Integrated

Electronics
Security System
CHAPTER 3: Access Control System

By Alexander L/mariam
alexander.Leakemariam@ftveti.edu.et
phone:-+251-910-68-55-68
Access Control Systems

38
 Why Access Control?

Two biggest issues regarding security in the marketplace

today
– Internal theft
– Workplace violence

• Industry segment growth

– Grow approximately 11% annually
– Approximately a $1.2 billion in the commercial market

39
 Statistics

• Internal theft.
– Employee pilferage is $5-10
billion/year.
– An estimated 40% of business theft
involves employees.
– White collar crime is estimated at $44
billion/year.

• Workplace violence.
– 2 million employees victimized by
workplace violence each year.
 Employee Theft
• How employees look at themselves:
– 21% - will never steal.
– 13% - will undoubtedly attempt theft.
– 66% - will steal if others are successful.

A proactive security operation can have a visual impact on

the two-thirds of employees who might steal.

• Source - SDM Oct.’99 - 500 employees surveyed by Michael G.

Kessler & Asso., Ltd.
41
 System Integration
The concept of combining services, such as intrusion,
CCTV and access control to improve efficiency and reduce
false alarms
This is the most important technology strategy that security
operations will apply in the upcoming years
Integration is also the sharing of databases among separate
systems
Over the next three years - at least 33% plan some type of
integration
• Source: Analysis by The SECURITY Group for SECURITY Magazine
42
 Forms of Access Control
Keys - can be duplicated, no record, tough to administer,
how to retrieve
Cypher locks - common code, hard to change code, better
on interior doors
Security guards - costly, absenteeism, trusted?, Difficult
employment times
• Receptionist - always there?, Trained in security?
• Electronic – On-site and central station based

43
Access Control:

In the fields of physical security

and information security, access
control is the selective restriction
of access to place or other
resource. The act of accessing may
mean consuming, entering, or
using.
 Access Control
Access control is a collection of methods and
components used to protect information
assets. Although some information is and
should be accessible by everyone, you will
most likely need to restrict access to other
information.
Access control supports both the
confidentiality and the integrity properties of
a secure system.
The confidentiality property protects
information from unauthorized disclosure.
You use access control to ensure that only
authorized users can view information.
 The integrity property protects information
from unauthorized modification.
Access control gives you the ability to dictate
what information a user can both view and
modify.
Identification and Authentication

• Access controls exist to keep the bad guys

out and to keep the good guys honest.
• Companies need to ensure that
unauthorized access is not allowed and
that authorized users’ cannot make
improper modifications.
• The controls exist in a variety of forms,
from passwords and ID badges to remote
access authentication protocols and
security guards.
• The tricky part is that they must be
incorporated in a layered approach and
that each layer needs to be understood,
along with its relationship to the other
layers, to ensure that vulnerabilities are not
overlooked or introduced and that different
controls do not step on each other’s toes.
• Before we get too far ahead of ourselves,
let’s go over some basic definitions of terms
you will see often throughout this chapter:
• Subject :-Active entity that requests
access to an object or the data within an
object. The subject is the actor.
• Object Passive entity being accessed, or
the item being acted upon.
• Access right Ability of a subject to do
something, such as read, create, delete,
or modify. Access is also considered the
flow of information between a subject
and object.
• An entity can be a subject or an object, depending upon its activity. For
example, a program can be an object when a user requests information
from it or requests it to process data. The program can also be a subject if it
initiates communication with another program.
• Three Steps to Access Control
• There are three important components of access control: identification,
authentication, and authorization.
• Identification is the activity of the subject supplying information to identify
itself to an authentication service. Some examples of
identification mechanisms are username, account number, and memory
card.
• Authentication is the second part of a credential set to verify the identity of
the subject.
• These mechanisms could be passphrases,
passwords, cryptographic keys, PIN numbers,
or tokens. You may tell me your name, but I
have no proof that you are who you say you
are until you demonstrate the secret
handshake. Only then will I be convinced of
your identity.
• Authorization is the process of determining
what this identified subject can actually
access and what operations it can carry out.
• Authorization is based on some type of
predefined criteria, which is enforced
through access control lists, security
labels, capabilities tables, or user
profiles.
• These three components of access
control usually work together in a
synergetic relationship and can be found
in applications, operating systems,
firewalls, routers, databases, domain
controllers, and more.
 Authentication
• Identification is usually providing a public piece of
information (username, account number) and
authentication is providing a private piece of
information (PIN number, passphrase, digital
signature).
• Three important characteristics of the mechanisms
that can be used for authentication are as follows:
• Subject must prove something he knows Example =
password
• Subject must prove something he has Example = smart card
• •Subject must prove something he is Example = fingerprint
• If one mechanism providing one of
these characteristics is used, it is
referred to as one-factor; if two
mechanisms are being used, it is two-
factor; and you guessed it, an
authentication process that requires
all three is referred to as three-factor.
• For the authentication process to be
considered strong authentication, it
must be at least two-factor.
• User identification values should be unique
to ensure accountability of individual activity.
• They should be no descriptive of job
functions to make them not as easily guessed
and so that attackers will not know what type
of account the credentials are tied to.
• There should also be secure and documented
processes for issuing identification and
authentication values and mechanisms to
ensure standardization.

