ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Access Control System Basics

Updated on February 9, 2018
Tom Rubenoff profile image

Tom spent 17 years as a commercial locksmith and over 20 years in door hardware distribution.

Source

Access Control

The simplest access control systems involve one door and simply limit access to those holding the necessary credential - much like a mechanical keyed lock. The difference between these small, self-contained systems and mechanical keyed locks is that each user has a unique credential, so that one individual can be denied access while all others are unaffected.

However, access control systems can enhance security by tracking when credentials are used to enter or exit a space and when; by controlling who can enter (or exit) and when they can do so; and by monitoring the condition of doors and locking hardware.

Here is some access control vocabulary:

  1. User - someone who uses the access control system to get in and/or out.
  2. Credential - the identity of the user from the system's point of view. Types of credentials include pin code, mag stripe card, prox cards and prox keys, and a human feature, such as the retina of the eye or fingerprints.
  3. Pin Code - "PIN" stands for Personal Identification Number - a series of numbers unique to a particular user.
  4. Mag Stripe Card - (magnetic stripe card) - plastic card with a magnetic strip applied to one side. The magnetic strip contains a code that can be read by a magnetic stripe card reader.
  5. Prox Card - (proximity card) - plastic card with a transponder chip embedded inside. The transponder communicates with a proximity reader to effect access control. A Prox Key (or Prox Fob) is a plastic object containing a transponder chip that can by attached to the user's key ring.
  6. Time Zones - (schedules) - function of an access control system that controls when certain users' credentials will be accepted by the system and when they will not.
  7. Audit Trail - history of events recorded by the system, such as time when a credential is presented, instances of when a door was forced or propped open, or time when a door is opened for egress.
  8. Front End - system user interface at the door that reads the credential and transmits the information to the access control panel.
  9. Panel - brains of the access control system - receives the information from the front and and decides, based on its programming, whether to permit access.

Components of an access control system
Components of an access control system | Source

How It Works

Full featured access control systems work like this:

The system manager uses access control software installed on their computer to set the parameters of the system, that is, to tell the access control panel what to do and when. Access control software is database software. The records in the database can be users, credentials, doors, and times. Using the software, the manager can grant or deny individuals or groups of users access to specific doors between certain hours and on certain days. The software can usually record which user accesses which door at what time and other events it what they call an audit trail.

In operation:

  • The user presents their credential.
  • The reader sends the information to the access control panel.
  • The panel compares the information to its programming, "decides" whether to grant or deny the user access, and records the event in memory.
  • A low voltage power supply powers the system and electric locking devices.

This system can be made up of components based on the building's electrical system, can be part of the computer network either as devices connected directly to the network or connected wirelessly through an interface, or they can be small, self-contained devices that accomplish access control on one door at a time.

Simple systems that control only a few doors and serve a small numbers of users may offer only the ability to add and delete users. These units have the same kind of "brains" that a more complex system does, but with less capability. These systems are perfect for applications where audit trail and time zones are unnecessary, but the need to be able to deny access to a single user is needed.


Considerations

  1. How many users?

    How many people will use the system now, and how many may use it in the future? Number of users is the first criteria for choosing an access control system.

  2. How many doors?

    Again, how many doors will have access control now, and how many may have access control in the future?

  3. Do you want audit trail capability? Do you want time zones?

    Audit trail capability allows the administrator to keep track of users as they enter the secured space. The system ‘remembers' when a user presents their credential to the system. We'll discuss credentials shortly. Usually through a computer interface, the administrator can access and/or print out a list of ‘events' including authorized entry, forced entry, and door propped open events.

    Time zones are blocks of time assigned to users. If Bob Smith works from 9am to 5pm and you don't want him to come in any other time, time zones allow you to make Bob's credential work only when Bob is authorized to work.

    Audit trail and time zone capabilities usually mean that your access control system will interface with a computer using proprietary software supplied by the access control system manufacturer. It is possible to have these features without software, but that usually means that the administrator must punch in commands on a keypad and download audit trail information directly to a printer. A keypad can be a confusing if not frustrating user interface, and the direct print idea is very time consuming, not to mention a waste of paper.

