Application and Efficacy of Access Control Systems - Report Example

Name Institution Coursework Instructor Running head: Literature review on the ACS, their application and efficacy Introduction Asset security is quite pivotal in any area of business, institution or even at homesteads and other points or places where human property is subject to intrusion, theft or destruction. Measures to curtail any possible mishap in an area with security concern are indeed imperative before or after the establishment of a property. This can be individual property, an organizational holding, company assets or a community property. Security issues are not only essential in these cases but also very necessary. Access control systems helps in putting a check on those who use, reach and control a property that belongs to someone or a group of people with shared benefits and concerns. To enhance tight security measures, a number of ACS devices have been advanced for purposes of improving on security issues. Some of these devices include; electrical locks with integrated alarms, barriers, biometric readers, ancillaries and credentials. They can either be external or internal access controllers. The use of biometric systems is based on who accesses a system. It identifies physical traits such as one’s fingerprints, face, veins or irises and behavior types e.g. handwriting or the rhythm of typing and/or voice projection and characteristics. Some of these appliances or access control devices are not much effective and their uses are subject to other control issues. Some can be and have been vulnerable to extreme weather situations and destruction or unauthorized access by intruders due to failure in their functionality. Their effectiveness and harnessed security improvement is nonetheless indubitable. Their efficacy has actually produced more benefits than side effects. Many of these ACS devices have different operational mechanisms based on scientific applications. Their computerization or automation has led to increased security checks and reduced human labor and/or cost. However, they are prone to mechanical faults and failures making their efficacy to stand a ground test hence the need to enhance their operative mechanisms to increase security. OPERATION PRINCIPLES, MECHANISMS AND APPLICATION OF THE ACCESS CONTROL SYSTEM DEVICES Biometric reader systems store basic information of the authorized user(s) on their first use of the systems. This is called system enrollment. The information recorded includes names or identification numbers, image or user’s specific traits that are synthesized and translated into a graph or a code. This information stored will always be used by the system to compare if the current user’s information is the same as the first recorded and stored information. To do all these, the systems are integrated with sensors that confirm traits being used for the identification of the user. The information is stored in a computer with software, which aids the analysis and synthesis of characteristics and then translating into a code which eventually compares the real information. Examples of biometrics among others are; the Viper BIO BL1500 reader. It is installed for instance, as a standalone terminal or may be connected to a third party access control panel with Wigand input. It can store a maximum of 3000 templates of fingerprints and clocking transactions of up to 50000. Its built-in relays enhance its application on locks, open-door alarms, door sensors (SAPROnet, 2009). In biometric door locks, the main trait coded is the user’s fingerprints. The locks are made with fingerprint sensors, which enable the identification of whoever is intending to use the facility and whether the user is authorized, or not. Electric gates can also be installed with biometric readers to stop unauthorized vehicles and intruder from getting into a compound of a homestead or any other organization. These can include the use of Euro cylinder locks, heavy duty hinges or tamper-proof drop bolt systems. In places where cars are packed, there is a need to enforce security. The use of biometric readers can be applied in the rising bollards to keep away buildings or car packs from unnecessary attacks. Their use is also extended to the stoppage of ram-riders and put off terrorists’ vehicles from being packed near buildings. They are used also in swap-card readers. The cards are used to control entry and exit within given premises (Chris L., fire & Security 2011). The use of fingerprint scanners in the biometrics has proved efficient in combating security issues. However, they are subject to inability to distinguish between picture images and the finger itself. This has led to cases of using a mold of a person’s fingerprint or in criminal situation where an authorized user, is coerced by criminals to perform the operation. It is not also effective to be applied in chemical industries for workers due to chemical corrosion that affect the fingerprints. To solve chemical corrosion to enhance the use of fingerprint scanners, industries should provide enough effective gears that cushion fingerprints from chemical effects. It would also be very necessary to improve on the detection of fingerprints by the scanners. This should aim to avoid deceptions from molded images. That notwithstanding, fingerprint scanners requires the physical presence of the user without which it is difficult to access information or premises. They help in businesses that involve transaction with a lot of money. In this case, only few identified persons should have access to hold accountability in case of any reported discrepancies. Fig. User authentication/authorization procedure reader CPU Individual