Credentials =A document attesting(providing evidence) to the truth of certain stated facts

• There are several mechanisms that can be used for authentication, each
one with its own strengths and weaknesses.
• We take a look at the following items:

Passwords
Biometrics
 Token devices
 Memory cards
 Smart cards
 Cryptographic keys
Types of Common Physical Security
1. Password Authentication
2. Card (RFID/5MHz card)
3. Finger print
4. Retina Authenticating
 Passwords
• A password is a string of characters that should be
different for each user and highly protected. It is
something that a subject knows and is the most
widely used authentication method in place today.
• The problem is that it is the most insecure
mechanism when compared to other authentication
technologies, because users and administrators do
not usually practice the necessary disciplines
required to provide a higher level of protection.
• Also, specialized utilities have been developed to
uncover passwords and compromise this type of
authentication method. The following is a list of best
practices that should be implemented and enforced as
part of a company-wide password policy:
• Passwords should have at least eight characters
(alphanumeric and symbols) and a combination of
upper- and lowercase.
• Users should not be able to reuse the same
passwords (password history).
• Systems should have a threshold (clipping level)
configured that limits the number of unsuccessful
logon attempts.
• An accurate audit log should be
maintained that includes information
about each logon attempt, which includes
date, time, user ID, and workstation.
• The password lifetime should be short
but practical.
• Passwords should not be shared.
• Passwords should not be easily guessable
nor should they be dictionary words.
• Passwords should never be stored in clear text;
• some type of encryption scheme, as in a one-way
hashing method, should be used to ensure that
passwords are not easily read.
• Servers that store passwords should have limited
physical and logical access and should be highly
protected.
• Some companies choose to use password
generators, which are software applications that
create complex passwords for users instead of
allowing them to come up with their own.
• Attacks on Passwords:- There are two
types of attacks that are commonly used
against passwords: dictionary and brute
force attacks.
 Cognitive Password
• A cognitive password is based on fact or opinion
used as the secret code, which is usually easier for a
user to remember and is more difficult for an
attacker to uncover.
• The user goes through an enrollment process by
answering questions that typically deal with
personal experiences and the answers to these
questions are documented and used as cognitive
passwords when the user needs to authenticate
herself at a later time.
• For example, when Chrissy calls a help desk for the
first time,
• she is enrolled for proper
authentication by being asked the
following questions:
• What is your mother’s maiden
name?
• What is your dog’s name?
• What city were you born in?
• What is your favorite color?
When Chrissy calls back to get assistance from
the help desk at a later time, she is presented
with one or more of these questions to prove
her identity. Once the help desk person is
convinced of her identification, he can move
on to assisting Chrissy.
One-Time Password
• A one-time password is a set of characters
that can be used to prove a subject’s identity
one time and one time only.
• After the password is used, it is destroyed and
no longer acceptable for authentication.
• One-time passwords are usually generated and
supplied to the user via a handheld device with an
LCD display, referred to as token device.
• The user reads the password provided by the token
device and enters it, along with a username, into a
system for authentication purposes.
• The password is good for only that session and
when the user needs to authenticate again, another
password is dynamically created.

