Access Control System Technology - Article Example

Access Control System Technology Name Institution Course Date It is a critical responsibility of management to ensure that organizational information and information systems are adequately secured. Almost all applications dealing with privacy and financial have some kind of access control. Indeed, access control entails verifying the permitted activities of legitimate users through mediation of their every attempt they conduct in accessing a resource in the system (Hu, Ferraiolo, & Kuhn, 2006). The user can be granted complete access by the system after successful authentication but majority of the systems demands a more complicated control. Access control also involves the manner in which authorizations are structured (Tistarelli & Nixon, 2009). Authorization may be based on the sensitive nature of information which requires clearance before a user can access the documents. In some cases, it is a reflection of organizational structure. This essay discusses aspects of access control technology (ACS) by focusing on ACS technology trends and future directions. Biometrics access control system is also discussed in detail. Access control industry continues to evolve with introduction of adaptable, secure, and open security solutions. Static access control architectures that have shaped the industry for a long time are becoming redundant as organizations require access control solutions that are capable of adapting to future threats (Le & Jain, 2009). Indications about future trends in ACS technology shows that secure print management and network logon would be achieved. This objective is critical as technological trend moves towards adoption of fully interoperable, multilayered access control security systems. Incorporation of dynamic technologies has become a major requirement in ACS technology sector. This ensures that security is independent of hardware and media (Ferraiolo, Kuhn, & Chandramouli, 2007). Access control infrastructure can therefore evolve to meet future demands and security threats beyond the current capabilities. Additionally, it will be adaptable to deal with continuously changing threats. However, access control industry is still at an early stage regarding this development as many organisations are reluctant to embrace this change. In addition, more adoption of dynamic access control security solutions are expected to increase as strategies for change will become more understandable and opportunities for change are embraced. It is vital to put mechanisms in place that properly authenticates authorized users only to access data through access control by blocking attackers or unwanted guests pretending to be legitimate users. Here, access control can be considered to be a security element and a solid background used to implement further security measures (Poniszewska-Maranda & Rutkowska, 201). Through access control system, an organization should first control unauthorized use of its data and resources. The focus should then shift to prevention of any kind of intrusions from outside (Kims & Solomon, 2012). Indeed, the logic behind access control involves restricting and protecting access to some resource and ensuring only those permitted do actually access it. Access control system also deals with the manner and time in which a resource can be used ().Kims & Solomon, 2012). An example is an operating system responsible for controlling access to the files and a certain authorized user only has access to edit a given file during normal working hours. In essence, proper management of access control systems technologies appropriately promotes sharing of information amongst users and applications (Betino, Chinua, & Kamra, 2011). An access control system is composed of different components ranging from those responsible for identifying a person to those that grant access. The main components in the system include credentials, biometric, readers, reader interfaces and controllers (British Security Industry Association, 2012). A credential enables an individual to gain access to an area that is controlled. It may be a physical object, part of an individual physical being or some form of knowledge. Typically, credentials can be a combination of something that a person knows, have or are such as biometric feature like fingerprint. Credentials include a code, access card or other token (Tistarelli & Nixon, 2009). Access control readers include system readers that forward the data it read from a credential such as an access card to a controller. Others are standalone readers that control the door hardware for instance, its memory and processing power in order to make access decisions on its own. Strong authentication is a trend in ACS technology that continues to develop in importance. Rapidly changing threats in the information security environment have necessitated the importance of having strong authentication procedures in the access control environment. Multifactor authentication is a component of security that security professionals fully understand. Access control industry is quickly transitioning to a multifactor authentication period as additional authentication factors are becoming vital if security threats are to be overcome. Biometric, behaviour-metric solution, mobile and web token continues to gain significant importance as additional authentication factors. Indeed, software tokens are replacing display cards, hardware OTPs due to their inconvenience for hand-held devices such as mobile phones and browser-based tokens (Faircloth, 2014). However, this approach is vulnerable to various security threats and more secure authentication alternatives is crucial in future. Multi-application credentials that uses a data model is a secure authentication that will be fully embraced in the near future. Moreover, there will be increase in adoption of biometrics and gesture technology. This will dramatically change how people interact with various ACS technologies. In order to have a quality access control system, selecting a system that meets the requirements for a given facility is very important. These requirements vary from industry to industry. However, the factors that should be considered when choosing the best ACS technology do not change (Kims & Solomon, 2012). Technology, system flexibility and durability of system