managingyouraccesscontrolsystems-130223182036-phpapp01

Access Control Systems
WELCOME!

The Balancing Act
Access Control Defined
Key/Credential Management
Control Configuration
Software Features and Capabilities
Controller Hardware
Break
Peripheral Components
Access Controlled Door Hardware Types and Specifications
Trends and Convergence
Resources
AGENDA

How to get the most…
VERBAL COMMUNICATION
Approx 100% was what the speaker wanted to say
Approx 80% was said
Approx 60% was heard
Approx 40% was remembered after 3 hours
Approx 15% was remembered after 3 days
Approx 0-5% was remembered after 3 months
VERBAL + VISUAL COMMUNICATION
VERBAL + VISUAL + NOTES
HARVARD RESEARCH STUDY

How to get the most…
Why are we here?
Gain Knowledge.
Asking Questions.

The Balancing Act
• Security
• Balancing Openness and Public Safety
• Applying new technologies and lessons learned
• Improving the physical security of buildings
• Protecting people and assets while maintaining
a pleasant work environment.
• The challenge facing government officials,
realtors and corporate building owners.

Security….”The Absolutes”
• Our world is dangerous and will get more dangerous
• We take security for granted till something goes
wrong.
• Security is inconvenient- and expensive
• Paranoid or Prepared? Politics!
• Constant vigilance – Almost overwhelming!
• 100%, guaranteed security ?? No such thing !
• 100% security = 0% accessibility
• 100% security = 0% productivity

• Buildings must be functional,
comfortable, inspirational – SAFE
• You don’t design a building for security.
You secure the design of a building
• Rethinking Security – new meaning to
architects
Architects and Security

Security Elements
• Deterrence
• Training, Fences, Signage, Lighting,
Consequences
• Delay
• Locks, Doors
• Detection
• Alarms, CCTV, Metal Detectors, Motion & Sound
Sensors
• Communication
• Voice, Data, Video
• Response
• Crisis Preparedness, Security Personnel, Police

Access Control Defined
• WHO?
• WHERE? / WHAT?
• WHEN? / TIME?

The WHO
• The person, or device, requesting access to an
area, or asset, we want to control.
• Authentication Methods
…something the person / device…
• HAS – Physical
• KNOWS – Knowledge of
• IS / ARE – Biometric

The WHERE / WHAT
• The place or process we want to allow authorized
persons to get to.
• Physical and Logical
• Controlled or Restricted area
• As it relates to both manual and electronic
access controls this is critical to our access
management plan
• Vending, gas dispensing, copier machine
usage, time and attendance, meal plans and
more

The WHEN
• The time period or interval when access is
granted or denied.
• Can be managed with both on line and off
line systems
• Also used for setting events and logic
statements for:
• Triggers
• Time Zones
• Timing responses to alarms
• Timing for routing of messages to other devices

Access Control is…
AS SIMPLE AS A KEY

• Knowing exactly who has keys
• Knowing areas of access of each key holder
• Knowing key blanks are not readily available
• Knowing keys cannot be copied without proper
authorization
• Having a policy on lost keys
• When issuing temporary use of keys, keeping record trail
Unauthorized key duplication remains the most
violated security policy and one of the largest
problem of facility managers
Ultimate Key Management

Key # 123
PLAIN
BOWS
D0 NOT
DUPLICATE
STAMPED
BOWS
Conventional
Keyways
A conventional keyway is one which the
manufacturer will sell to anyone, it may most
common, or the most used, or the "standard"
or it may be family of keyways
Yesterday’s Key Control

COMPLETE
KEY
CONTROL STRONG
UTILITY
PATENT
CONTROLLED
KEY
BLANKS
LEGAL
CONTRACTS
AUDIT
CONTROLS
ENFORCEMENT
Not a
Design
Patent
Not
Available
to all
Customers
Agreements
of
Control
Know
Where
Blanks
Are
Must Be
Aware of
Unauthorized
Copies
5 Steps To Key Management