LCD=liquid crystal display

A digital display that uses liquid crystal cells that change reflectivity in an applied electric field; used for portable computer
displays and watches etc.
1. Token device generates a one-time password based on time or
event
2. User enters value as password into workstation
3. User’s credentials are passed to server for authentication
4. If one-time password is the value the server was expecting the user
is authenticated
• The token device modifies this value, through encryption or a
hashing process, and presents the new value to the user.
• The user then enters this new value as his password to authenticate
to the authentication service. If this set of characters is the same that
the authentication service originally sent to the user, the user is
properly authenticated.
 Electronic Access Control Systems
Provide…
• System Automation
• Entry Control
• Facility Management

44
 System Automation

• Eliminates needs for alarm keypad

• Provides greater convenience in
alarm use
• Enhances management control
– Alarm use time parameters
– Detailed management reports

45
Controller:
• The controller is the heart and brain of a
system. It interrogates the reader input
and grants or denies entry.
• It maintains audit trails. Controls
automated relays (scheduled lock/unlock).
Basics of Access control
• Relay Concept
• A relay is an electromagnetic switch operated by a relatively small electric current
that can turn on or off a much larger electric current. The heart of a relay is an
electromagnet (a coil of wire that becomes a temporary magnet when electricity
flows through it). You can think of a relay as a kind of electric lever: switch it on with
a tiny current and it switches on ("leverages") another appliance using a much bigger
current. Why is that useful? As the name suggests, many sensors are incredibly
sensitive pieces of electronic equipment and produce only small electric currents.
But often we need them to drive bigger pieces of apparatus that use bigger currents.
Relays bridge the gap, making it possible for small currents to activate larger ones.
That means relays can work either as switches (turning things on and off) or as
amplifiers (converting small currents into larger ones).
NO is normally open i.e. the contacts are normally open and close when the switch is actuated. NC is normally
closed i.e. the contacts are normally closed and open when the switch is actuated. 1NO1NC is generally used to
describe contactors (industrial power relays) and manual switches like emergency stop buttons
 Access Control Systems
Access control systems are the systems which provide secure access only to authorized persons in any facility.
Basic use of this can be seen as attendance providing systems incorporated in offices. The user credentials
are uploaded in the systems and then the identity is verified at the time of user entry by means of password
thumb impression or card readers.

Access Control Type of Security

• In the most simplest way possible what it means fail secure vs fail safe:
• Fail secure: The lock unlocks when power is applied
• Fail-safe: The lock unlocks when power is removed
FAILSECURE
• So in the end fail secure means that if the power is interrupted or fails, the door stays
locked. That's why it's called "secure": It's default state is locked or secured. So a fail
secure lock locks the door when power is removed.
• Often fail secure locks are used for IT rooms or other sensitive areas. However
because the door keeps being locked in emergencies, typically it will be usable with a
mechanical override, such as a regular key. However this is also a way of getting in
the door without leaving any electronic traces. This is why the use of mechanical
override keys is often restricted to only a few people who are highly restricted in use,
naturally that would be to complex for too many members to operate.
• Fail secure locks are used for fire related doors or staircase (stairwell) doors. The
reason is that in case of fire, those doors should remain closed to seal off a portion of
the space and help reduce spreading of the fire.
FAIL SAFE
• When looking at fail safe locks this means that it's default state is actually unlocked.
To keep it locked during normal business operations, power is applied. Should the
power be interrupted or fail, the door automatically unlocks or releases to let people
out of the space. That's why it's called "safe"
• - it's safe for people - not the space!
• Mostly fail safe locks are used for main entry points like office doors or lobby access
doors. A popular use for this application are maglocks which - by design - require
power to operate.
•
Credential Devices
• Magnetic Stripe Card

• Wiegand-effect Card

• Proximity Card
First, Second, or Third
• Smart Card Layer of Defense

• Bar Code
Peripheral items for Access control
• Magnetic Locks
• An electromagnetic lock, magnetic lock, or maglock is a locking device that consists
of an electromagnet and an armature plate. There are two main types of electric
locking devices. Locking devices can be either "fail safe" or "fail secure". A fail-secure
locking device remains locked when power is lost. Fail-safe locking devices are
unlocked when de-energized. Direct pull electromagnetic locks are inherently fail-
safe. Typically the electromagnet portion of the lock is attached to the door frame
and a mating armature plate is attached to the door. The two components are in
contact when the door is closed. When the electromagnet is energized, a current
passing through the electromagnet creates a magnetic flux that causes the armature
plate to attract to the electromagnet, creating a locking action. Because the mating
area of the electromagnet and armature is relatively large, the force created by the
magnetic flux is strong enough to keep the door locked even under stress.
Door Contact

Contact sensors tell your system if something is open or closed.

