An access control system is a system that permits an authority to restrict access to areas and property in a given corporeal facility or computer-based information system. Within physical security, you can say that access control system is the second and most important layer in the security management.
Access control is an everyday occurrence. A lock on a car door or a PIN on an ATM system at a bank are all means of access control. A bouncer standing in front of a night club is perhaps a more primordial mode of access control (given the evident lack of IT involved). The control of access control is of major importance when persons ask for securing important, private, or susceptible information and equipment.
In physical security, the phrase access control points to the practice of restricting entry to a property, a building, or a room to certified or allowed persons. Physical access control can be realized by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through scientific means such as access control systems like the Access control atrium. Substantial access control is a matter of who, where, and when. It establishes who is allowed to enter/exit, where they are allowed to exit/enter, and when can they enter or exit. Mechanical locks and keys do not allow any restriction of the key holder to particular times or dates. Mechanical locks and keys do not give evidence of the key used on any particular door and the keys can be easily copied or transferred to an unofficial person.
Electronic Access Control
Electronic access control uses computers to eradicate the limitations of involuntary locks and keys. A wide choice of credentials can be used to restore mechanical keys. The electronic access control system allows access based on the credential shown to it. When access is given, the door is unlocked for a programmed time and the operation is recorded. When access is declined, the door remains locked and the endeavored access is recorded. The system will also observe the door and alarm if the door is vigor open or kept open too long after being unlocked.
In computer security, access control is made of authentication, authorization and inspection. It also includes physical mechanisms, including biometric scans and metal locks, concealed paths, digital signatures, encryption, societal barriers, and observation by humans and automated systems. In any access control model, the units that perform actions in the system are called subjects, and the individual symbolizing resources to which access may need to be controlled are called objects. Subjects and objects should both be measured as software entities, than as human users: any human client can only have an consequence on the system via the software entities that they organize.
Access control systems offer the necessary services of identification and authentication (I&A), authorization, and accountability where:
- identification and authentication decide who can log on to a system, and the involvement of users with the software subjects that they are able to be in charge of as a result of logging in;
- authorization conclude what a subject can do;
- Accountability recognizes what a subject (or all subjects associated with a user) did.
CHAPTER 2: ACCESS CONTROL SYSTEM OPERATION
In this section, the working of an Access Control System along with its advantages over physical security as well as its disadvantages would be briefly discussed.
ACCESS CONTROL SYSTEM COMPONENTS
An Access control system basically comprises of the following:
- Access control point (door)
- Reader - keypad, card or biometric reader
- Access control panel
- Controller - Decision making
- Electric lock - Magnetic Door Switch
A credential is a real object, a piece of information, or a facade of a person's physical being, that facilitate an individual access to a given physical facility or computer-based information system. Characteristically, credentials can be something you know (such as a PIN number), something you have (such as an access card), or something that belongs to you (such as a biometric trait) or some amalgamation of these items. The basic credential is an access card, key fob, or other keys. There are many card technologies that include magnetic stripe, bar code, Wiegand, 125kHz proximity, contact and contactless smart cards. Also known are key-fobs which are more compressed than ID cards and connect to a key ring. Basic biometric technologies have fingerprint, facial and iris recognition, retinal scan, voice, and hand geometry. Credentials for an access control system are basically kept within a database, which keeps track of access credentials for all staff individuals of a given organization.
Often credentials are characterized as:
- something you have, like an access passcard,
- something you know, a memorized PIN, or password.
- something you are, like a biometric input.
- Or a amalgamation of the above
A smart card, or an integrated circuit card (ICC), is a pocket-sized card with built in integrated circuits which can route data. This means that it can get input which is routed with the help of the ICC applications and distribute as an output. Two big categories of ICCs are present. Memory cards, they contain only non-volatile memory storage apparatus, and perchance some definite security logic. Microprocessor cards are the second one which contain unpredictable memory and microprocessor components.
There are two categories of smart cards: contact & contactless. They both have a built in microprocessor and memory. The smart card is different from the card basically called a proximity card in that the microchip in the proximity card has only one purpose: to offer the card reader with the id number. The processor on the smart card has an operating system and can handle many applications such as a cash card, a pre-paid membership card, and even an access control card. The basic difference between both the cards is found in the way with which the microprocessor set on the card communicates with the world on the outside.