  4. What kind of credential do you want to use?

    The credential is the thing that the user presents to the access control system. The access control system permits or denies entry to the credential when presented. These are the most common types of credentials that are used today:

  • Pin code - a series of numbers. The user sequentially presses numbered keys on a keypad. Advantage: numbers are free. Disadvantage: numbers can be shared over the telephone.

    If the object is to simply do away with the need to have a key, then a keypad is ideal. All the users can use the same number. Just remember to change the code a few times a year so that the numbers don't get worn off.

  • Mag stripe card - like an ATM or credit card, a plastic card with a black magnetic strip across the back. Advantage: common and widely used as well as inexpensive. Disadvantage: they wear out.
  • Prox card - proximity card, a PVC card with a computer chip embedded inside. Currently this is the most popular kind of credential. Advantages: it is possible to get a proximity reader that will read the card through the users pants and wallet or inside a handbag. Also since prox cards do not actually need to touch the reader in most cases, they last a very long time. Disadvantage: more expensive than pin codes or mag stripe cards. A slightly more expensive alternative to the prox card is the prox tag or prox key. The prox key is a small, teardrop-shaped credential that can be put on the user's key ring.
  • Biometrics - actual body parts. Biometric readers use a live fingerprint, handprint, or the retina of the eye as the credential. Advantages: extremely secure and no credentials to buy. Disadvantage: today in July, 2008, this is still relatively new technology to the field of commercial access control, so the number of choices is fairly small and price tags can be sometimes fairly hefty.

5. Do you want emergency lock-down capability?

Emergency lock-down capability is becoming more in demand. Under emergency conditions, such as an armed intruder, it can be an urgently needed function.


AD-400 Series Wireless Locks by Allegion
AD-400 Series Wireless Locks by Allegion | Source

Hardwired, PoE, or Wireless?

Hardwired Access Control

This is the model shown in the illustration above. A low voltage power supply is wired to the panel and the panel is wired to the readers. Sometimes a separate power supply may be required for certain kinds of locking locking devices, but the panel will in all cases be wired into the electric locking system. The computer is connected to the access control panel via a cable.

Hardwired systems are the tried-and-true traditional way of achieving access control. Ideally they are installed during construction so that their wiring can be done at the same time as all the other wiring. Adding hardwired access control after the fact can be difficult, particularly, for example, if the space has marble walls and floors and no drop ceiling.

PoE

Power Over Ethernet systems are gaining popularity. These presuppose that there is (or will be) a computer network in place, and require the participation of the system administrator. These systems often use server-based software, so can be controlled from any PC on the network. This is a convenience, but also poses extra security risks. Since the system uses the same kind of cable as the computer network, the same people who run the network cable will run it to the doors to effect access control.

As these kinds of systems have taken hold, electric locking devices that run on PoE have appeared. PoE systems offer a plug-and-play functionality that many find attractive.

Wireless

Wireless access control systems can go where hardwired systems fear to tread. Marble walls, concrete floors, concrete-filled door frames and textured plaster ceilings are suddenly no problem. These systems are made up of battery-operated locks and exit device trims with onboard electronics and transponders. The locks communicate wirelessly over wi-fi through the facility’s computer network with server-based access control software, or through direct RF connection with an interface panel which in turn communicates with the access control panel.

Wireless components can be integrated into existing or new hardwired systems, but licensing fees and special interface panels may be required. Check with your professional security integrator or access control system dealer for more information.
Wireless systems tend not to have the instant lockdown capabilities of hardwired systems. If that feature is important to your application, be sure to question your access control dealer or manufacturer’s representative for more information.

Standalone Access Control

The term “standalone” refers to an access control device that is self-contained instead of connected to a larger system. Such devices can offer advanced features such as time zones, audit trail and programming via personal computer, or they can be simple systems that only allow adding and deleting users. Standalone access control devices can be battery operated or hardwired.
When a standalone access control system is programmed via computer, the computer may need to be brought to the door to do the programming, though some manufacturers offer a hand-held programmer to handle communication between the computer and the device.

Standalone systems that serve a small number of users where no advanced features are required can often be programmed by entering codes on a keypad. For a system with less than 50 users and one or two doors this is a fine choice. The system manager will need to keep track of the users on paper.


Comments

    0 of 8192 characters used
    Post Comment

    No comments yet.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)