1. Patented keyways
Utility patent gives manufacturer exclusive
manufacturing rights
Manufacturer control distribution
Patent good for 20 years
Imitation manufacturers cannot duplicate
Assures protection to facility / owner
Security Leg
Millings for
Keyway Blade
Security
Ledge
Blade
Today’s Key Management

2A. Manufacturer Controls
Policy and procedures in place
Signature verification
Controlled access to product areas
Ship key blanks direct to end user
Has return key policy
Provides specially coined blanks
Policy
1. Verify all signatures
2.
3.
4

2B. Facility/Owner Controls
Policy and procedures in place supported by
upper management
Locksmith administrator on staff
Locked storage
Supervisor approval of new keys
Employee signs for key
Should have penalty attached
All keys numbered and logged into system
Procedure for keys to be returned
should have penalty attached
Additional procedures:
Cleaning crew
Outside contractors
ISSUE TO : Bill Jones
DATE ISSUED: 07-07-05
Request for New Key
DATE: 07-04-05
TO: Lock shop
NO. OF KEYS: 1
KEY NUMBER: 123
KEY SET: AB15
APPROVED BY: C T Smith
ISSUE TO: Bill Jones
RECEIVED BY: Bill Jones
By Lock Shop
ISSUE DATE: 07-07-05
ISSUED BY: CH
RETURNED DATE

3. Contracts and Agreements
Protects facility / owner
Protects distributor
Protects manufacturer
Summarizes responsibilities to all
parties
Provides guide lines
Eliminates misunderstanding
We agree

4. Audit Controls
Keep records – Use Software
Use manufacturers original blanks
Reduce master keying
Have employees carry more
than one key
Stamp keys with code
Utilize available forms
Use sealed key rings
AB15
123
1215
Use a key cabinet; electronic or manual

Access Control is…
This is a key!
This too!

The Credential
• Most visible component of the system
• Issued to personnel as “electronic keys”
• Several Card Technologies
• Badge Construction
• Degree of Security Required
• Durability
• Reader Environment
• Convenience and Price
• Performance

Card / I D Technology Types
• Barium Ferrite
• Bar Codes
• Magnetic Stripe
• Wiegand
• Proximity
• Smart Card
• Hybrid

Biometrics – Another Key
• Biometrics and the “Smart Card”
• Iris Scan
• Finger Print
• Facial Recognition
• Retinal Scan
• Voice Recognition
• Hand Geometry
• Others on the horizon

Credentials / Smartcards
Access
Control
Time &
Attendance
Free
Free
Personal Data
Photo
Vending
Cafeteria
PC Login

Access Controls more about the “key”
•The “Common Access Card”
•FIPS 201 / HSPD12
•Database sharing trends
•Communications options
•Encryption – DES, AES
•PINs

Homeland Security Presidential Directive/Hspd-12
Subject: Policy for a Common Identification Standard for Federal
Employees and Contractors
(1) Wide variations in the quality and security of forms of
identification used to gain access to secure Federal and other
facilities where there is potential for terrorist attacks need to be
eliminated. Therefore, it is the policy of the United States to enhance
security, increase Government efficiency, reduce identity fraud, and
protect personal privacy by establishing a mandatory, Government-
wide standard for secure and reliable forms of identification issued by
the Federal Government to its employees and contractors (including
contractor employees).
HSPD-12

CONTROL CONFIGURATIONS
•Stand Alone Systems
•Multi-Door Systems
•Enterprise Integrated Systems

STAND ALONE SYSTEMS
• Authentication Types;
• PIN, Credential / Proximity, Biometric
• Battery Operated or Wired
• Keypad Programming
• Computer Managed / PDA
• Entry Automation
• 1st
Man In
• Audit Trail
• # Users
• Labor vs. Hardwired System

Single-User Multi-Door Systems
• Instant Local Notification
• Multiple Reader Type
• Input Output Linking
• Dedicated PC

Multi-User / Multi-Door Systems
• Instant Multiple Notification Options
• LAN Access
• Discretionary Reporting
• Mandatory Controls