A contact smart card has 8 contacts, which must actually touch contacts on the reader to convey information between each other. Since contact cards must be put into the respective readers with care and the direction has to be pragmatic, the pace and convenience of such transaction is not satisfactory for most access control applications. The use of contact smart cards in physical access control is kept mostly to parking applications when expense data is stored in card memory and when the speed of operations is not important.
A contactless smart card uses the same radio-based technology i.e. RFID as the proximity card with the exemption of the frequency band used: greater frequency (13.56 MHz instead of 125 kHz) allows us to transfer more data and communicate with several cards simultaneously. A contactless card doesn't have to touch the reader physically or need not be taken out from your wallet or purse. Most of the access control systems only recognize the serial numbers of contactless smart cards and don't use the available memory. The memory in the card is used to store a user's biometric data (i.e. fingerprint template). In such cases, a biometric reader will first read the pattern on the card and then it will compare it to the credential (hand, eye, etc.) offered by the user.
Access control card readers are used in physical security systems to read a credential that permits admission through access control points, basically a locked door. Different types of access control readers include magnetic stripe, bar code, proximity, smart card or biometric readers.
Types of readers
Access control readers may be classified by the various functions they are capable to perform:
- Basic (non-intelligent) readers: they simply read the number on the card (PIN) and pass it to a control panel. In the case of biometric identification, such readers give ID number of a user. Typically Wiegand protocol is used for transmitting data to the control panel, but other options such as RS-232, RS-485 and Clock/Data are also in the go. These are the most popular type of access control readers in the market.
- Semi-intelligent readers: these readers have all inputs/outputs required to manage door hardware (lock, contact of the door, exit button), but do not make any access decisions. When a user gives his card or enters a PIN, the reader then passes the information to the main controller and waits for its reply. During this time, if the connection is interrupted, such readers stop working or they operate in a degraded mode. Usually they are linked to a control panel through an RS-485 bus.
- Intelligent readers: have all inputs/outputs required to control door hardware, memory and processing power required to make access decisions are also done independently. Same as semi-intelligent readers they are linked to a control panel through an RS-485 bus. The control panel sends arrangement updates and recovers events from the readers. There are also the new generation intelligent readers called as "IP readers". Systems equipped with IP readers usually do not have conventional control panels and the readers directly communicate to PC that acts as a host.
Some readers also have extra features such as LCD, task buttons for data collection functions, camera/speaker/microphone for intercom events, and smart card read/write sustenance.
WORKING OF ACS:
An access control point can be a door, turnstile, parking gate, elevator, or other physical barrier in which granting access can be electrically managed. Basically an access point is a door that can contain various elements. At its most basic there is an electric lock which is unlocked by an operator containing a switch. In order to automate this, a reader replaces the operator interference. The reader (could be a card reader, biometric reader etc.) can be a keypad where user enters a code. Access decisions are not usually made by the readers, but they just pass on a card number to an access control panel which will verify the number against an access list. A magnetic door switch is used to control the door position. In idea, the door switch is not different from those on refrigerators or car doors. Usually only entry is restricted and exit is not. In cases where exit is also restricted, usage of a second reader is done on the opposite side of the door. In cases where it isn't, a device known as request-to-exit (REX) is used. Request-to-exit devices can be of two types: pushbutton or motion detector. When the motion detector detects some motion at the door or the button is pushed, the door alarm is temporarily disregarded while the door is opened. Exiting a door where you don't have to electrically unlock the door is called mechanical free egress which is an important safety feature. But in cases where the lock must be electrically ajar on exit, the REX device also unlocks the door. Often the reader provides response, like a flashing red LED for an access rejected and a flashing green LED for an access allowed.
ACCESS CONTROL SYSTEM TOPOLOGY
Controllers are connected to a host PC through a serial RS-485 communication line. External RS-232/485 converters or internal RS-485 cards have to be installed as regular PCs don't have RS-485 communication ports. In bigger systems multi-port serial IO boards are utilised.
- RS-485 standard permits long cable runs upto 4000 feet (1200 m)
- Comparatively short response time. The maximum number of devices on an RS-485 line is restricted to 32, which implies that the host can regularly request status updates from each device & display the events in real time.
- Excellent reliability & security as the communication line isn't shared with the other systems.