presents→ →local security →CPU compares Credential to reader panel credential ↓ Ingress/egress Authentication CPU→ central processing unit Electric locks have been used in high security places for quite some time now. Several locks used include; exit detectors, which enhance the surveillance of those leaving for the application of access control. An example include, X-Y targeting which has improved the rate at which detection takes place at supermarket or market exits. The T-Rex detector has two louvers that are adjustable for vertical detection. It also rotates at the lens to provide horizontal detection. It has Digital Signal Processing (DSP) implementation made for access control applications. It detects a hand, which is just about to open or push the door, and when the door is forced to open, it produces an alarm that alerts of intrusion. Another example of an electric lock is the egress button, accepts an access-controlled door to be used by those authorized only. Should the door be forced to open, an indication would be generated. Door loops is another type of electric locks. They are fixed into the doors with controlled electrical connection. There is a connection made between the moving leaf and the doorframe. Access-controlled doors with locks void of override from unsecured side to help combat an emergency are fixed with key switches from one entry point to every secure points which fail-safe the lock. However, the use of electric locks has certain limitations. For instance, employees in a company will know the combination of digital or electronic input. In cases where an employees have their contract terminated, they may seize this opportunity to reschedule the input, which makes it difficult for operations. To curtail such a normally, blocks access electronic safe is used to change the lock or block drill to again release a protection against an employee (Lesasand, 2010). Certain electronic locks operate on the dependency on electricity. This means that should there be electricity blackout of any kind, their functionality is jeopardized so that access control becomes ineffective. This problem can be solved by the use of electric strikes, which use either DC or AC currents. When fail secure are used, they stay locked even when there is power blackout. Lit will stay locked from the outside towards inside. During egress or exit, there is a lever on the lock or a knob, which permits safe exit. Electric strikes are also very resistant to weather. It is also important to note that, these locking differentials catalyze the rate of tear and wear. Availability of varied information in the semantic web has called control certain web documents. This access control system demands user’s credential information for purposes of verification and authorization. User’s identity by the service provider through registration is sometimes needed. The provision of credentials i.e. signed documents, establishes an agreement between a principal and a given property (Barbara et al, 2004). A web service provider has the autonomy to grant or deny an access to the service. It is also very possible for users to individual request for a web service from a service provider spontaneously without necessarily registering. There are given functionalities that web services are expected to uphold in accordance to input parameters which have to certify specific conditions so as to impose the right behavior in as far as web services provisions are concerned. Access control enables only eligible web users to have a reach to certain services. There are defined requirements, which dictate access control for semantic web services. These include; a framework which has to give room to end user to check and prove their eligibility for a particular web service. Due to certain complex access control requirement, the framework must also support the stated specifications. There should be very clear specifications made on the interplay of access control and the items of functionality as regarding web services. Computation of the access control policy of a composite web service should be given appropriate support by the framework. Finally, in the execution of a web service, the framework should aid the service provider consider credentials submitted by the requester on the fly (Barbara et al, 2004). Whereas the provision of credentials authentication is useful for the service providers, it has several flaws in itself. First, users requesting for authentication or authorization to use the service may not provide the right information. For instance, where age specification is required, users are likely to submit just information far from the reality. This can lead to consumerism of illegal or inappropriate web service product in relation to age or any other specification. This is not effective as the service provide will not justify the credential accuracy. Access Control systems can be used with closed circuit televisions (CCTV) to help in effective monitoring of intruders. Table 1: Strength and weaknesses of ACS devices ACS DEVICE STRENGTH WEAKNESS Door hardware Easy to install, cost effective Has no extra security Do not indicate who left the device Readers Track those exiting with personal identification, anti-pass back information is achievable Demands more construction cost programming, needs variance to US safety code Exit buttons Simple to implement, do not require additional pros Must be complemented by other automatic exiting devices, has no additional security. Key switches Those exiting must have the code needed hence good security Sharing of exit code risks security, requires additional cost and variance or alternate method to US safety code for door exit. Conclusion Access