What Will Provide the Best Input Control - EAC System or Biometrics - Coursework Example

Discuss the Essential Criteria Involved When Considering the Introduction of Electronic Access Control Systems and Compare and Contrast the Different Types of Device Currently Available Table of Contents Table of Contents 1 Introduction 2 Essential Criteria Involved When Considering the Introduction of Electronic Access Control Systems 3 Compare and Contrast the Different Types of Device Currently Available 8 Conclusion 16 Introduction An Electronic Access Control System (EAC) is a mechanism for security control which can be used physically or automatically in order to manage the entry and exit of protected areas of an organisation or site of work. EAC also can be used with the badge of an employee in order to unlock the entry of the particular office where the employee would be working. It has been viewed that both biometrics and EAC have almost the similar requirements wherein the user of the system must authenticate his or her admission before entering the building. This entry can be authenticated by numerous means which can be done through biometric check, smart card, key pad entry and smart badge that have the proximity admission technology. In addition, the EAC which is also used for exit can be bifurcated into two kinds of systems i.e. free exit system and controlled exit system. In free exit system, the user needs not authenticate before leaving the protected area. The EAC which is a system that is in-built with motion sensors can easily detect a person approaching along with intending to exit and simultaneously unlocks the main entrance or has a release switch that permits the individual to leave. On the other hand, controlled exit system practises the similar security system for the individuals moving in both the ways i.e. entry and exit. In this system, the individuals should either enter the code or signal by waving their card in order to enter or exit the protected area. Therefore, EAC can be determined as a crucial mechanism of security for entering a protected area. Besides, biometrics is the process of authentication in order to enable the admission of people in protected areas of the EAC system (TechTarget, 2014). With these considerations, the study intends to delineate the essential criteria entailed when considering the introduction of EAC. Moreover, a comparison will be made regarding the different types of device related to EAC that are presently available. Essential Criteria Involved When Considering the Introduction of Electronic Access Control Systems The introduction of electronic access control system in an organisation requires a lot of planning. The organisation in order to effectively install an EAC system must thoroughly evaluate the requirements of the organisation. Based upon the requirements, an organisation must plan the installation of the sophisticated system appropriately. EAC products developed by Schneider Electric provide support to the full choice of needs for access control in an organisation. The products developed can be installed in a small office block along with multi-site office blocks. This system provides limited access authentication and observes the movement of personnel within the organisation to wide-ranging oversight. In order to effectively implement the EAC system in the organisation, it is highly recommended to identify the factors which can affect the implementation of EAC system in the organisation. These factors include identifying the locations wherein the EAC system is actually required. It is also very significant to recognise the personnel who use these particular locations. Moreover, the movement of the personnel in the organisation from one place to another should be closely monitored. It is also imperative to determine how the EAC system has to be managed in the organisation in order to access the permissibility in entering or exiting the location (Schneider Electric, 2010). Figure 1 shows the floor plan of a small workplace which has a manufacturing unit: Figure 1: Floor Plan of A Manufacturing Unit (Schneider Electric, 2010) The represented figure helps in determining the requirement for EAC and its configuration in an organisation. Firstly, at the main entry, the receptionist welcomes the office staff and the visitors during the functioning hours of the business. However, during the time when the office is not functioning, there might be a requirement for the employees to either enter or exit. Therefore, it is highly recommended to monitor the usage of these doors during the off hours. The employees involved in manufacturing process should use the rear entrance in order to enter or exit the workplace. The door that is closely related to the manufacturing area can be used for emergency exit in case of emergency circumstances and should be usually locked under normal circumstances. Moreover, only authorised personnel should be permitted into the manufacturing area. In addition, the managing staff should closely monitor the manufacturing employees who exit the workplace through the warehouse to the rearmost entry (Schneider Electric, 2010). Figure 2 depicts the same floor plan with installed EAC system. Figure 2: Floor Plan of A Manufacturing Unit with Elctronic Access Control Devices in Position (Schneider Electric, 2010) Once the EAC system is installed in the organisation, the main entrance will have an EAC system which includes a motion sensor and a camera that would provide surveillance during off hours. There would be a single reader installed in the manufacturing floor of the office. There would be a dual reader door on the manufacturing floor from the warehouse. Furthermore, there would be a single reader at the rear entrance of the office. The loading dock will have a door switch that is supervised and finally the emergency exit will