components are some of the areas to consider in selecting an ACS technology. Magnetic stripe, proximity, Weigand and contact-less smart card are the most widely used technologies. Depending on the type of technology used, the manner in which badge interfaces with the reader is affected (Kindt, 2013). The badge needs to be swiped when either magnetic and Weignand technology is used. On the other hand, the badge may be placed in a position that is not far away from the reader when proximity and contact-less smart card technologies are utilized. In general, the type of technology chosen affects other aspects that include cost and reader mounting locations. There are three factors that should be considered before an access control system can be implemented by an organization. Access control policies, models, and mechanisms should be factored in the planning process of adopting access control system (ACS) technology (Hu et al., 2006). Access control policies specifies the people who are allowed and under what circumstances to access information. In addition, these policies indicate the management principles involve in granting access. For example, policies may be based on authority, competence or obligation (Kindt, 2013). Access mechanisms are features that enforce access control policies at a high level by translating access request of a user. In most cases, it is executed through a structure provided by a system. Access control models are responsible for bridging the gap between access control policy and mechanism. Access security models are often written in such a way that it describes the security properties that an access control system possess. Organizations should choose and installed access control system technologies because it effectively secures the premises. Its benefits include enhanced security of organizational personnel and assets. It reduces the overall cost used in security management and forms a critical part of the entire electronic security system (Faircloth, 2014). Indeed, access control technologies are increasingly being adopted and implemented as it continue to deliver improved security and efficiency. In particular, networked systems continue to bring significant impacts as use of access control systems in security increase. Access control system technologies are increasingly being fitted with enhanced features and functionalities that provide improved security and contribute to organizational operational objectives. Access control systems have rapidly grown and will continue as latest developments in technology are invented. Networked systems is an area of access control systems that has evolved over time. In the next few years, access control systems will be consolidated and put in one place with other sources of data that include security and non-security systems. The trend shows that networked systems will be utilized in providing information and intelligence through analysis of large data (Chbeir & Bouna, 2013). This significantly contribute to predictive analytics hence consolidating the ability of the computer and technology industry to provide proactive security rather than reactive. Integrated systems are becoming more beneficial and cost effective as it has the ability to offer users with single control platform important in monitoring a facility. It includes video surveillance, alarms, building control and photo-imaging among other systems. All IP-based systems possess these characteristics at the time when Internet of Things is maturing. In addition, software that is very powerful is developed for purposes of processing and analyzing large amount of data that have been generated. Wireless/WI-FI technology is rapidly adopted in the access control industry. It is therefore crucial for manufacturers to focus on developing readers that accommodates this kind of technology. The level of integration between wireless technology and traditional PACS systems is one of the issues that will likely impact this trend (Poniszewska-Maranda, 2010). Furthermore, safety concerns will play a vital role in the successful integration of this technology into access control systems. It is therefore important to have a careful consideration when these devices are being selected, recommended and deployed. As it is with technology, no one solution solves all the problems or issues associated with access control. In the future, both wired and wireless technologies will be form an integral role in development of access control system solutions. In today’s world, advances in technology have brought many potential hidden threats that could harm its users. Theft of personal data and information is one of the major threats even though these documents are secured with highly encrypted passwords. Nonetheless, these security measures are increasingly being misused and stolen. Cyber attackers are taking advantage of flaws in the access control systems as access cards are duplicated, counterfeited or misused. Biometric security systems have been invented to deal with these cyber security challenges (Le & Jain, 2009). Biometrics are the unique or personal characteristics of a human body. It may either be physical or logical traits. They are used in identification of each human being. Biometric recognition therefore involves identifying a person based on his or her physiological or behavioural traits (Chauhan, Arora, & Kaul, 2010). In the three decades, access control systems based on based human face, voice, iris and fingerprint have been developed. They have enhanced security as they continue to be infused with traditional biometrics. Biometric based systems have become popular as it fits into the current era where flawless security measures are highly demanded (Chauhan et al., 2010). Indeed, access control systems that are simple, convenient and user friendly are gathering a lot of pace with biometrics fitting the criteria. Biometrics is concerned with automatically authenticating people based on their personal characteristics. Biometric system are used for two main purposes; verifying an individual’s identity and to ascertain the identity of an unknown user (Ballad & Banks, 2011). For biometric technology to be successful as an access control system, it must possess certain characteristics. Collectability is a characteristic that must be present in any biometric system. In fact, biometric