»

Design And Construction Of An Access Control System

The design and construction of an access control system involve the meticulous creation and implementation of mechanisms aimed at regulating entry and exit to specific areas or resources within a given environment. This sophisticated system typically encompasses a variety of components, including electronic locks, biometric scanners, keycards, or PIN pads, integrated with software for user authentication and authorization. The design phase entails careful consideration of security requirements, user needs, and potential vulnerabilities, while the construction phase involves the physical installation and configuration of hardware and software components. Through rigorous planning and implementation, an access control system ensures the selective restriction of access to authorized individuals or entities, bolstering security and safeguarding valuable assets against unauthorized entry or misuse.

ABSTRACT

Access control system is a system that manages access through the authorization or revocation of rights to physical or logical assets within an organization or a practice of restricting entrance to a property, building, or room to authorized persons. The system uses a reader; the reader sends the credential’s information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential’s number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door.

CHAPTER ONE

1.0 INTRODUCTION

In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

Geographical access control may be enforced by personnel (e.g., border guard, bouncer, ticket checker), or with a device such as a turnstile. There may be fences to avoid circumventing this access control

The term access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons. Physical access control can be achieved by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through technological means such as access control systems like the mantrap. Within these environments, physical key management may also be employed as a means of further managing and monitoring access to mechanically keyed areas or access to certain small assets.

Physical access control is a matter of whom, where, and when. An access control system determines who is allowed to enter or exit, where they are allowed to exit or enter, and when they are allowed to enter or exit. Historically, this was partially accomplished through keys and locks. When a door is locked, only someone with a key can enter through the door, depending on how the lock is configured. Mechanical locks and keys do not allow restriction of the key holder to specific times or dates. Mechanical locks and keys do not provide records of the key used on any specific door, and the keys can be easily copied or transferred to an unauthorized person. When a mechanical key is lost or the key holder is no longer authorized to use the protected area, the locks must be re-keyed.

Electronic access control uses computers to solve the limitations of mechanical locks and keys. A wide range of credentials can be used to replace mechanical keys. The electronic access control system grants access based on the credential presented. When access is granted, the door is unlocked for a predetermined time and the transaction is recorded. When access is refused, the door remains locked and the attempted access is recorded. The system will also monitor the door and alarm if the door is forced open or held open too long after being unlocked.

The application of security policies for computer systems into mechanisms of access control is a vast and varied field within computer security. The fundamental goal of any access control mechanism is to provide a verifiable system for guaranteeing the protection of information from unauthorized and inappropriate access as outlined in one or more security policies. In general, this translation from security policy to access control implementation depends on the nature of the policy but involves the inclusion of at least one of the following controls:

Confidentiality – Control disclosure of information
Integrity – Control modification of information

The wide array of policies, usage patterns, and protectable objects make it difficult to develop an umbrella definition of “unauthorized and inappropriate access” to guide development of a comprehensive access control model.

1.1 SCOPE OF THE PROJECT

In this work, when a credential is presented to a reader, the reader sends the credential’s information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential’s number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door. The control panel also ignores a door open signal to prevent an alarm. Often the reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted.

1.2 OBJECTIVES OF THE PROJECT

At the end of this work, student will be able to do the following:

Apply access control techniques to meet confidentiality and integrity goals
Understand and implement the major terms and concepts related to access control and tie them to system security
Apply discretionary access controls (DAC) and mandatory access controls (MAC) techniques, as appropriate
Choose effective passwords and avoid password limitations.
Implement password alternatives, including smart cards, password tokens, and other multifactor techniques.

1.3 SIGNIFICANCE OF THE PROJECT

Prevention of Theft

An access control system’s primary task is to restrict access. This is critical when access to a person’s account information is sufficient to steal or alter the owner’s identity. Many websites that require personal information for their services, especially those that need a person’s credit card information or a Social Security number, are tasked with having some sort of access control system in place to keep this information secure.

Varying Levels of Security

As technology has increased with time, so have these control systems. A simple four-digit PIN and password are not the only options available to a person who wants to keep information secure. For example, there are now locks with biometric scans that can be attached to locks in the home. The Biometrics Institute states that there are several types of scans. These scan-based locks make it impossible for someone to open the door to a person’s home without having the right physical features, voice or fingerprint. In some instances, such as with large businesses, the combination of both a biometric scan and a password is used to create an ideal level of security.

1.4 LIMITATION OF THE PROJECT

Access control systems can be hacked. When a system is hacked, a person has access to several people’s information, depending on where the information is stored. Wired reported how one hacker created a chip that allowed access into secure buildings, for example. Not only does hacking an access control system make it possible for the hacker to take information from one source, but the hacker can also use that information to get through other control systems legitimately without being caught. Despite access control systems increasing in security, there are still instances where they can be tampered with and broken into.

1.7 PROJECT WORK ORGANIZATION

The various stages involved in the development of this project have been properly put into five chapters to enhance comprehensive and concise reading. In this project thesis, the project is organized sequentially as follows:

Chapter one of this work is on the introduction to the study. In this chapter, the background, significance, objective limitation and problem of the study were discussed.

Chapter two is on literature review of this study. In this chapter, all the literature pertaining to this work was reviewed.

Chapter three is on design methodology. In this chapter all the method involved during the design and construction were discussed.

Chapter four is on testing analysis. All testing that result accurate functionality was analyzed.

Chapter five is on conclusion, recommendation and references.

