The Future of Access Control - Essay Example

Running head: Future of Access Control Future of Access Control Introduction Access control systems are an integral partof the design of today's facilities. A variety of factors determine the nature of access control to be provided. With the advent of technology, the design and the capabilities of access control systems have undergone a major change (Honey, Gerard 2005). The integration of Information Technology and the physical access control systems have created a vibrant and a dynamic industry which is constantly redefining its capabilities. Physical security of the entrances and exits along with the logging of all inbound and outbound personnel has become an indispensable part of the security management of the facility. This paper will examine the future of access control systems. Access control systems are being increasingly characterized by the convergence between the physical security of the facility and Information technology which is responsible for the security management of the facility which includes issues like authentication and logging. Basic Concepts of Access Control Access control methods can be broadly classified into three categories. Firstly, the visual recognition techniques which rely on a human to check the identity card issued to authorized personnel. This is the oldest form of access control and has several advantages like simplicity, ease of use, low implementation cost (though the cost is recurring in nature) and there is no requirement to always keep the password handy. There are disadvantages too like, the reliance on the human factor and the consequent scope for error; the identity cards can be easily duplicated and finally the low speed at which the checking takes place. Secondly we have the mechanical access control systems which can be characterized as the lock and key mechanism where the key acts as the physical identifier (Honey, Gerard 2005). This system has been used by humanity to secure physical spaces for a long time. The advantages are the simplicity of use and the low cost of implementation. However the disadvantages are that there is no way to prevent or regulate the duplication of an authorized key and there is no system to prevent or log unauthorized attempts. The third method of access control is the electrical access control systems which usually consist of an electromechanical lock which is operated by a set of valid keys. This method can be used imaginatively in various kinds of scenarios to provide differing levels of security. The advantages and the disadvantages of the mechanical access control systems are retained with the additional requirement of electrical cabling. The fourth method of access control is the electronic access control. This is proving to be an increasingly popular solution due to several factors. This method represents a convergence of electronics, Information Technology and physical access control. They can be broadly sub divided into three sub categories, keyboard based, smart based and biometrics based (Horrowitz,P and W. Hill 1992). The merits and demerits of each of these categories will be discussed in detail later in this paper. However all these electronic access control systems have the following advantages like a high level of security, increased flexibility in deployment resulting from a wide possibility for application, operation and small size. They also have some generic drawbacks like enhanced cost of deployment and the requirement of specialized knowledge for installation. Access control is about the continuing race between the increasingly complex access control systems and the people who are trying to gain unauthorized access. This demands a continually evolving technology. This paper will examine the future trends of access control systems and the various technologies associated with them. Types of Barriers and Design of Systems There are several types of barriers with each barrier having its own advantages and disadvantages. These advantages and disadvantages should be considered at the design stage of the facility to arrive at the most suitable barrier for a particular facility. CPTED or Crime Prevention Through Environmental Design is an emerging field of study. This paper shall examine several barriers and highlight the various emerging trends in the design, construction and the installation of that particular barrier. Swing gates are a popular design option. They however occupy a lot of space compared to other door designs and also take comparatively more time to open and close. If used outdoors, accumulation of snow and ice will compromise their ability to function effectively. Slide gates are an effective option in areas where there is a recurring danger of accumulation of snow and ice; however they require additional room along the boundary to slide back. Barrier arms are basically used to restrict the entry and exit of vehicles into a specified area. The length of the arms can be modified to suit the requirement of the area of deployment. Vertical pivots work on the principle of lifting the door vertically off the ground. There is also an option to raise the gates manually. These are some of the barriers which have been discussed to provide a background for the future trends in the design of the barriers for the access control. In areas where vehicles have to be regulated, loop sensors which detect large metallic objects have been used successfully to actuate barriers (Sonde,B.S 1992). Photo cells have been used as access control mechanisms for a long