They're typically installed on doors, windows or drawers throughout the house. They have two pieces:
one installed on the door itself; the other installed next to it on the jamb. When the door is opened and
the pieces move apart, the sensor signals ‘open' to your security system
 Coded Devices

Electronic Keypad Devices

Computer Controlled Keypad Devices

First, Second, or Third

Layer of Defense
Electronic Entry Control

• Coded Devices
• Credential Devices
• Biometric Devices

First or Second
Layer of Defense
 Entry Control

• Replaces mechanical keys with

“electronic” keys
• Increases management control of
building use
– Prevents unauthorized entry
– Records authorized entry
• Helps increase employee safety and
security
• Reduces employer “negligent
security” liability
• Reduces costs of operations
46
 Facility Management

• Integrates control of building

services with security system
– Lighting
– HVAC equipment
– Parking gate control
– Elevator control

47
 Access Control Major Devices

• Access cards
• Access card reader
• Locking device
• Door position switch
• Exit device
• Controller
• Software

48
 Access Control - Cards

• Many different styles and formats

– Bar code
– Magnetic stripe
– Wiegand
– Proximity
– Smart cards
– Biometrics (human element)
• Proximity growth at 24% per year
• Biometrics growth at 13% year

49
 Most Secure

Least Secure
Bar Code

Magenetic
Stripe

Wiegand

Proximit
y
Relative Security

Chip
Card Technologies

Technolo
gy

Biometric
s
50
 Card Reader Technologies
TYPE Principal Advantages Disadvantages

Bar Code Series of thin and thick Excellent for job Easy to duplicate
lines forming a code costing and time and
that can be read by a attendance. Good for card reader
low cost cards and
many times as a second technology on a
dual- tech card
Magnetic Card that has data Dependable and
Subject to wear and
Stripe encoded on a magnetic inexpensive. User may easy to duplicate
strip placed on a plastic encode cards to further and/or copy
card reduce costs. Works
well in a dual-tech card
package with Photo ID.
Wiegand Card embedded with Easy to use, high in Limited number of
ferromagnetic wires to security and has a long site/facility codes and
form a unique code life.Can be used with card numbers available
Photo ID systems

51
 Card Reader Technologies Cont…
TYPE Principal Advantages Disadvantages

Proximity Card containing a No wear on cards or Cost of cards has come

micro-circuit. When readers and promotes down in recent years
placed close proximity long life. Hands free and chip can be
to a reader, card will installation is possible. damaged activate and send
data High on security. Can
be interfaced to most access control
systems and comes in
various packages
Smart Card Plastic card embedded Requires less hardware High costs of cards at
with integrated-circuit than most access card present,
chip. Card has both systems and can be microprocessor
and integrated with
coded memory biometrics. Can be used
for other applications other than access
control.

52
 Access Control - Readers
• Reader must match the card
technology
• Select best technology for
the application. Consider:
– Security
– User throughput
– Cost
– User acceptance
– Ease of use
– Weather resistance
– Mounting
53
 Access Control - Readers
• Reader ID technologies fall into
3 groups
– Knowledge based
• Use of pin’s and
keypads
– Possession based
• Card has
information
– Biometric based
• Hand geometry
• Fingerprint
• Retina scan
• Voice verification
• Handwriting
 Access Control – Locking Device

Door configurations
determine type and style
of lock
– Magnetic lock
– Electric lock
– Shear lock
– Throw bolt or plunger

• Fail-safe vs. Fail-secure

• Valid read unlocks door
55
 Access Control – Door Position Switch

Function is to monitor door

position
• Door force
– Entry or exit without authorized
request

• Door prop
– A valid entry or exit request
followed by failure to re-secure
the door during allotted time

56
 Access Control – Egress Device (RQE)
Function is to unlock door
and to momentarily mask
door position switch.
Numerous styles and
function.
– Push button.
– Exit bars.
– Motion detectors.