- RS-485 is not well designed for moving large amounts of data
- RS-485 doesn't permit host PC to converse with several controllers connected to the same port at the same time.
- In case of an alarm, the controllers cannot begin communication. The host PC operates as a master on the RS-485 communication line and controllers will have to wait until they are polled.
- Function of the system is greatly dependent on the host PC. If that fails, events from controllers are not recovered and functions that necessarily require interacting between controllers stop working.
Serial main controllers & intelligent readers
All door hardware is connected directly to intelligent or semi-intelligent readers. Readers usually do not make access decisions, and forward all requests to the main controller. Only if the connection to the main controller is unavailable, the readers use their internal database to make access decisions and record events. Semi-intelligent reader that have no database and cannot function without the main controller should be used only in areas that do not require high security. Main controllers usually support from 16 to 64 readers.
Readers are connected to a host PC via Ethernet LAN or WAN. Advantages:
- Most IP readers are PoE capable. This feature makes it very easy to provide battery backed power to the entire system, including the locks and various types of detectors (if used).
- IP readers eliminate the need for controller enclosures.
- There is no wasted capacity when using IP readers (i.e. a 4-door controller would have 25% unused capacity if it was controlling only 3 doors).
- IP reader systems scale easily: there is no need to install new main or sub-controllers.
- Failure of one IP reader does not affect any other readers in the system.
- In order to be used in high-security areas IP readers require special input/output modules to eliminate the possibility of intrusion by accessing lock and/or exit button wiring. Not all IP reader manufacturers have such modules available.
- Being more sophisticated than basic readers IP readers are also more expensive and sensitive, therefore they should not be installed outdoors in areas with harsh weather conditions or high possibility of vandalism.
- The variety of IP readers in terms of identification technologies and read range is much lower than that of the basic readers.
- The most common security risk of intrusion of an access control system is simply following a legitimate user through a door. Often the legitimate user will hold the door for the intruder. This risk can be minimized through security awareness training of the user population or more active means such as turnstiles. In very high security applications this risk is minimized by using a sally port, sometimes called a security vestibule or mantrap where operator intervention is required presumably to assure valid identification.
- The second most common risk is from levering the door open. This is surprisingly simple and effective on most doors. The lever could be as small as a screw driver or big as a crow bar. Fully implemented access control systems include forced door monitoring alarms. These vary in effectiveness usually failing from high false positive alarms, poor database configuration, or lack of active intrusion monitoring.
- Spoofing locking hardware is fairly simple and more elegant than levering. A strong magnet can operate the solenoid controlling bolts in electric locking hardware.
- Access cards themselves have proven vulnerable to sophisticated attacks. Enterprising hackers have built portable readers that capture the card number from a user's proximity card. The hacker simply walks by the user, reads the card, and then presents the number to a reader securing the door. This is possible because card numbers are sent in the clear, no encryption being used.
Here comes the need for Biometric Access Control which solves most of the Electronic Access control issues.
CHAPTER 3: BIOMETRIC ACCESS CONTROL
Biometrics comprises methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology, in particular, biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.
Biometric characteristics can be divided in two main classes:
- Physiological are related to the shape of the body. Examples include, but are not limited to fingerprint, face recognition, DNA, hand and palm geometry, iris recognition, which has largely replaced retina, and odor/scent.
- Behavioral are related to the behavior of a person. Examples include, but are not limited to typing rhythm, gait, and voice.
WORKING OF BIOMETRIC SYSTEMS
The first time an individual uses a biometric system is called an enrollment. During the enrollment, biometric information from an individual is stored. In subsequent uses, biometric information is detected and compared with the information stored at the time of enrollment. Note that it is crucial that storage and retrieval of such systems themselves be secure if the biometric system is to be robust. The first block (sensor) is the interface between the real world and the system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics desired. The second block performs all the necessary pre-processing: it has to remove artifacts from the sensor, to enhance the input (e.g. removing background noise), to use some kind of normalization, etc. In the third block features needed are extracted. This step is an important step as the correct features need to be extracted in the optimal way. A vector of numbers or an image with particular properties is used to create a template. A template is a synthesis of the relevant characteristics extracted from the source. Elements of the biometric measurement that are not used in the comparison algorithm are discarded in the template to reduce the file size and to protect the identity of the enrollee.