IDENTITYIDENTITY
MANAGEMENTMANAGEMENT
DIGITAL VIDEODIGITAL VIDEO
SURVEILLANCE &SURVEILLANCE &
INFORMATIONINFORMATION
SECURITYSECURITY
ASSETASSET
VISITORVISITOR
ACCESSACCESS
CONTROLCONTROL
INTRUSIONINTRUSION
DETECTIONDETECTION
FIRE ALARMFIRE ALARM
SYSTEMSSYSTEMS
WIRELESSWIRELESS
ACCESSACCESS
MULTI-TENANTMULTI-TENANT
PROPERTYPROPERTY
INTEGRATEDINTEGRATED
ALARMALARM
BUILDINGBUILDING
AUTOMATIONAUTOMATION
INTERCOMINTERCOM
COMMUNICATIONCOMMUNICATION
SYSTEMSSYSTEMS
Enterprise Systems

Smart CardsSmart Cards
IncidentIncident
ReportingReporting
Time andTime and
AttendanceAttendance
ERPERP
CriminalCriminal
HistoryHistory
PayrollPayroll
SocialSocial
SecuritySecurity
ActiveActive
Directory/LDAPDirectory/LDAP
AccessAccess
ControlControl
HumanHuman
ResourcesResources
MedicalMedical
InformationInformation
VisitorVisitor
ManagementManagement
BiometricBiometric
TemplatesTemplates
CredentialCredential
ManagementManagement
Bringing together
disparate databases
or information
sources
Enterprise Systems

System Architecture
Field Panel Door Controller
Direct Connect
RS-232 or RS-422 RS-422
CCTV System
Access Control
Life Safety
ManagementPhoto Imaging
Visitor
Management
Ethernet Network
LAN/WAN
RS-232
Field Panel
Cellular
POTS
Field Panel Field Panel
HVAC
RS-232
Readers
Field Panel
Modem
Dial-up Modem

SOFTWARE
• Integrated solutions sets
• Network ready
• SQL and Oracle
• Linux based embedded solutions
• Partition-able database
• Windows XP, NT, 2000, Vista Compatibility
• Web enabled
• Web Embedded

The Application Software
• This is the GUI- It should be intuitive easy to train
operators and managers
• The database manager
• Ability to partition and filter views based on passwords
• Import and export features
• Potential interface to HR database systems
• May be Standalone or
• Part of a network
• Numerous work stations
• Redundant emergency backup
• Full set of utilities for storage and archiving

Desired Software Features
• Migration path (scalability)
• Alarm Monitor capacity
• Anti-Pass back
• Event Triggers
• Time zones and Holidays
• Clearance (area) controls
• CCTV Matrix Switching
• Digital Video recorder event linking

Desired Software Features
•No limit on system scalability.
• Unlimited Card Readers.
• Unlimited Inputs/Outputs.
• Unlimited Cardholders.
• Unlimited Control Panels.
• Unlimited Holidays.
•Guard Tour application
•Elevator Control
•Full featured Badging
•Real time status monitoring
•Multiple reader technology
support
•Microsoft database
•Report Manager
•Visitor Management
•ODBC and MDAC Compliant
•Potential web access/enabled

Access Granted Transactions
 

 

Access Denied Transactions
 

 

Contact Transactions
 

 

Relay Transactions
 

 

Actions that effect Card Readers
 

 

Actions that effect Contact Devices
 

 

Actions that effect Relays
 

 

Card Reader Triggers and Actions
 

 

Integrated Applications
• Photo I D Creation
• Bio-metric enrollment
• Alarm management
• Access Management
• Air Quality monitoring
• Visitor Controls
• Digital Video event linking
• Event and data base linking
• Camera Controls
• Virtual CCTV Matrixes
• CCTV Analytics
• Smartcard Application Support

Access Control Panel Operation
• Card is presented data sent to Panel
• Panel compares information
• Grants/Denies access
• Based on Card Status
• Time of Day
• Cardholder’s access privileges
• Other Administrator selected features

Access Control Panels
• Contain Microprocessors
• On-board Random Access Memory (RAM)
• Upgradeable Software stored in Erasable Program Read
Only Memory (EPROM)
• System Administrator or authorized web client
enters all information related to system at host
computer or direct to board via web with on
board software in panel
• Information may be downloaded to Access
Control Panel’s RAM

