ACCESS CONTROL

Presented by,
Bency P Oomme
Archit mishra

Access control(AC) is the selective

restriction of access to a place or other
resource. The act of accessingmay mean
consuming, entering, or using. Permission to
access a resource is calledauthorization.

Three tiers of Access Control

1.Basic (non-intelligent) readers: simply read card number or PIN,
and forward it to a control panel. In case of biometric
identification, such readers output the ID number of a user.
2.Semi-intelligent readers: have all inputs and outputs
necessary to control door hardware (lock, door contact, exit
button), but do not make any access decisions. When a user
presents a card or enters a PIN, the reader sends information to
the main controller, and waits for its response. If the connection
to the main controller is interrupted, such readers stop working,
or function in a degraded mode.
3.Intelligent readers: have all inputs and outputs necessary to
control door hardware; they also have memory and processing

RFID BASED SECURITY ACCESS CONTROL SYSTEM

Radio-frequency identification (RFID) is the wireless non-contact

use of radio-frequency electromagnetic fields to transfer data, for
the purposes of automatically identifying and tracking tags attached
to object
It is an extension to bar code

The first patent to be associated with the abbreviation RFID was

granted to Charles Walton in 1983

Types:Contact RFID cards

Contact RFID cards have a contact area of approximately 1 square

centimetre (0.16sqin), comprising several gold-platedcontact pads.

These pads provide electrical connectivity when inserted into areader

Contactless RFID cards

A second card type is thecontactless RFID card, in which the card

communicates with and is powered by the reader through
RFinductiontechnology (at data rates of 106848kbit/s). These
cards require only proximity to an antenna to communicate

Active and Passive RFID Systems

Passive RFID systemsuse tags withno internal power

sourceand instead are powered by the electromagnetic
energy transmitted from an RFID reader. Passive RFID tags
are used for applications such as access control,file
tracking,race timing, supply chain management,smart
labels, and more. The lower price point per tag makes
employing passive RFID systems economical for many
industries.
Active RFID systems usebattery-poweredRFID tags that
continuously broadcast their own signal.Active RFID tagsare
commonly used as beacons to accurately track the realtime location of assets or in high-speed environments such

Working Principle
The RFID module is interfaced with the micro controller and when the
card is inserted into the reader, it reads the data in the card. If the
data in the card is matched with the data stored in the program memory,
then it displays authorized message, if the data is not matched it
displays unauthorized as per the code logic.
For authorized message, the door will be opened and closes automatically
after a small delay. If it is an unauthorized person it alerts the persons
through a buzzer. The smart card reader alerts the buzzer whenever it
reads the data from the smart card.

Token device
Software hardware hybrid object used
to verify an identity in an
authentication process.
Token device, or password generator, is
usually a handheld device that has an
LCD display and possibly a keypad

Token device is separate from the

computer the user is
attempting to access

Token Device Benefits/Limitations

Benefits
Not vulnerable to electronic eavesdropping
Wiretapping
Sniffing

Limitations
Human error
Battery limitation
Token itself (Environmental factors)

Types of Token Devices

Synchronous Token
A synchronous token device synchronizes with the authentication
service by using time or a counter as the core piece of the
authentication process.

Asynchronous Token
A token device using an asynchronous token generating method
employs a challenge/response scheme to authenticate a user.

Synchronous Token

Asynchronous Token Device

Memory Card
Holds information but cannot process
A memory card can hold a user's authentication information, so that
the user only needs to type in a UserID or PIN.

Smart Card
Holds and processes information
After a threshold of failed login attempts, it can render
itself unusable
PIN or password unlocks smart card functionality
Smart card could be used for:
Holding biometric data in template
Responding to challenge
Holding private key

Types of Smart Card

Contact
Requires insertion into a smart card reader with a direct connection
to a conductive micro-module on the surface of the card (typically
gold plated)
Through these physical contact points, transmission of
commands, data, and card status takes place

Contactless
Requires only close proximity to a reader
Both the reader and the card have antenna and it is via this
contactless link that two communicate

Smart Card attacks

Micro-probing techniques
Eavesdropping techniques
Trojan Horse attacks
Social engineering attacks

Biometric System
A characteristic based system
Includes all the hardware, associated software and
interconnecting infrastructure to enable the
identification/authentication process

Uses individual's unique physical characteristics in

order
to identify and authenticate
Each has its own advantages and disadvantages

Fingerprints
Every person's fingerprint is
unique
Most affordable and convenient
method of verifying a
person's identity
The lines that create a
fingerprint pattern are called
ridges and the spaces between
ridges are called valleys.

Retina Scan

Retinal scan technology maps the capillary pattern of the

retina

A thin (1/50th inch) nerve on the back of the eye!

Accurate
Many people are hesitant to use the device

Iris Scan
Scans the iris or the
colored portion of the eye
For authentication the
subject looks at the video
camera
from a distance of 3-10
inches
The entire enrollment
process is less than 20
seconds, and
subsequent identification
takes 1-2 seconds.

Hand Geometry
Measures specific characteristics of a
person's hand such
as length of fingers and thumb, widths, and
depth.
Takes over 90 measurements of the
length, width, thickness, and surface
area of a person's hand and fingers.
Hand measurements occur with
amazing speed, almost
within one second.
A charge coupled device (CCD) digital
camera is used to record the hand's three
dimensional shape.

Keyboard Dynamics
Looks at the way a person types at a
keyboard
Also called Typing Rhythms!
Keyboard dynamics measures two
distinct variables:
Dwell time: The amount of time one holds
a particular key
Flight time: The amount of time one
moves between the keys

Keyboard dynamic system can

measure one's keyboard
input up to 1000 times per second!

Voice Print
A voice reference template is constructed
To construct, an individual must speak a set of phrases several
times as the system builds the template.
Voice identification systems incorporate several variables
including pitch, dynamics, and waveform.

Facial Scan
Incorporates two significant methods:
Detection
Recognition

Detection involves locating the human face within an

image.
Recognition is comparing the captured face to other
faces that have been saved and stored in a database.

Facial Scan -- Process

Biometric Performance
Biometric performance is most commonly measured in
two ways:
False Rejection Rate (FRR) Type1
False Acceptance Rate (FAR) Type 2

The FRR is the probability that you are not authenticated

to access your account.
The FAR is the chance that someone other than you is
granted access to your account.

Thank You!