If enrollment is being performed the template is simply stored somewhere (on a card or within a database or both). If a matching phase is being performed, the obtained template is passed to a matcher that compares it with other existing templates, estimating the distance between them using any algorithm (e.g. Hamming distance). The matching program will analyze the template with the input. This will then be output for any specified use or purpose (e.g. entrance in a restricted area).
Modes of Operation
- In the 1-to-1 mode a user must first identify himself/herself to the reader by either presenting an ID card or entering a PIN. The reader then looks up the template of the user in the database and compares it with the live scan. The 1-to-1 method is considered more secure and is generally faster as the reader needs to perform only one comparison. Most 1-to-1 biometric readers are "dual-technology" readers: they either have a built-in proximity, smart card or keypad reader, or they have an input for connecting an external card reader.
- In the 1-to-many mode a user presents his finger (or hand, eye, etc.) and reader needs to compare the live scan to ALL the templates stored in the memory. This method is preferred by most end-users, because it eliminates the need to carry ID cards or use PINs. On the other hand this method is slower, because the reader may have to perform thousands of comparison operations until it finds the match. An important technical characteristic of 1-to-many readers is the number of comparisons that can be performed in one second, which is considered the maximum time that users can wait at a door without noticing a delay. Currently most 1-to-many readers are capable of performing 2000-3000 matching operations in one second.
There are several forms of biometric identification employed in access control:
- hand geometry
- iris and
- facial recognition
The operation of all biometric readers is alike: they compare the template stored in memory to the scan obtained during the process of identification. If the probability that the template in the memory and the live scan belong to the same person is high enough, the ID number of that person is sent to a control panel. The control panel then checks permissions of the user and makes the decision whether to grant access or not. The communication between the reader and the control panel is usually done in the industry standard Wiegand protocol. The only exception is intelligent biometric readers that do not require any panels and directly control all door hardware.
Biometric templates may be stored in the memory of readers, in which case the number of users is limited by reader memory size. Readers currently available in the market may store up to 50,000 templates. Template of each user may also be stored in the memory of his/her smart card. This option removes all limits to the number of system users, but it requires each user to have a card and makes finger-only identification impossible. Biometric templates may also be stored in the memory of a central server PC. This option is called "server-based verification". Readers simply read biometric data of users and forward it to the main computer for processing. Such systems support large number of users, but they are very much dependent on the reliability of the central server and communication lines.
ADVANTAGES AND CONCERNS:
Advantages over card controlled access systems
The use of biometric technology significantly increases security level of systems because it eliminates such problems as:
- Loaned ID cards
- Forgotten or guessed PINs.
- One advantage of passwords over biometrics is that they can be re-issued. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not naturally available in biometrics. If someone's face is compromised from a database, they cannot cancel or reissue it. Cancelable biometrics is a way in which to incorporate protection and the replacement features into biometrics.
- Data obtained during biometric enrollment could be used in ways the enrolled individual does not consent to.
- When thieves cannot get access to secure properties, there is a chance that the thieves will stalk and assault the property owner to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property.
CHAPTER 4: DESIGN ELEMENT
SMART CARD ARCHITECTURE
Smart cards are credit card-sized plastic cards with embedded memory, widely used for applications such as access control, authentication, and security key storage.
Central Processing Unit
Traditionally this is an 8-bit microcontroller but increasingly more powerful 16 and 32-bit chips are being used. However, none have multi-threading and other powerful features that are common in standard computers. Smart Card CPUs execute machine instructions at a speed of approximately 1 MIPS. A coprocessor is often included to improve the speed of encryption computations.
There are three main types of memory on cards:
- RAM. 1K. This is needed for fast computation and response. Only a tiny amount is available.
- EEPROM (Electrically Erasable PROM). Between 1 to 24K. Unlike RAM, its contents are not lost when power is. Applications can run off and write to it, but it is very slow and one can only read/write to it so many (100 000) times.
- ROM. Between 8 to 24K. The Operating System and other basic software like encryption algorithms are stored here.
This is via a single I/O port that is controlled by the processor to ensure that communications are standardized, in the form of APDUs (A Protocol Data Unit).
