It can also scan an individual's psychological make-up pattern, such as signature, keystroke dynamics, or voice pattern.

There are seven primary biometric technologies currently in use
(listed in order of prevalence):

Hand Geometry35%
Voice Verification21%
Facial Geometry4%
Signature Dynamics3%
Iris Recognition1%
Retina Recognition1%

Biometrics are used in high security applications such as:

Identifying Power - The Measurement Of Biometric Success

A desirable and acceptable balance of FRR and FAR is sought. As tolerance settings are tightened to make it harder for unauthorized people to gain access, it will also become harder for rightful people to gain access. A user must typically sacrifice up to 5 percent FRR on the first attempts to get near perfect protection against impostors. A balanced biometrics system will experience FRR and FAR rates of around 1 to 3 percent.

Hand Geometry
Hand geometry is a technique for access control which analyzes and digitizes the measurements of the subject's hand (length of fingers, curvature data, hand width, webbing between fingers, etc.). A person is enrolled in the system by creating a stored image of his hand. When seeking access, he places his hand on an imaging plate and a comparison is made of the stored and active images. If the images match to a predetermined accuracy, access is granted.

Hand geometry was developed in the early 1970's to analyze glove measurements for pilots in the U.S. Air Force. The U.S. Department of Energy and Armed Forces use hand geometry as a security measure at several facilities. It is also used at nuclear facilities in Canada.

The ID-3D unit from Recognition Systems Inc. looks at both the top and side view of the hand using a built-in video camera and compression algorithms. The reference template is under 30 bytes, the smallest in the industry. Dirt and cuts do not detract from performance.

False Acceptance Rate1.0%
False Rejection Rate1.5%

Any number of characteristics, such as ridges in the fingers, are analyzed and used to create a unique personal identifier. The benefit of an access control system with a fingerprint reader is a highly secure identification system that identifies people by finger or palm prints, which are nearly impossible to duplicate. The system uses a central processor, an optical scanner and a database of prints obtained from authorized persons. A person places their thumb, fingers or palm side of their hand on a light-sensitive plate. The impression is read by the optical scanner and is compared to the person's file. The user is then either granted or denied access/egress.

The largest application of fingerprint technology is in AFIS (Automated Fingerprint Identification Systems), used by police forces in most of the states in the country. AFIS provide quick and accurate identification of fingerprints in real-time.

False Acceptance Rate0.1%
False Rejection Rate3.0%

Voice Verification
Voice verification uses the unique frequency patterns of the user's voice as an identifier. The user is required to enroll his voice pattern by providing a sample of his speech. The system then takes the speech information, digitizes it and makes a unique code from it. For entry, a person speaks into the unit, which then searches through its memory for the matching voice pattern, than allows or denies entry.

Large organizations such as AT&T, Texas Instruments and Siemens have developed verification algorithms for communications applications. Impersonations are not a problem, because the devices intentionally focus on characteristics of speech that are different from the ones that people tend to focus on.

False Acceptance Rate0.01%
False Rejection Rate0.4%

Facial Geometry
A camera is used to acquire an image of the face from a distance of a few feet. The system then analyzes the geometry of the face, such as the distance between the eyes and nose. Most systems feature a face-locating function that searches for faces within the field of view. Face recognition systems are designed to compensate for glasses, hats and beards.

The technology can perform verification and identification. Anecdotal evidence suggests that face recognition technology is very accurate. However, the use of face recognition for one-to-many identification searches is relatively new.

Signature Dynamics
Signature dynamics is a computer-aided system that digitizes and compares the dynamic characteristics of a handwritten signature against a known signature in memory. It analyzes shapes and timing sequences intrinsic to formation of letters in the signature.

This is one of the newest areas of biometrics development. Over 100 patents have been issued in this field by IBM, NCR and VISA. Several machines factor in the static image of the signature. Devices generally use wired pens, sensitive tablets or a combination of both.

Iris Recognition
Iris recognition technology involves the use of a camera to capture an image of the iris, the colored portion of the eye. The iris is an excellent choice for identification. It is stable throughout one's life, it is not very susceptible to wear and injury, and it contains a pattern unique to the individual. In fact, an individual's right and left iris patterns are completely different.

There are two main types of iris recognition systems: active and passive. In the active system, the user must adjust the camera by moving forward or backward a few inches in order to bring the iris into focus. The user must be within 6 - 12 inches of the camera, which requires substantial supervision and instruction. The passive system incorporates a set of cameras to automatically locate the user's face and eye, removing the need to manually focus the camera.

Retina Recognition
This is a method of collecting data through the pattern of blood vessels on the back of the retina, which is analyzed, quantified and used to create a person's own personal identification system.

Retinal recognition scans are performed by directing a low intensity infrared light through the pupil and to the back part of the eye. The pattern is reflected back to the camera, which captures the unique pattern and represents it in digital format in memory. The user places his face next to the reader, which scans his retina and digitizes the information that is returned. This information is compared to the data stored in memory. If it is valid, then access will be granted.

This technology is popular with military and financial institutions, and has sold very well throughout Europe.

.:Back to the top...

2.4 Electronically-Based Decision-Making Processor

There are several elements that make up a decision-making processor, or what is commonly referred to as a control panel. The following is a list of the common elements of the control panel and the key features to consider in the selection process:

Main Processor Applications Software Interface With Card Reading Devices Communications Capability Peripheral Control And Alarm Equipment

.:Back to the top...

2.5 Monitoring And Report Generation

One of the most significant capabilities of any access control system is the ability to monitor events and generate reports on those events.

Monitoring Events
The access control system will monitor the facility for any number of predetermined events. Such events might include whether a door stays open too long (in case an employee or delivery personnel has propped it open), if the temperature in an environmentally controlled room changes abruptly, or if an unauthorized person if trying to gain access to a restricted area.

With advanced access control systems, this monitoring is accomplished with a PC configured with software that interacts with the access control hardware that is installed throughout the facility. Once an event occurs, the PC can be alerted to display a message to the system operator. The PC can also be configured to send an audible alert to ensure that the operator is aware of the event as quickly as possible. The information can include the name of the door, the card user, or any other relevant information.

he PC can also monitor and log events that do not require any immediate attention, such as the daily flow of employees in and out of a facility.

The information that the system monitors generate can be stored on the PC hard drive and used to generate very detailed, custom reports. Flexible report generation includes the capability to report activity based on time, date, door, user, alarm status, operator activity or a variety of other options.

Report formats can be saved as templates for running repetitive reports. A time management assessment, for example, can be generated to monitor when employees come and go, and into which areas they go during the day. This information may determine additional areas to be access controlled to protect intellectual property.

As many systems have multiple operators, the system allows for report generation to show the activities of each system operator. The system administrator can then review the report to check if any operator has changed system access rules, overridden the system or changed any employee privileges.

Other optional report outputs include viewing on the screen, printing a hard copy or saving information in a disk file. Once the information is in a disk file, it can be imported and utilized to backup and restore the control unit's information when necessary.

.:Back to the top...


Featured Systems

Valid XHTML 1.1!   Valid CSS!