Access control

In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource.^[1] The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

Locks and login credentials are two analogous mechanisms of access control.

Contents

1 Physical security
- 1.1 Access control system operation
- 1.2 Credential
- 1.3 Access control system components
- 1.4 Access control topology
- 1.5 Types of readers
- 1.6 Access control system topologies
- 1.7 Security risks
  - 1.7.1 The need-to-know principle
2 Computer security
3 Access control models
4 Telecommunication
5 Public policy
6 See also
7 References
8 External links

Physical security

Geographical access control may be enforced by personnel (e.g., border guard, bouncer, ticket checker), or with a device such as a turnstile. There may be fences to avoid circumventing this access control. An alternative of access control in the strict sense (physically controlling access itself) is a system of checking authorized presence, see e.g. Ticket controller (transportation). A variant is exit control, e.g. of a shop (checkout) or a country.^{[citation needed]}

The term access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons. Physical access control can be achieved by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through technological means such as access control systems like the mantrap. Within these environments, physical key management may also be employed as a means of further managing and monitoring access to mechanically keyed areas or access to certain small assets.

Physical access control is a matter of who, where, and when. An access control system determines who is allowed to enter or exit, where they are allowed to exit or enter, and when they are allowed to enter or exit. Historically, this was partially accomplished through keys and locks. When a door is locked, only someone with a key can enter through the door, depending on how the lock is configured. Mechanical locks and keys do not allow restriction of the key holder to specific times or dates. Mechanical locks and keys do not provide records of the key used on any specific door, and the keys can be easily copied or transferred to an unauthorized person. When a mechanical key is lost or the key holder is no longer authorized to use the protected area, the locks must be re-keyed.

Electronic access control uses computers to solve the limitations of mechanical locks and keys. A wide range of credentials can be used to replace mechanical keys. The electronic access control system grants access based on the credential presented. When access is granted, the door is unlocked for a predetermined time and the transaction is recorded. When access is refused, the door remains locked and the attempted access is recorded. The system will also monitor the door and alarm if the door is forced open or held open too long after being unlocked.

Access control system operation

When a credential is presented to a reader, the reader sends the credential’s information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential’s number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door. The control panel also ignores a door open signal to prevent an alarm. Often the reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted.

The above description illustrates a single factor transaction. Credentials can be passed around, thus subverting the access control list. For example, Alice has access rights to the server room, but Bob does not. Alice either gives Bob her credential, or Bob takes it; he now has access to the server room. To prevent this, two-factor authentication can be used. In a two factor transaction, the presented credential and a second factor are needed for access to be granted; another factor can be a PIN, a second credential, operator intervention, or a biometric input.^{[citation needed]}

There are three types (factors) of authenticating information:^[2]

something the user knows, e.g. a password, pass-phrase or PIN
something the user has, such as smart card or a key fob
something the user is, such as fingerprint, verified by biometric measurement

Passwords are a common means of verifying a user’s identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, whereby another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios. For example, a user may have their password, but have forgotten their smart card. In such a scenario, if the user is known to designated cohorts, the cohorts may provide their smart card and password, in combination with the extant factor of the user in question, and thus provide two factors for the user with the missing credential, giving three factors overall to allow access.^[^{citation needed}^]

Credential

A credential is a physical/tangible object, a piece of knowledge, or a facet of a person’s physical being, that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something a person knows (such as a number or PIN), something they have (such as an access badge), something they are (such as a biometric feature) or some combination of these items. This is known as multi-factor authentication. The typical credential is an access card or key-fob, and newer software can also turn users’ smartphones into access devices.^[3]

There are many card technologies including magnetic stripe, bar code, Wiegand, 125 kHz proximity, 26-bit card-swipe, contact smart cards, and contactless smart cards. Also available are key-fobs, which are more compact than ID cards, and attach to a key ring. Biometric technologies include fingerprint, facial recognition, iris recognition, retinal scan, voice, and hand geometry.^[4] The built-in biometric technologies found on newer smartphones can also be used as credentials in conjunction with access software running on mobile devices.^[5] In addition to older more traditional card access technologies, newer technologies such as Near field communication (NFC) and Bluetooth low energy also have potential to communicate user credentials to readers for system or building access.^[6]^[7]^[8]

Access control system components

Various control system components

An access control point can be a door, turnstile, parking gate, elevator, or other physical barrier, where granting access can be electronically controlled. Typically, the access point is a door. An electronic access control door can contain several elements. At its most basic, there is a stand-alone electric lock. The lock is unlocked by an operator with a switch. To automate this, operator intervention is replaced by a reader. The reader could be a keypad where a code is entered, it could be a card reader, or it could be a biometric reader. Readers do not usually make an access decision, but send a card number to an access control panel that verifies the number against an access list. To monitor the door position a magnetic door switch can be used. In concept, the door switch is not unlike those on refrigerators or car doors. Generally only entry is controlled, and exit is uncontrolled. In cases where exit is also controlled, a second reader is used on the opposite side of the door. In cases where exit is not controlled, free exit, a device called a request-to-exit (REX) is used. Request-to-exit devices can be a push-button or a motion detector. When the button is pushed, or the motion detector detects motion at the door, the door alarm is temporarily ignored while the door is opened. Exiting a door without having to electrically unlock the door is called mechanical free egress. This is an important safety feature. In cases where the lock must be electrically unlocked on exit, the request-to-exit device also unlocks the door.^{[citation needed]}