control devices are very important in improving the security around premises. Their use has ensured that people do not incur cost of human labor, which needs a lot of work force to provide security during both day and night. ACS design should not be based around one access control credential since it does not offer sufficient security when only a coded credential is used. These devices should always be checked so that no faults or mechanical failures are prevented. Bibliography 2870 of Lecture Notes in Computer Science. Springer 9:285–322. Addison Wesley. Ellison, C. M.; Frantz, B.; Lampson, B.; Rivest, R. L.; Thomas, B. M.; and Ylonen, T. 1999a. Simple public key certificate http://world.std.com/˜cme/html/spki.html. Ankolekar, A.; Burstein, M. H.; Hobbs, J. R.; Lassila,O.; Martin, D.; McDermott, D. V.; McIlraith, S. A.;Narayanan, S.; Paolucci, M.; Payne, T. R.; and Sycara, K. (2002). web service description for the semantic web. 1st international semantic web conference sardinia , 34b-363. Berners-Lee, T.; Hendler, J.; and Lassila, O. (2001). the semantic web. scientific American . Biskup J., & Wortman, S. (2003). Towards a credential Based Implementation of Compound access control policies. Dortmund: university of dortmund press. Biskup J., & Wortman, S. (2003). Towards a credential Based Implementation of Compound access control policies. Dortmund: university of dortmund press. Biskup, J., and Karabulut, Y. . (2002). A hybrid PKI model with an application for secure mediation. working conference on data and Application Security , IFIP WG 11.3. Brands, S. 2000. Rethinking Public Key Infrastructures and Digital Certificates. MIT Press, Cambridge-London. Burstein, C. R. Landau (1989.). Security in a Secure Capability-Based System. Operating Systems Review, pages 2-4, Chaum, D. 1985. Security without identification: transaction systems to make big brother obsolete. In Communications of the ACM 28, volume 10, 1030–1044. ACM Clarke, D. E.; Elien, J.-E.; Ellison, C. M.; Fredette, M.; Morcos, A.; and Rivest, R. L. 2001. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security Conference, volume 2870 of Lecture Notes in Computer Science. Springer Denker, G.; Kagal, L.; Finin, T.; Sycara, K.; and Paoucci, M. 2003. Security for daml web services: Annotation and matchmaking. In Second International Semantic Web Denning, D. E. 1982. Cryptography and Data Security. Design (FOSAD), volume 2171 of Lecture Notes in Computer Science, 137–196. FOSAD 2000, Bertinoro, Italy Ellison, C. M.; Frantz, B.; Lampson, B.; Rivest, R. L.; Thomas, B. M.; and Ylonen, T. 1999b. SPKI certificate theory. Internet RFC 2693 Fensel, D.; Hendler, J.; Lieberman, H.; and Wahlster, W., Eds. 2002. Spinning the Semantic Web. MIT Press http://theory.lcs.mit.edu/˜cis/sdsi.html. J. Liedtke (1992). Clans and Chiefs. In Architectural von Rechensystemen. Springer-Verlag, Jahrestagung der Gesellschaft f¨ur Informatik, volume P-19 of Lecture Notes in Informatics, 114–119. German Informatics Society (GI), Dortmund, Germany. http://ls6-www.cs.uni-dortmund.de/issi/cred ws/index.html.de K. Loepere. Mach 3 Kernel Interfaces. Open Software Foundation and Carnegie Mellon University, Nov. 1992. Kagal, L.; Finin, T.; and Joshi, A. 2003. A policy based approach to security for the semantic web. In 2nd International Semantic Web Conference (ISWC2003), volume Lecture Notes in Computer Science, 16–29. Springer M.; Denker, G.; Hobbs, J.; Kagal, L.; Lassila, O.; Martin, D.; McDermott, D.; McIlraith, S.; Narayanan, S.; Paolucci, M.; Parsia, B.; Payne, T.; Sirin, E.; Srinivasan, N.; and ycara, K. 2003. Damls: Semantic markup for web services, version 0.9. Technical report, DAML-S Services Coalition. Naur, P. 1960. Revised report on the algorithmic language algol 60. In ISWC2002: Ist International Semantic Web Conference, Sardinia, Italy, volume 3 of Communications of the ACM, 299–314. ACM P. A. Karger and A. J. Herbert. An Augmented Capability Architecture to Support Lattice Security and Traceability of Access. In Proceedings of the 1984 IEEE Symposium on Security and Privacy, pages 2-12, May 1984. P. A. Karger. New Methods for Immediate Revocation. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 48-55, May 1989. Patel-Schneider, P., and Fensel, D. 2002. Layering the semantic web: Problems and directions. In ISWC2002: Ist International Semantic Web Conference, Sardinia, Italy, Press R. Kane and C. Landwehr (1986). On Access Checking in Capability-Based Systems. In Proceedings of the 1986 IEEE Symposium on Security and Privacy, pages 66-77, May. R. Levin, E. Cohen, W. Corwin, P. F., and W. Wulf (1975). Policy/mechanism separation in Hydra. In Proceedings of the Fifth Symposium on Operating Systems Principles, pages 132-140, University of Texas at Austin, Nov. 1975. ACM/SIGOPS. Rivest, R. L., and Lampson, B. 1996. SDSI- a simple distributed security infrastructure. S. Kent and R. Atkinson (Nov. 1998) Security Architecture for the Internet Protocol. RFC 2401, Internet Engineering Task Force. ftp://ftp.isi.edu/in-notes/rfc2401.txt. S. R. Claimant. Vnodes: Architecture for Multiple File System Types in Sun UNIX. In Proc. of the Summer 1986 USENIX Conf., pages 238-247, Atlanta, GA, June 1986. Samarati, P. 2002. Enriching access control to support credential-based specifications. In Sigrid Schubert, B. R.,and Jesse, N., eds., “Informatik bewegt” Proc. of the 32. Samarati, P., and Capitani di Vimercati, S. 2001. Access control: policies, models, and mechanisms. In Focardi, R.,and Gorrieri, R., eds., Foundations of Security Analysis and T. Jaeger, J. Liedtke, and N. Islam (1998). Operating System Protection for Fine-Grained Programs. In Proceedings of the Seventh USENIX Security Symposium, pages 143-157, Read More