time, but the recent advances in electronics have greatly enhance the sensitivity of the photo detector enabling it to respond only to a particular photo signature. Generally the size of the object is the deciding factor in determining the response. Depending upon the requirement of the end user there are several other means of actuating the barriers like wireless activation over a wide variety of frequencies, actuation by GSM in which a predefined dialing sequence of a mobile phone is used to actuate the barrier. Personal safety is a subject that is connected with access control technology to cater for a situation which demands the evacuation of the facility (Honey, Gerard 2005). The access control systems should be integrated with the fire alarm systems so that when the alarm is activated the access control systems are deactivated to ensure easy entry and exit. Special release boxes should be used to cater for emergencies. These release boxes should display color coded messages which demonstrate their operation. Delayed egress exits are another option for use during an emergency. When the emergency exit is activated, an alarm sounds for a predefined time interval during which the doors stay locked. After this time period, the door is unlocked thus facilitating exit during the emergency. It is preferable to install fire rated doors at all points of ingress and egress. As fire rated door, it should have a pre determined resistance to the spread of fire. Apart from inhibiting the spread of fire, the door should have some of the exit features mentioned above, these types of doors are also identified by suitable markers near the door hinges. A variety of specifications have now been compiled into several standards like the UL 325 standard. Electronic locks are activated by a variety of devices ranging from a keyboard where the user enters the password to a smart card reader where the user swipes a smart card and may or may not be required to enter a password. Biometrics is also an emerging as an identification option. There is a continous move in the access control industry to reinvent its products so as to provide the consumer a customized solution which satisfies their requirements while maintaining a high standard of safety and security. Methods of Identification and Types of Controllers This paper deals with the future trends of access control, hence the access control mechanisms like identity cards, keys etc will not be examined in detail. This paper will focus on the convergence of information technology, physical access control systems and the exciting possibilities that this entails. The electronic access systems have seen major changes in the way identification information is collected and authenticated. The changes have extended to biometrics which uses a particular body characteristic of the authorized individual as the authentication information. This paper will examine the biometrics component of access control systems in sufficient detail later on. This section will deal with the keyboard and smart card based methods of identification and the type of credentials which are used to authenticate the user presenting the credentials. In the keyboard based access control scheme, the user is required to enter a password which can either consist of alphabets or numbers or a combination of both (Honey, Gerard 2005). A micro controller or a micro processor is used to verify this password against an available dictionary of passwords and pass phrases, if a match is found; the physical access control system allows the user to pass through the barrier. There are several disadvantages to this security scheme, firstly an authorized user can share his password with an unauthorized person thus compromising the security of the facility, secondly it is possible to retrieve the passwords from the system using advanced knowledge of computers, thirdly there are several software tools available which make it possible for an user to try and estimate the password stored in the system. The number of applications that this model of access control can be fielded is limited due to the necessity of the users having to memorize passwords and the requirement of privacy while entering the code. The next method of identification is the smart card based method with or without a password. Here a smart card is used in lieu of a key; a password based authentication scheme may or may not be added to the smart card based method (Konicek Joel and Karen Little 1997). Here the credentials which are presented are both the smart card and the password. The biggest advantage of this method is the variety of information that can be stored in a smart card. This method can be integrated into a comprehensive system governing multiple facets of the facility which is to be secured. For example the smart card can be used to draw books from the library, buy lunch from the cafeteria and enter a restricted area. In the rest of the transactions, the smart card reverts to its traditional role akin to a credit card. However smart card based systems are costly and require specialized hardware to scan the information from the smart card. Smart Cards store information predominantly in magnetic strips, however there are some smart cards used in specialized applications which store information in optical strips. Smart card readers are different for both types of smart cards. The system however provides a highly satisfactory user experience and a reasonably high level of security (Konicek Joel and Karen Little 1997). Electronic keys, buttons and