Card, mobile credential, payment and security
If one based his impression simply on the ease with which the term security is used in conversation at trade shows and in meetings, it would be logical to assume that most people understand the basic concepts of access control technology. However, that is not the case. In this rapidly changing arena, it is easy to get caught up in the latest trend and newest technology. But these are of little value without a solid understanding of the operational building blocks. So bear with me as I use this column to setup the foundation for this special security issue of CR80News.
At its most basic form, a common access control system can be thought of in three separate parts or phases: (1) the network of door access readers connected to (2) a smaller network of field panels that are in turn connected to (3) a single host computer.
When a card is presented to a door access reader, the reader makes the first-level decision. If the first digits match a predefined system, agency, and/or site code, the card passes its first test. If it does not match, authorization is denied without further need to query the system.
Assuming the first level test is passed, the credential number is passed from the reader to the field panel. The field panel checks the credential number against a local list of recently seen credentials maintained in memory. The capacity of the field panel, or number of credential numbers it can maintain at any one point, is defined by the amount of onboard memory.
If the number is found in the list at the field panel, the credential is approved and authorization is sent back to the card reader granting access. If the number is not found, the panel passes the number on to the server to query the master database. The server checks the listing of all approved credential numbers and the final decision to accept of reject is sent to the reader.
While some systems connect the readers directly to the host computer and others have further interim points between the readers, panels, and host, the above description is an extremely common architecture.
Regardless of the architecture, the communication of data from the card reader to the field panel is a crucial component. This communication is typically conducted using a Weigand or RS-232 protocol. Any reader that can communicate via the specific protocol utilized by the security system can be attached to that system.
Card readers for access control systems come in a wide variety of technologies. Magnetic stripe, bar code, chip card, contactless card, proximity card and others are available. The key to the system is not the card technology used to communicate the credential number to the reader, but rather the protocol used by the reader to communicate with the field panel.
Think of the card or token merely as a container for the numeric credential. If a new type of reader can interpret data from the card or token and communicate with the field panel, then the access control system will operate exactly as it did when the previous type of reader was used. In fact, most systems can support multiple types of readers at the same time.
In the series of articles presented in this special security issue of CR80News, elements and components of security and access control are examined. While you may not be in charge of the security system on your campus, the importance of the campus card as the identifying credential makes it imperative that you are attuned to the basics of your campus’ physical security.
Chris Corum
Editor
[email protected]
