Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Access control
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Electronic access control === [[File:Physical security access control with a fingerprint scanner.jpg|thumb|Physical security access control with a [[hand geometry]] scanner]] [[File:Fob-at-proximity-reader 532 130xauto.jpg|thumb|Example of fob based access control using an ACT reader]] Electronic access control (EAC) uses computers to solve the limitations of mechanical locks and keys. It is particularly difficult to guarantee identification (a critical component of [[authentication]]) with mechanical locks and keys. A wide range of [[credentials]] can be used to replace mechanical keys, allowing for complete [[authentication, authorization, and accounting]]. The electronic access control system grants access based on the credential presented. When access is granted, the resource is unlocked for a predetermined time and the [[Database transaction|transaction]] is recorded. When access is refused, the resource remains locked and the attempted access is recorded. The system will also monitor the resource and alarm if the resource is forcefully unlocked or held open too long after being unlocked.<ref name=":0" /> When a credential is presented to a reader, the reader sends the credential's information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, and sends a transaction log to a [[database]]. When access is denied based on the [[access control list]], the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the resource. The control panel also ignores an opening signal to prevent an alarm. Often the reader provides feedback, such as a flashing red [[LED]] for an access denied and a flashing green LED for an access granted.<ref name=":1">{{cite book | url=https://www.worldcat.org/oclc/535966830 | title=Security and access control using biometric technologies | publisher=Course Technology | date=2010 | author=Newman, Robert | location=Boston, Mass. | isbn=978-1-4354-9667-5 | oclc=535966830}}</ref> The above description illustrates a single factor transaction. Credentials can be passed around, thus subverting the access control list. For example, Alice has access rights to the [[server room]], but Bob does not. Alice either gives Bob her credential, or Bob takes it; he now has access to the server room. To prevent this, [[two-factor authentication]] can be used. In a two factor transaction, the presented credential and a second factor are needed for access to be granted; another factor can be a PIN, a second credential, operator intervention, or a [[Biometrics|biometric input]].<ref name=":1" /> There are three types (factors) of authenticating information:<ref>{{Cite web |url=http://www.ffiec.gov/pdf/authentication_guidance.pdf |title=Authentication in an Internet Banking Environment |author=Federal Financial Institutions Examination Council |year=2008 |access-date=31 December 2009 |url-status=live |archive-url=https://web.archive.org/web/20100505203410/http://www.ffiec.gov/pdf/authentication_guidance.pdf |archive-date=5 May 2010 }}</ref> * something the user knows, e.g. a password, pass-phrase or PIN * something the user has, such as [[smart card]] or a [[key fob]] * something the user is, such as the users fingerprint, verified by biometric measurement Passwords are a common means of verifying a user's identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, whereby another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios. For example, a user may have their password, but have forgotten their smart card. In such a scenario, if the user is known to designated cohorts, the cohorts may provide their smart card and password, in combination with the extant factor of the user in question, and thus provide two factors for the user with the missing credential, giving three factors overall to allow access.{{citation needed|date=February 2012}}
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Access control
(section)
Add topic