also have a supervised door switch (Schneider Electric, 2010). Consequently, once the card reader is installed in the main door, the admission of employees in the work place would be more appropriate. Furthermore, the visitors will not be permitted through the main door if in case the receptionist is not present on the floor. The motion detectors that are installed unlock the door automatically while making exit during working hours, but an alarm would be triggered along with video if an unauthorised person tries to enter the building. The camera that has been installed would capture the video of the trespassing person which would directly alert the security guard at the work station. In addition, the supervised input is installed in the gate which facilitates to alert if someone tries to tamper the lock. In terms of another essential criterion, there is another card reader installed at the door to the manufacturing place from the office wherein the card reader allows only authorised personnel in the manufacturing area and there is no authentication required while exiting the manufacturing place at emergency circumstances. There is a card reader installed at warehouse for entering the manufacturing area which permits only authorised personnel in the manufacturing area but the employees will have to use their respective cards in order to exit. There also is a card reader installed at the rear entrance which permits the employees to enter the warehouse. However, there is no authentication required to exit using the rear entrance. The controlled inputs on the rear door, loading dock and the emergency exit detect any altering that directly initiates an alarm (Schneider Electric, 2010). Consequently, it can be ascertained that when designing an EAC system there are various factors that an organisation should consider including the kind of area where the EAC system is being installed, layout of the organisation, rate of the movement related to the people, materials and vehicles along with ensuring that the unauthorised items are not permitted in the organisation and determining the number of workers required at the portals of access control. Besides, there should be secondary source of power available in the organisation so that if the power failure occurs then the EAC is still operable. The EAC system should be designed in such a way which provides in-depth defence to the organisation. However, if in case there is some non-functioning EAC system in the organisation then there should be a person designated to repair those defective EAC systems immediately to ensure complete protection for the organisation (United States Nuclear Regulatory Commission, 2011). Compare and Contrast the Different Types of Device Currently Available EAC system is determined to be a security system installed in order to provide protection against unauthorised personnel or unwanted visitors. The EAC system is very useful in protected areas and it provides free movement for the authorised personnel in the protected areas. EAC systems can be either helpful or complex, but it is useful for authorised personnel as it provides complete protection to the establishment or building (British Security Industry Association, 2012). There are different components of EAC system which identify a person to access or permit admission into the protected area. The main components include credentials, human verification, readers, reader interface, door contact, controllers, programmers, power supply units, PC & software, egress devices and operation (British Security Industry Association, 2012). Credentials: A credential is an object that is either physical or tangible which uses a part of information or face of an individual’s physical being that provides access to the person in the controlled or restricted area. Credentials comprise various codes that are known by a person, tokens that include access tokens and biometrics which has an installation feature. a) Codes: A code can be termed as something that is known by a person which can be either common or group code or a Personal Index Number (PIN). Codes are generally of 4, 5, and 6 digits, but these codes can simply be copied so it is advisable to take utmost care of them (British Security Industry Association, 2012). b) Tokens: There are numerous tokens available which have distinct characteristics along with rate. These tokens include smart cards which has a magnetic strip that provides data for identification. These cards are generally read by a reader through swiping into the reader slot. These cards are essentially cheaper and can be copied very easily as they get deteriorated as the time passes and are often required to be replaced. Contact is a cheaper type of card that directly has contact to the surface of the building having a set of integrated chips. Contact cards are not easier to copy but they get deteriorated as the time passes. Passive proximity is generally a cheap card that has small integrated chip which transmits the number of the users to the reader in a shorter distance. These cards are not easier to copy and can be used for a longer time and the chip that is within the card is usually protected. Active proximity can identify the user from a longer range i.e. 0.5m to 10m that has integrated batteries inside the cards. These cards generally have a longer life but the batteries should be replaced as and when required. Radio-frequency identification (RFID) is a smart card that is usually contactless which can be used by multiple users as the card can hold a lot of data and the reader writes the required data to the card. RFID can also be used to access control systems off-line (British Security Industry Association, 2012). c) Biometric: There are numerous varieties of biometric reading technologies that are available. An organisation can either use biometric verification or