Access Control Panels
• Once downloaded/programmed a Panel
can process information locally.
• “Intelligent” panels inform the Host of all
actions taken, including time and date
• Often referred to as “distributed processing”
• Saves Host processing time

Access Control Panel Operations
• May be configured many ways
• Can store thousands & some users are requiring
Millions of records!
• Multiple access levels
• Time Zones
• Thousands of historical transactions
• Quantum leaps in storage abound

Access Control Panel Operations
• Can support Inputs
• Can detect an input’s change of state, process the
information and report it to the host computer/ or web based
client on alarm
• Typical Inputs include door monitor and request to exit (or
bypass) devices
• Can support Outputs
• Door locking mechanisms
• Sound or broadcast alarm devices
• Lights, sirens, bells, digital dialers, etc.
• Can be programmed so an Input activates or deactivates
outputs automatically
• Example: Glass break sensor (input) might activate a
siren (output)

Access Control Panel Wiring
• Three different approaches to cabling of
readers
• Bus Cabling
• Readers can be wired to a common cable that runs back to the
panel
• Saves wiring costs when readers are close to each other
• Star Cabling
• Readers can be wired to the panel individually
• Combination Bus and Star sometimes is best
• Independent IP / Network Drop communications via Network

Access Control Panel Trends
• Distributed intelligence
• Embedded software – web enabled data
management
• FIPS- 201 for Federal Employees
• Full feature set resident at the local panel
• POTS pack up / cellular back up
• HiCap memory backup
• On line and off line capacity
• Bio-metric / Smartcard
• Integrated into lock hardware

SEE YOU IN 5 Minutes
QUESTIONS?
Kevin Klemmer, PSP, CISSP

Access Control Hardware / Peripherals
&
IT Convergence
Kevin Klemmer, PSP, CISSP

The more things change…
• Which one is the lock?

Modern Castle – Corporate Campus

Entrance to the Castle
The Opening
25 to 50% of the
cost of access
control
implementation.
Often perceived
as the first line of
defense.

The Basics: Electric Locks
Maglocks
Strikes
Cylindrical
Mortise
Exits
Peripherals

Safety Security
Control & Monitoring Remote Locking
Reduces Manpower Convenience
ADA requirements
Benefits of Electrified Hardware
ELECTRIFIED HARDWARE
Performs functions normally executed manually, usually
from remote location or automated.
Must specify a system with all components compatible.
One component will not work without the others.

Components of a System
ACCESS CONTROL HARDWARE

TRANSFORME
R
INPUT
120VA
C
OUTPUT
24VDC
RECTIFIER
REGULATOR
CAPACITOR
FILTER
Reduces Voltage
Converts AC to DC
Stores needed current
Eliminates “Noise”
Keeps Output Constant
Parts of a Regulated
Power Supply

The power supply must furnish the
SAME voltage as required by the
load.
The current (amps) available from
the power supply must be
EQUAL TO or GREATER THAN that
required by the total load of the
system.

Converts electrical energy into another form I.e.,
unlocks a solenoid, retracts a latch bolt, etc
Performs the work required
Electric Lock or Strike
Electric Exit Device
Closer / Holder
Electromagnetic
Holders

FAIL SAFE
• Lock or locking device
that remains
UNLOCKED on loss of
power
FAIL SECURE
(non-fail safe)
• Lock or locking device
that remains LOCKED
on loss of power
Terminology

Electrical Characteristics of a Load
Need to Know to
Select Power
Supply
• Current Draw In Amps
• Voltage Required
• Fail Safe / Fail Secure

Key Pad
Key Switch
Toggle Switch
Push Button
Stand Alone System
Access Control
System
Switches are used to control a locking device
or to signal a monitoring device

Each switch has one movable contact, the POLE, and one or
more fixed contacts, the THROWS
SWITCH SYMBOL
Normally open

Normally closed
Each switch has one movable contact, the POLE, and one or
more fixed contacts, the THROWS
SWITCH SYMBOL