system should have the ability to collect a person’s sample data in a way that is easy and reliable (Ballad & Banks, 2011). There exist several human characteristics that are unique, universal and permanent and can be utilized for biometric access control. Many of these characteristics are not used because there are either intrusive or collecting data is too difficult. A good example is DNA which can accurately identify each individual but it is impractical to collect a person DNA sample to be used in access control. Performance of an access control system is key to its success. A positive or negative result should be quickly returned by a biometric access control system. In most cases, 5 to 10 seconds is the maximum amount of time that a person is willing to wait in order to pass an access control system (Balland & Banks, 2011). The system should therefore have the ability to quickly and efficiently analyze the sample data and conduct a database check-up in order to performance issues. Acceptability is a vital factor in the success of any access control system. Acceptance by users is sometimes a big obstacle for some access control systems. It is often due to the fact that users do not understand the technology and have concern over their privacy (Balland & Banks, 2011). By installing a biometric system that users understand its technology, they are likely to accept it. Examples may be signature or fingerprinting recognition rather than based the system on technology such as retinal or iris scanning. On the other hand, concerns over privacy stems from the fear over biometric data that was collected and stored in the enrolment process. Before biometric access control system is implemented, assurance must be given to the users regarding their biometric data. They should be assured that their personal information will only be used for authentication purposes. Moreover, they need to be guaranteed that their biometric data will be stored securely. Biometric is an access control system technology that will be used more often in the future due to its numerous advantages. It is a unique technology that allows effective verification of an individual’s identity. Indeed, the chance of having two users with the same identification in the biometrics system is almost zero (Tistarelli, 2009). The identification process of users is highly secured with this technology (Le & Jain, 2009). It is therefore less likely for users to share access to data that is highly sensitive. For example, fingerprints, iris, among others cannot be shared in order to access secure information. In the identification process, the trait used is a single and unique property of the user hence it is very difficult to share or duplicate biometrics in order to access data with other users. Biometrics used in identifying users cannot be forgotten, lost or stolen (Le & Jain, 2009). This characteristic popularise biometric technology and therefore makes biometric access technology the access technology of the future. In the information technology industry, access control has not been defined in the same way as it is known in physical security world. Nonetheless, the trend in ACS technologies and future directions are slowly merged to become one discipline. Earlier, these two functions were under different management entities. It is important to recognize this trend in the access control world. In fact, the objectives of companies must incorporate these changes. Today and in future, simply protecting physical assets is and will not be enough. The role of access control system has expanded and it includes the function of controlling all assets that have value. Information related assets should also be protected by access control system technologies. The adoption of any new technology takes time and ACS technologies are increasingly becoming more robust. In fact, ACS technologies are now playing a larger role in security. The trend in ACS technology points to a long period of co-existence between this technology and those it was present before it. For this reason, it is important for ACS technology to be compatible with the present technologies. References Ballad, B., Ballad, T., & Banks, E. K. (2011). Access control, auolomthentication, and public key infrastructure. Sudbury, MA: Jones & Bartlett Learning.. Bertino, E., Ghinita, G., & Kamra, A. (2011). Access control for databases: Concepts and systems. Hanover, MA: Now Publishers Inc. British Security Industry Association. (2012). A specifier’s guide to access control systems. British Security Industry Association: London. Chauhan, S., Arora, A. S., & Kaul, A. (2010). A survey of emerging biometric modalities. Procedia Computer Science, 2, 213-218. Chbeir, R., & Bouna, B. A. (2013). Security and privacy preserving in social networks. Vienna: Springer. Faircloth, J. (2014). Enterprise applications administration: The definitive guide to implementation and operations. Waltham, MA: Morgan Kaufmann. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R. (2007). Role-Based Access Control, 2nd edn. Artech House, Hu, V. C., Ferraiolo, D., & Kuhn, D. R. (2006). Assessment of access control systems. US Department of Commerce, National Institute of Standards and Technology. Jain, A. K., Flynn, P., & Ross, A. A. (2008). Handbook of biometrics. New York: Springer. Kim, D., & Solomon, M. (2012). Fundamentals of of Information Systems Security. Jones & Bartlett Learning, New York. Kindt, E. J. (2013). Privacy and data protection issues of biometric applications: A comparative legal analysis. Dordrecht: Springer. Le, C., & Jain, R. (2009). A survey of biometrics security systems. EEUU. Washington University in St. Louis. Poniszewska-Maranda, A. (2010). Conceptual Approach of Access Control in Hetereogeneous Information Systems using UML. Journal of Telecommunication Systems 45(2-3), 177-190. Poniszewska-Maranda, A., & Rutkoska, R. (2013). ‘Implementation of Usage Role-based Access Control Approach for Logical, Security of Information Systems’, In In Świątek, J.J (ed.), Advances in systems science: Proceedings of the International Conference on Systems Science 2013 (ICSS 2013) (eds.) Wroclaw: Springer, 131-149. Tistarelli, M., & Nixon, M. S. (2009). Advances in biometrics: Third international conference, ICB 2009, Alghero, Italy, June 2-5, 2009 : proceedings. Berlin: Springer. Read More