biometric identification. Biometric verification refers to one-to-one technology in which the sample of users biometric is compared to a particular template that is stored in the biometric system. In case of biometric verification, the users’ recognize themselves to the biometric system through smartcards or keypads after which the feature of biometric scans the data. The system after scanning the data verifies the feature of biometrics to ensure that the information stored in the system actually matches the biometric feature of the person. Biometric verification is generally a quicker process as the biometric system needs to not search the stored information to find the user template. Conversely, biometric identification also known as one-to-many technology wherein the biometric feature that is recorded is compared to the saved biometric information in the system. In this case, the user will be unfamiliar to the system before providing a biometric sample. If the identification of the user matches the data in the biometric system then the user would be provided admittance to the protected area. However, biometric identification is inappropriate if there are a lot of users enrolled in the biometric system. As per the comparison, biometric verification is better than biometric identification as it requires lesser time due to the technology of multiple reading (British Security Industry Association, 2012). The table given below shows a comparison between biometric technologies: Table 1 (British Security Industry Association, 2012) Human Verification: It is also considered as an EAC system which verifies the individual entering the restricted area. There are various types of access control system under human verification which include: a) General: In this system, the user is granted the permission into the protected area through a door that is remotely controlled or manually. This is not considered as an EAC system as the verification is done by a human being who grants the permission to enter via the door (British Security Industry Association, 2012). b) Human Image Verification: Video verification can be availed in order to increase the effectiveness of the EAC system. In this case, the card that is swiped in the reader is viewed by the operator using the PC wherein the photo of the user is generated along with live image of the user that can be viewed through the installed camera. The access to the user either can be allowed or denied which highly depends on whether the operator using the PC recognises the individual in the live image or the photo that has been displayed (British Security Industry Association, 2012). c) Other Human Identity Verification Methods: The EAC system provides alternative methods of usage wherein the system can verify the user through the means audio by the integration of compound IP built intercoms for the automated door control system (British Security Industry Association, 2012). Readers: The EAC system can be classified and compared based upon their functions and performance. There are generally four types of readers available including: a) Standalone Readers and Keypads: These readers have required inputs and outputs that are used to control the door along with facilitating the retention and power of processing to make the decisions of accessing independent. A standalone reader generally has a common code wherein the person knowing the code is permitted through the door (British Security Industry Association, 2012). b) System Readers: These readers usually read the information from the card or the keypads PIN and transmit the data to the controller. In this case, most of the controllers provide feedback through audio or visual means to the user regarding whether the access has been denied or granted (British Security Industry Association, 2012). c) Combined Reader / Controller: This is a device which involves the combination of both reader and controller incorporated in a particular device. This reader uses the copy of information related to the users which automatically allows the system to either grant or deny the users admission if in case the controller of the system is not able to access the network (British Security Industry Association, 2012). d) Offline Readers: This kind of reader device is different from the other readers as it does not maintain any database of the user. For offline readers, the card itself carries the entire information that decides which door is valid and at what time the access of the user should be allowed. The offline reader does a thorough analysis of the data and henceforth grants or denies the user admission appropriately (British Security Industry Association, 2012). Reader Interfaces: These reader interfaces examine the information from the readers and forward it to the controller of the system. The door is controlled through the readers’ interface that is usually in close proximity to the point of access and works according to signal provided by the controller (British Security Industry Association, 2012). Figure 3 below shows the user interface in an EAC system. Figure 3: User Interface within the EAC System (British Security Industry Association, 2012) Controllers: The controller system carries data in a local database which decides whether a user is granted or denied through the door at the particular time. It also works offline if in case there is a failure in the network connection. Controllers can be linked easily to the PC through various methods of interconnection. The function of the system depends on the controller so it is highly recommended that proper consideration is to be given to the readers that are connected to a device. If there is a controller failure then there would be a possibility that the controlled points get affected depending on the design of the system (British Security Industry Association, 2012). Power