MAINTAINED
CONTACT
• A switch designed for
applications requiring
sustained contact; but with
provision for resetting
i.e., ordinary light switch
MOMENTARY
CONTACT
• A spring loaded switch
designed for applications
requiring constant contact;
when pressure is removed,
reverts back to original
position
i.e., door bell
Terminology

Carries current through system
The more distance between the
power source and the load, a
heavier wire gauge is required
# 1 TROUBLESHOOTING PROBLEM

Size of Conductor (Gauge)
Length of Conductor (Resistance)
The farther the load is from the power supply, the more
resistance is experienced; a heavier gauge wire is required
Need to Know

25 50 100 150 200 250 300 400 500
0.25 18 18 18 18 18 18 18 18 16
0.50 18 18 18 18 16 16 16 14 14
0.75 18 18 18 18 16 16 14 14
1.00 18 18 18 16 16 14 14
1.50 18 18 18 16 16 14
2.00 18 18 16 16 14
2.50 18 18 16 14
3.00 18 16 14
3.50 18 16 14
Distance in feet from Power Supply to Locking Device
MINIMUM WIRE GAUGE FOR 24V DC or AC
A
M
P
S

ONE
OPERATIONS
NARRATIVE
HARDWARE
LIST THREE
ELEVATION
DRAWING FOUR
SYSTEM
WIRING
DIAGRAM
TWO
Elements of a System

1.
OPERATIONS
NARRATIVE
4.
WIRING
DIAGRAM
2.
HARDWARE
LIST
3.
ELEVATION
DRAWING
REQUIREMENTS
• Outside Operation
• At Rest (while locked)
• Electrically Unlock
• Mechanically Unlock
• Power Failure
• LED’s
• Inside Operation
1.
OPERATIONS
NARRATIVE

1. Power Supply
2. Key Pad
3. Power Transfer
4. Electric Exit Device
3.
ELEVATION
DRAWING
4.
WIRING
DIAGRAM
2.
HARDWARE
LIST
1.
OPERATIONS
NARRATIVE
2.
HARDWARE
LIST

3.
ELEVATION
DRAWING
4.
WIRING
DIAGRAM
1.
OPERATIONS
NARRATIVE
2.
HARDWARE
LIST
3.
ELEVATION
DRAWING
120VAC inputPower
Supply

4.
WIRING
DIAGRAM
2.
HARDWARE
LIST
3.
ELEVATION
DRAWING
1.
OPERATIONS
NARRATIVE
4.
WIRING
DIAGRAM

Making Hardware Selections
Based On Owner’s
InstructionsCashier's Door from Drivers Lounge
Closed and Locked at all Times
Must Be Entered During Day Employees
Secretary To Remotely Unlock Door
Management Always Able To Enter
*
DRIVERS
LOUNGE
CASHIER
CHOICES

1.OPERATIONS
NARRATIVE
Door is normally closed, latched and
secure from the outside. Depressing
the push switch will unlock the electric
strike to allow ingress.
Door will relock as soon as
push button returns to normal position.
Loss of power, the door will
remain locked.
Enter by key at all times.
Free egress from inside
at all times.
2.HARDWARE
LIST
Load
Switch
Power Supply
Electric Strike
712NFS 24VDC
Push Button
PB
Transformer
TP-24-2
EXAMPLE

TO
RISER
DIAGRAM
3. ELEVATION
EXAMPLE
18 ga
18 ga
GAGE AND NUMBER
OF CONDUCTORS
Rectifier
PB
712NFS
Electric
Strike
Transformer
24VAC output
TP-24-2
120VAC INPUT

Systems Wiring Diagram or
Point to Point Wiring Diagram
4. WIRING
DIAGRAM
EXAMPLE
Electric StrikeTransformer
+ -
Non-
polarized
C
NO
NC
Pushbutton
PUSH
TO
EXIT
120VAC
LockedUn-
Locked

