ACCESS CONTROL
The
power to restrict or allow passage to or through an object, via a barrier, using
something a person has and /or something a person knows.
A simple form of
access control is the use of a mechanical lock and a key. The door is the
barrier, the restriction is if you have a key or not and the object is the
space on the other side of the door.
Both the object and
the barrier may be real or imaginary devices. The barrier may be a software
feature that does not allow you access to information without the key.
Also some barriers
are not concerned so much about controlling the passage of a person so much as
controlling access to a persons vehicle e.g. a boom gate.
Access Control can
be differentiated into two main types; Physical Access Control and Logical
Access Control.
Physical Access
Control is about accessibility of space. Access to buildings, rooms and floors
is access to certain spaces. The accessibility of these spaces is controlled
usually by a key or token, which is the something you have, and can lend to
someone else. Sometimes you also have to know a password or user name
(something you know). A point of access may be setup so that during work hours
a password will allow access but after hours access is dependant upon both the
presentation of a valid token as well as a password or PIN.
These spaces may be
subdivided into areas or cells so that your access is further restricted by the
systems knowledge of where a person should within the system of cells and
areas. When a system is setup like this it is important that personnel do not
tailgate or follow another person either into or out of a door or If this tail-gating occurs then
the system will assume that the person is still within an area and that they
may have passed back their key to someone else when they entered and there fore
will not allow that key to access doors etc that it would otherwise be valid
for. Hence this feature is called Anti-Passback.
In high security
installations there is also a feature called Dual Custody or Dual Key Entry.
This simply means that two valid keys have to be presented to the reader within
a certain time for access to be granted. This is often used in cash, drug or
evidence vaults.
Sometimes as well
as providing access to the space there may be other elements that are also
accessed. These other elements may be air conditioning, lighting, PABX
location, alarm disarming, a CCTV state etc. The access control may also change
due to specific alarm events like fire, bomb threat or other emergency
condition.
Access Control Tokens(Graphics in this link) are available in many different technologies and in
many different shapes. The information that is stored on the token is presented
to a reader that reads the information and sends it on to the system for
processing. The token may have to be swiped, inserted or placed on or near a
reader. The reader sends information to the system. This usually consists of
something that identifies the token as belonging to the system as well as
something unique that identifies the token itself. The system will then decide
if access is to be granted or denied based upon the validity of the token for
the point where it is read based upon time, date, day, holiday or other
condition that is used for controlling validation.
When Biometric
readers are used then the token or key is your retina, fingerprint, hand
geometry, voice or whatever biological attribute is tested. Again this is
something you have. Most biometric readers also require a PIN as this is used
to index the stored data on the sample readings of your biological attribute.
Physical Access
Control is not restricted to humans. Vehicles often will have active access
control devices fitted to them so that they are treated independently to the
driver. This enables identification for parking, fuel, weigh bridge and can
even be used to check over speed limit conditions. Also access control is being
used with animals, both in the domestic situation (e.g. the cat/dog door - You
cat/dog gets in others don't) and in the commercial scene like in dairies where
they not only allow access but can be utilised to measure production against
each individual member of the heard.
Logical / Intellectual / Information
Access Control:
Here we are mainly
concerned with information and its integrity. The access can be obtained again
from a token and/or a password.
The common old
Personnel Computer used to come with a key switch on the front. This switch was
used to lock out the keyboard so that others could not use or access information
on the PC. Although this is fairly primitive it is a form of intellectual
access control
The use of dongles
(something you plug into a computer port to control access to a certain program
or program properties) has become quite common. Also the use of a reader on a
computer that allows access to the computer and/or parts thereof is also
becoming more common. Passwords and/or tokens are also being used to allow
access to databases, networks and parts of networks (Domains).
The rights that are
given may be quite complex overall, but essentially they are concerned with
whether a person is allowed to view the data only, or have permission to modify
it as well.
Most of the
networking systems that are used by companies and government use a system of user
names and passwords to provide access control of the various elements of the
network.
DKS have a number
of systems for protecting access to information. These range from AUTO LAN Keys
to Pre-Paid access keys for Information Sellers. We also can provide software
protection to protect the copyright on software products.
OUR SPECIALISATION IS IN ACCESS CONTROL:
Our main
specialisation is in access control. We supply and install many different
brands of systems and types of systems. We have various standalone systems,
which feature a single door, to systems that are Australia Wide, with hundreds
of controlled access points.
Our new systems
using contact less smart cards can connect together via a TCP/ IP network. This
means that expensive and slow land lines can be forgotten and existing
infrastructure can be utilised for the programming and monitoring of large
systems. If the network traffic is not overloaded, your CCTV can also be
streamed across the network so that an operator can see exactly what is going
on at a remote site.