Interface Devices (IFDs)
Smart Cards need power and a clock signal to run programs, but carry neither. Instead, these are supplied by the Interface Device - usually a Smart Card Reader - in contact with the card. This obviously means that a Smart Card is nothing more than a storage device while being warmed in your pocket.
In addition to providing the power and clock signals, the reader is responsible for opening a communication channel between application software on the computer and the operating system on the card. Nearly all Smart Card readers are actually reader/writers, that is, they allow an application to write to the card as well as read from it.
The communication channel to a Smart Card is half-duplex. This means that data can either flow from the IFD to the card or from the card to the IFD but data cannot flow in both directions at the same time. The receiver is required to sample the signal on the serial line at the same rate as the transmitter sends it in order for the correct data to be received. This rate is known as the bit rate or baud rate. Data received by and transmitted from a Smart Card is stored in a buffer in the Smart Card's RAM. As there isn't very much RAM, relatively small packets (10 - 100 bytes) of data are moved in each message.
The design example is targeted to the Atmel 16 Kbit AT88SC1616C Crypto Memory smart card module.
This design generates the necessary control signals at the smart card side. The commands/data for accessing the smart card module must be fed in either by a microcontroller interface or the configuration logic of the FPGA. In this design, Actel's embedded microcontroller, Core8051, is used for generating the commands to the smart card reader interface. The IP interface block diagram.
The AT88SC1616C smart card module consists of two memory areas: the user zone and the configuration memory area.
The user zone is divided into 16 zones of 1,024 bits each. Access to the user zones is allowed only after security requirements have been met. These security requirements are defined by the user during the personalization of the device in the configuration memory.
The configuration memory consists of 2,048 bits of EEPROM memory used for storing passwords, keys, and codes, as well as for defining security levels to be used for each user zone. Access rights to the configuration memory are defined in the control logic and may not be altered by the end user.
The key for accessing the supplied smart card module's configuration memory is 0xB6A405. This key is required for unlocking the configuration memory for any modification. This document explains how to access the user zones and the configuration memory area. As defined in the ISO 7816-3 standard, T=0 protocol, the operating procedure consists of the following consecutive operations:
- Connection and activation of the contacts by the interface device
- Reset of the card
- Answer to reset by the card
- Subsequent information exchange between the card and the interface device
- Deactivation of the contacts by the interface device
There are four internal registers for the design: Reset Register, Transmit Data Register, Receive Data
Register, and Status Register.
- The Reset Register resets the smart card.
- The Transmit Register transmits data to the CARD_IO bus.
- The Receive Register receives data from the CARD_IO bus.
- The Status Register indicates the status of data transaction.
By default, the content of the Status Register is 0x00. When a byte of data is transferred out of the Transmit register and shifted out serially through the card I/O pin to the smart card, the content of the Status Register changes to 0x01. This bit must be monitored by the host to confirm that the data has been completely shifted out to the smart card. Once the complete byte is shifted out of the Transmit Register, this bit is set to 0x01. The content must be cleared to 0x00 before the next data transfer. Similarly for the read operation, this register bit needs to be monitored to check whether any data is available in the Receive Register. Once the data is read from the smart card and a byte of information is available in the Receive Register, this bit becomes 1 and must be cleared by the host before receiving the next byte.
CHAPTER 5: CONCLUSION
Siemens is a global powerhouse in electrical and electronics engineering operating in the industry, energy & healthcare sectors. Working closely with the IT department of Siemens, you get to learn how organized every department has to be within a company in order to get the most out of every project they deal in. Supporting a multicultural environment, it gives us the exposure to work with every possible nationality and develop ourselves as an individual.
During these 5 months of internship, a successful study on Access control was done. Every organization strives to have an excellent security control to monitor and protect their sensitive information and products. To support this, SIEMENS SiPass access control products and systems provide security to a wide variety of different kinds of organizations around the world - large, medium-sized and small. Wherever they are installed, these products and systems ensure that the right people always have access to the right places at the right times, and that the wrong people never do.
The concerns of card controlled Access system were studied. Biometric access systems comes as a rescue that eradicate the need of carrying or losing access cards which in turn increases the security level of the system.
Undergoing an internship program in a company like Siemens is the biggest opportunity a student could get, and one could only be truly grateful to all the people who have made this project and internship a success.
- Smart Cards today Monthly Newsletter by India Times
- Siemens Access Control SiPass Product manual