COMPONENTS & ELEMENTS
POWER
SUPPLY
LOAD SWITCH CONDUCTORS
4 COMPONENTS
OPERATIONS
NARRATIVE
HARDWARE
LIST
ELEVATION
DRAWING
WIRING
DIAGRAM
4 ELEMENTS

Access Control Trends
Smaller, Faster, Better
More Integrated Features
Embedded Web Server
Open Source
WiFi - Wireless

Access Control Trends
Embedded Prox Technology
Monitoring Options
Request To Exit
Door Contact
Keyswitch Monitoring
Other options…

Convergence
Analog to IP (Security to IT)
Applications Convergence
Physical and Cyber
“Soon the security industry will move to systems in which there
are no analog or proprietary wired devices at all; where all
devices connect to the Ethernet infrastructure. The knowledge
of how to design efficient network systems and how to secure
those systems is paramount to successful security systems.
This is the future of security technology”
Thomas Norman, Protection Partners International
Integrated Security Systems Design

Threats of Converged Enterprise
Mode
of
Attack
Physical
Security
Physical
Attack
Physical Attacks
Against Cyber
Information
Security
Information
Attack
Cyber Intrusion Identifies
Valued Targets
Targets
Facilities People
Media
$$$
Computers
Information

Convergence Migration
IP Communications
Fire
Physical
Security
Lighting
Visitor
Access
Elevator
24 / 7
Monitor
Energy HVAC
WAN
Intelligent Converged EnvironmentDisparate Building Networks

Convergence Benefits
HVAC
24/7 Monitor
Video surveillance
Elevator
Lighting
Fire
Access
Energy
Benefits:
 Safety and security
 Environmental sustainability
 Occupant comfort
 Organizational flexibility
 Streamlined operations
 Reduced costs
 Energy savings
 Managed services
 Data mining
 Process Measurement
ServicesandTechnologies

Reduce security vulnerabilities in all types of facilities.
The industry's first-ever guide for exterior and interior
security features, NFPA 730: Guide for Premises Security
addresses security in all occupancies from residential
dwellings to large industrial complexes. Uniform guidelines
help you assess vulnerability and design appropriate security
plans.
Provisions describe construction, protection, and occupancy
features and practices intended to reduce security risks to
life and property.
Topics covered include:
General requirements and facility classifications
Security vulnerability assessment
Exterior security devices and systems
Physical security devices
Interior security systems
Security planning
Measures to control security vulnerabilities in educational,
healthcare, and other facilities
The Guide also addresses protocols for special events, and
the responsibilities of security personnel.
(Approx. 88 pp., 2006)
Resources

Ensure the quality and reliability of security system
installations
NFPA 731; Installation of Electronic Premises Security
Systems is the first Standard developed primarily to define the
means of signal initiation, transmission, notification, and
annunciation, as well as the levels of performance and the
reliability of electronic security systems.
Requirements cover every step of security equipment
installation, with provisions for the application, location,
performance, testing, and maintenance of physical security
systems and their components.
Detailed chapters are included for:
Intrusion detection systems
Electronic access control systems
Video surveillance systems
Holdup, duress, and ambush systems
Testing and inspection
Rules address the protected premises from the property line to
the interior of the premises. NFPA 731 also references or
incorporates provisions from applicable UL, SIA, and other
standards.
(Approx. 43 pp., 2006)
Resources

ETHICS IN SECURITY
• Perform professional duties in accordance with the law and
the highest moral principles.
• Observe the precepts of truthfulness, honesty, and
integrity.
• Be faithful, competent, and diligent in discharging their
professional duties.
• Safeguard confidential and privileged information and
exercise due care to prevent its improper disclosure.
• Not maliciously injure the professional reputation or
practice of colleagues, clients, or employees.
Physical Security Professionals must
adhere to the Code of Professional
Responsibility, agreeing to:

QUESTIONS?
Thank You!Thank You!

managingyouraccesscontrolsystems-130223182036-phpapp01

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a managingyouraccesscontrolsystems-130223182036-phpapp01

Semelhante a managingyouraccesscontrolsystems-130223182036-phpapp01 (20)

managingyouraccesscontrolsystems-130223182036-phpapp01

Notas do Editor