smart tokens are all variations of the smart card interface discussed above. Along with biometrics, electronic access control is the most dynamic category in the industry. New products are being continually developed. The popularity of this field is indicated by the high number of patents granted by the US patents office. This is indicative of the amount of research being invested in this emerging field of access control. Biometric Systems Biometrics refers to a wide variety of systems which uses a unique bodily feature of the authorized user as the credential to obtain access to the secure area (Miller, B 1994). There are several unique features which form a part of the biometric industry. In this paper we have covered the various credentials which are examined in biometrics. We shall briefly discuss the latest trends in each of these sub categories. Iris recognition has been used widely to authenticate authorized personnel. The feature uses the unique texture of the iris in each individual for authentication purposes. The accuracy has further been enhanced by advanced photography techniques and pattern recognition algorithms. These techniques have also removed the erstwhile limitation of the person to stand close to the retinal scanner. The cost of the scanning equipment has also seen a consistent reduction over a period of time (Konicek Joel and Karen Little 1997). Image recognition is another means of biometric authentication, the image of the subject is obtained with the help of a camera coupled to the system and this image is compared to the existing images in the database. This field has seen a tremendous increase in the accuracy of the results, primarily due to the availability of enhanced computing power at affordable prices and advances in pattern recognition algorithms (Miller, B 1994). There are however a lot of issues which are yet to be resolved to give image recognition the same level of accuracy as retinal scanning and finger print recognition (Miller, B 1994). Finger print recognition is an established field in biometrics and the recent advances have only contributed to lowering the cost of installation of the system (Konicek Joel and Karen Little 1997). Voice recognition is yet to achieve a satisfactory degree of accuracy comparable to fingerprint and retinal scanners, however this is the subject of research at several universities around the world. US Guidelines for Convergence Between IT and Access Control The Homeland Security Presidential Directive 12 (HSPD 12) is fallout of the terrorist attack on USA on 11 September 2001. As per this directive, a nationwide smart card based authentication scheme will be implemented to cover almost five million federal government employees and approved contractors. This physical access control system will be integrated with the logical access control system which will entail a single credential which will facilitate access to both the facility and the information systems. There are still a lot of unresolved issues, especially the mechanics of integrating the access control system with the entry and exit points. This has been formally specified by the US government in the document Federal Information Processing Standard 201, Personal Identity Verification of Federal Employees and Contractors. This standard has been formalized by the NIST. Presently this standard is applicable only for federal agencies and departments. Europe and UK have several standards which clearly specify various acceptable parameters in physical access control(Konicek Joel and Karen Little 1997). Miscellaneous Issues A recurring feature in all the emerging trends discussed in this paper is the increasing complexity of technology and the need for specialized knowledge for the installation, repair and maintenance of the equipment installed. The various safety measures to be considered during the design and the installation of the access control systems have been covered. It is essential to strictly follow a system of prophylactic maintenance to avoid major breakdowns. It is advisable to enter into an annual service contract instead of outsourcing repair jobs as and when they arise. The concept of preventive maintenance and corrective maintenance should be employed to reduce the system downtime (Konicek Joel and Karen Little 1997). Conclusion This paper has examined the emerging trends in access control mechanisms in the background of several issues. To provide the basic framework for analysis of emerging trends, the basic concepts of access control was discussed. The various types of barriers and the emerging trends were discussed along with the design issues and the various trends in the controllers. The emerging trends in various types of authentication mechanisms along with the various types of credentials were analyzed. Biometric systems have seen the maximum change due to advances in technology; the various aspects of change impacting the various subcategories have been examined. The continually evolving nature of technology is enhancing the capabilities of the access control systems which are performing their duties in an unobtrusive manner. References Honey, Gerard. (2005). Electronic Access Control. Butterworth-Heinemann Konicek Joel and Karen Little. (1997). Security, ID Systems and Locks. Butterworth-Heinemann Horrowitz,P and W. Hill.(1992). The Art of Electronics. Cambridge University Press Sonde,B.S.(1992) System Design using Integrated Circuits. Wiley Eastern Press Miller, B. (Feb 1994)"Vital Signs of Identity". IEEE Spectrum. Vol 31. No 2. pp 22-30. Read More