Supply Units (PSUs): It is considered that the requirements for power supply should be properly checked so that the locking system in the door is appropriate. Additionally, the system should have a battery backup if in case the situation of power failure arises. A suitable PSU should be provided as per the manufacturer’s commendations if the controller does not have its own supply of power (British Security Industry Association, 2012). PC & Software: The software includes a simple separate solution that has been installed in a PC to a secure solution that is server installed in a protected area. Authorised personnel can easily gain accessibility from any PC if a web based system is available. Controllers are nowadays provided with system software which is preloaded with an industrial grade PC. These systems are available with a battery backup that can overcome power failures. In addition to the feature of access control, the software deals with system of video surveillance, intruder integration and ID badging along with lift corner (British Security Industry Association, 2012). Programmers: If the EAC system is not controlled by PC then there should be a means of supplying the programming system which does not have any requirements for deleting or adding the cards. It can be done through keypad and master controller or a manual device. These devices should be controlled by password and easy to operate. This system has an adequate security level but the card holder records will have to be kept if in case the users lose their card (British Security Industry Association, 2012). Door Contact: The main usage of the door contact includes to sense, open and to close the controlled door. Door Contact is made up of two components which include the switch of contact i.e. door frame installed and a magnet that is mounted on the door. Door contact is used to monitor the situations such as door forced alarm wherein the door is being forcefully opened without using the reader. Door contact also monitors door held alarm wherein a person holds the door for someone else in order to block the door (British Security Industry Association, 2012). Egress Devices: To replace the lock sets of the installed EAC system, an authorised egress would be required to ensure that the monitoring door contact is secluded for the particular time of door release. There are two types of egress devices which include: a) Normal Egress: The most usual devices used are egress buttons which can be light, heavy as well as touch sensitive switches having the primary function of sending a signal to the controller in order to release the lock of the door (British Security Industry Association, 2012). b) Emergency Egress: This device depends on the function of the controller on the access control systems and software in order to meet to requirements of the local fire authority and building regulations. If in case there is failure in the safe locking then a green break glass would operate that will remove the lock from the door and leave it unsecured. An alarm would be generated if the monitored access control door is unlocked. It is recommended to use either double or ‘triple pole break glass units’ which ascertain the release of both negative as well as positive connections (British Security Industry Association, 2012). Operation: For an online EAC system, when the data of the user is swiped in the reader, the user data is sent to the controller of the door. The controller then compares the received data with the database. Once the data matches, a signal will be sent by the controller to release the lock of the door which would be provided through audio or visual feedback (British Security Industry Association, 2012). Usually, an EAC system is controlled while entry and uncontrolled while exit. Thus, it is considered that to control exit, a second reader is required on the secured door side. Mechanical free egress device can be used that allows exiting the door if in case the EAC system is not available (British Security Industry Association, 2012). Conclusion EAC system provides protection from the unauthorised and unwanted personnel in the restricted area. These systems are either manual or automated wherein there are two types of system which include free exit system and controlled exit system. It is highly recommended to configure the EAC system in such a way that the authorised personnel are allowed to enter or exit in case of power failure. EAC system is considered as a security mechanism whereas biometrics is an authentication process. Therefore, if an organisation introduces an EAC system within the work premises then it is considered that the organisation should undergo an evaluation process in order to identify the specific requirements. There are various aspects to be taken into consideration while designing the EAC system of an organisation which would ensure the efficiency of the entire system. In addition, it has been revealed that there are numerous devices of the EAC system but it would be more important for an organisation to consider the components of this system which are directly related to the devices involved in EAC system. References British Security Industry Association, 2012. System Components. A Specifier’s Guide to Access Control Systems, pp. 15-21. Schneider Electric, 2010. Planning an Access Control System. Andover Continuum Cyberstation Access Control Essentials Guide, pp. 8-168. TechTarget, 2014. Electronic Access Control System and Biometrics Authentication. What Is Electronic Access Control (EAC), And How Does It Relate To Biometrics? [Online] Available at: http://searchsecurity.techtarget.com/answer/Electronic-access-control-system-and-biometrics-authentication [Accessed February 22, 2014]. United States Nuclear Regulatory Commission, 2011. Design Considerations. Access Control Systems, pp. 1-113. Read More