Access Control - Security Administration free essay sample

In todays world we consider access control as something that grants or denies entry to our homes and businesses using a system or device such as a key, access cards, security pins or even physical guards. Modern day systems can do much more than just restrict access to a given space, but their basic function is to do just that, restrict access. The Decision making process Do we need access control and why. Think for a moment how many buildings or facilities that you know of that don’t have at least a lock on the door. In todays civilized society we unfortunately also have crime and lots of it. Because of this, we must have access control.The main reason for controlling access is to prevent someone from entering that may want to steal and damage property or cause harm to those on the property. Why there are also many social reasons for access control, many companies also employ access control to limit liability and improve productivity by allowing people to feel safer in their workplace knowing that not just anyone can come in. We will write a custom essay sample on Access Control Security Administration or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page The decision to have access control ultimately depends on the needs of the property or people being protected. Access Control Functions The basic function of all access control systems is to grant or deny access into a facility you are controlling. In order to be effective, an access control system must use certain processes, these processes are: Identification, Authentication, Authorization, and Accountability. The Identification process gathers information on the person requesting the access. Authentication is used to prove or disprove identification, this can be accomplished by several methods, but generally something like an access code along with a smart card works well (something you have and something you know) Authorization is determined by rules that determine who can enter and under what circumstances.The final process is accountability, the process of reporting and logging who has requested access and the results of those requests. Types of systems Starting with the basics, guards are a type of access control system that dates back to the medieval times. Even today, guards are still used to keep people out or at the least keep people under control. Locks and keys have also been around quite some time and are conside red to be a reasonably good access control system. However, over time, criminals have learned how to get past everyday locks and use tools of the trade to circumvent the key locking systems or simply cut padlocks.PINs (Personal Identification Numbers) are also a type of security system, but since pins are often lost and can easily be stolen, they are not widely used by themselves as a type of access control. Smart cards, which are still widely used today, offer a form of security that can require (something you have and something you know) the smart card being something you have and the pin for it something you know. Biometric access control systems are so far the best type of access control we have today. The reasoning for this is because it relies on identifying unique human characteristics such as fingerprints, retinas, hands, etc.Since these characteristics are unique to each person like DNA, biometric access control systems are considered far better than the other systems I have listed. When it comes to access control of comput er systems, many of the same types of control systems mentioned above are also used along with passwords and encryption. Uses of different systems There are many ways to use the systems I have already mentioned. Almost all buildings use keys to lock doors, but depending on the facility, they might also use smart card or proximity cards to control access into different parts of the building.By doing this they can enhance security and effectively control the access to different areas all through a computerized system. This allows them to easily grant or deny access in a very short period of time or only allow access during certain times of the day. Biometric access control systems can also be used in the same manner. Being able to control access in this manner also allows for good tracking and logging of who comes and goes. Components of an access control system Components of an access control system can be a door, turnstile, gate, elevator, or any other physical barrier where granting access can be electronically controlled. The most common access point is a door. An electronically controlled access door can contain several elements. The most basic might be just a stand-alone electric lock that is controlled by a security guard. The lock could also be automated by adding a reader that is controlled by a computer system that compares against an access list and determines who is allowed in by either entering a code, having a card or even biometrics. Most of the time due to fire regulations only the entry is controlled and the exit is uncontrolled. In cases where exit is also controlled a second card reader is simply added to the other side of the door.In cases where exit is not controlled, a device called a request-to-exit (RTE) is used. Request-to-exit devices can be as simple as a push-button or a motion detector. Access control topology Access control decisions are made by comparing the credential to an access control list. This can be accomplished by a server, an access control panel or reader. â€Å"The development of access control systems has seen a steady push of the lookup out from a central host to the edge of the system, or the reader. The predominant topology circa 2009 is hub and spoke with a control panel as the hub and the readers as the spokes.The lookup and control functions are by the control panel. The spokes communicate through a serial connection; usually RS485. Some manufactures are pushing the decision making to the edge by placing a controller at the door. The controllers are IP enabled and connect to a host and database using standard networks. † (Ref: http://en. wikipedia. org/wiki/Access_control) Security Risks What are the risks vs. benefits Unfortunately, there are many risks, the most common of which is called piggybacking. This is when someone simply follows someone with access through the access control point. This risk can be minimized through training of staff on security awareness. Another way to mitigate this risk is to add a mantrap or security guard to the access control point, but this can be costly and should only be done in higher security areas. Another common risk is from levering or prying the door open. This is very easy to do on most doors and can be done with something as small as a screwdriver. One way to mitigate this risk is to add door monitoring alarms that sound when a door has been opened by force or notify security personnel.Access cards, specifically proximity cards are vulnerable to sophisticated attacks. Portable readers are readily available that can capture the card number from a user’s proximity card. The attacker just has to get closer enough to the card holder to read the card and can then use that information to access the secure door. Lastly, most all electric locking systems still have keys as a backup to gain entry. Mechanical key locking systems are easily picked using a method called bumping. Some of the benefits of access control are reduction in fraud. If an access card is lost or stolen, it can quickly be de-activated.Another benefit is the ability to create an audit trail. Since electronic access control systems can record who is coming and going and when, it’s easy to limit control in a very short amount of time if not instantly. It also allows administrators to quickly address security breaches. Another great benefit is cost control. Being able to control access to many different access control points from a single control center reduces overall cost and manpower needed to control access to the facility. It also reduces costs associated with having to replace locks when keys are lost.And most importantly, the ability to secure your workplace with access control systems. Conclusion Going back hundreds of years, access control systems have always been a part of our society. Modern day systems are more high tech and usually consist of electronic locks, keypads, card readers, or biometric devices. But these systems do much more than keep the wrong people out, they protect people and property. Protecting people and property are main reasons for deploying an access control system, but they also help improve productivity and limit liability.Whether an access control system is big or small or whether it is protecting a handful of people or thousands of people they all employ the same processes, just on a different scale. In the end they all serve the same purpose and that is to let the right people through the right doors at the right time. References Finger key, hand key and hand reader Retrieved October 1st , 2012 from http://www. officesecuritypro. com/office-security-articles/access-control-security-system. php Access Control Retrieved October 1st , 2012 from