A detailed Analysis Physical Access
In physical terms, the terminology ‘access control’ mainly refers to the practice of controlling access to any physical or virtual entity, like a building, or a closed cabinet from unauthorized people. Access control in the physical level can be achieved by security personnel, a doorman, or a receptionist, or through mechanical techniques like lock & key, or through technological equipments like Access control vestibule. In this context, physical key management can also be utilized to a great extent for controlling and monitoring access to physically locked segments or access to particular minor assets.
Physical access control is definitely a factor of person, place, and time. An access control system defines who is permitted to enter or leave, to which area they are permitted to enter or leave, and at what time they are permitted to enter or leave. In the past this was partially achieved with the help of chains, keys and locks. When an entrance is closed using a lock only a person having a key can unlock the entrance which again depends on configuration of the lock. Anyhow physical lock and key mechanism does not permit access of the key holder to particular time or date. Physical lock & key mechanism does not keep any history of the key usage on any particular entrance and an unauthorized user can very easily copy or transfer the keys. When a physical key loss happens, the key holder can no more access the protected segment, and the locks will have to be reconfigured
Electronic access control utilizes computers to get solutions for the restrictions of physical lock & keys. A very wide collection of credentials is available as a replacement to the lock & key mechanism. The electronic access control technique provides access based on the authorization data displayed. When access is given, the entrance is unlocked for a specific time frame and the activity is stored in a database. When access is denied, the entrance remains closed and the attempted operation is recorded. The system will also keeps in database the activity of the entrance and alarm if the door is forced open or held open for a long time after being opened.
Access Control Card Reader
Access control card readers are widely employed in physical security techniques to read a credential that permits access via access control points, ideally a locked entrance. The main card technologies used includes magnetic stripe, bar code, Wiegand, proximity reader, contact/contact less smart cards. The wide range of biometric techniques consists of Fingerprint, Iris, retinal scan, hand geometry, signature, handwriting, voice, facial recognition, and hand Geometry Access control readers are usually grouped by functionalities they are able to do and by the technology used for identification(Shon, 2005).A credential is an entity similar to a code, a Personal Identification Number, an ID card, a biometric feature; or different combinations of these. Typically used credentials are an ID card, key fob, or another key (British Standard, 1999).
Security risk analysis, also termed as risk assessment, is very important when it comes to the security of any institutions or firms. It is important in confirming that procedures and cost associated are completely proportionate to the risks to which the firm is exposed. Anyhow several traditional methodologies for doing security risk analysis are now a days very much indefensible in the areas of usability, scalability and also in terms of the output they generate for its user(Shon, 2005).When it comes to Security risks security systems are usually reactive. Before forming the ultimate decision to establish access control we must ensure that cost analysis and advantage proportion is pretty reasonable for the organization. Utilizing solutions that implement access control obligate eminent resource coordination (Shon, 2005). A well balanced and enforced access control system can efficiently mitigate risk and potentially increase the performance to the deepest point—unless the system is either over utilized or not sufficient for the particular needs it is expected to address.
The very important security risk of an access control system is termed as “tailgating” or “piggybacking (security)” which refers to the system by which an unauthorized individual following a credentialed person via an open entrance. Tailgating means that the individual who is authorized does not know that another individual has followed him through the entrance, while piggybacking means that the authorized person has permitted to let another individual through the open entrance (British Standard, 1999).
There is a prevalent risk that a hacker could access an entrance by tampering with exit button circuitry. Usually in all cases exit button’s input side is normally open. If the hacker attempts to short the input circuit of exit button, the electric mechanism of the lock may get unlocked since the system is forced into believing that the exit button was pressed, and there will be no alarm sounds produced as many of the access control systems regard exit button press event unimportant (British Standard, 1999).
The hacker could also open an entrance by contact wires shorting in the entrance and disconnecting the wires leading to the electric lock or, dependent upon the variety of the lock, giving power to it from a transportable source. The door contact input provides a normally closed contact; therefore if the wires were shorted no door open alarm would be generated.
In household security systems one control system is used to operate upon multiple entrances. Therefore as the distance between the main control area and the entrance point increases, a hacker will get more choices to find easy access to the wires connecting both of them. The threats may be lessened by implementing resistor supervision, digitally managed inputs and outside digitally manipulated relays.
Distributed circuits with smart readers may be even easier to break into for hackers if sophisticated protection methods are not implemented. Just by removing the reader from the wall an intruder can gain access to all the wiring.