• NOTE: must meet all AHJ

codes and all fire/life safety
requirements must be met.
 Access Control – Controller

• Single door with integrated

reader/controller
• Single door with separate
reader and controller
• Multi door with separate
reader and controller

• Controls all functions and

controls of the door(s)
• Most today use distributed
processing

58
 Access Control - Software

• Provides central programming,

monitoring and control of one
or multiple controllers
• Provides real time monitoring
• Provides for storage and
customized report generation
• Typical configurations are:
– Central Station Based
– On-Site Based
– Shared

59
 Access Control – Code Compliance

• AHJ – building inspector, fire marshal

• Building / electrical codes
• Fire codes / life safety
• ADA
• UL 294, UL 1076, electrical safety
• NFPA 101 (delayed egress)

60
 Access Control – Wiring Standards
• Follow manufacturer’s guidelines
• Twisting prevents wire from acting as an antenna
• Shielding helps stop RFI and EMI from being given off and
absorbed
• For powered devices, wire size critical to proper operation
• Stranded wire is preferred type
• Do not install lock control wiring in same conduit as other
circuits
• Avoid running wires near lights and other devices that may
cause interference
• Determine if plenum or other special rated wire is required
61
The following are some of the systems that
are included in access control systems:
Proximity:
These control systems are installed at the entry of a facility with a door lock system connected to it. When an
authorised person tries to access the system by using any means of a security key, the system verifies the data
saved in it with the en tered key and allows the user to enter the premises.
The following image shows a proximity security system:

Fig. Proximity security system

RFID CARD (SMART CARD) RADIO FREQUENCY
IDENTIFICATION READER (RFID READER)
• RFID methods utilize radio waves to accomplish this. At a simple level, RFID systems
consist of three components: an RFID tag or smart label, an RFID reader, and an
antenna. RFID tags contain an integrated circuit and an antenna, which are used to
transmit data to the RFID reader (also called an interrogator).
• Passive RFID systems use tags with no internal power source and instead are
powered by the electromagnetic energy transmitted from an RFID reader. Passive
RFID tags are used for applications such as access control, file tracking, race timing,
supply chain management, smart labels, and more. The lower price point per tag
makes employing passive RFID systems economical for many industries.
• Active RFID systems use battery-powered RFID tags that continuously broadcast their
own signal. Active RFID tags are commonly used as “beacons” to accurately track the
real-time location of assets or in high-speed environments such as tolling. Active tags
provide a much longer read range than passive tags, but they are also much more
expensive.
Door Lock:
• The door lock systems are systems which are attached to the doors and keep the
doors locked with magnetic or mechanical locks. When an authorised person unlocks
the door after verifying the identity through a key, the door mechanism allows the
user to enter the facility.
• The following image shows a door lock security system:

• Fig. Door lock security system

Radio frequency identification (RFID)
System:
• In these systems, the security control system scans the tags through a radio
frequency and then verifies the identity through the saved data. This is mostly seen
in card verification systems used in office areas. The following image shows an RFID
security system:

• Fig. RFID security system

Card Reader ST100 (Felix Model)
Smart Card:
• In this type of systems, the information of an authorised individual is filed in a card
with a magnetic strip, and when the user swipes the card through the security
system, the identity is verified, and the individual is allowed access.
• The following image shows a smart card security system:

• Fig. Smart card security system

PIN Access:
• This system allows the user to enter a numeric PIN as a key into the security system
and then, allows the user to enter the facility.
• The following image shows a PIN access security system:

• Fig. PIN access security system

Time Attendance machine

Time and attendance systems (TNA) are used to track and monitor when employees
start and stop work. A time and attendance system provides many benefits to
organizations as it enables an employer to have full control of their employees working
hours as it monitors late arrivals, early departures, time taken on breaks and
absenteeism [1]. It also helps to control labor costs by reducing over-payments, which are
often caused by paying employees for time that are not working, and eliminates
transcription error, interpretation error and intentional error. TNA systems are also
invaluable for ensuring compliance with labor regulations regarding proof of attendance.
All of these benefits provide both employer and employees with confidence in the
accuracy of their wage payments all while improving productivity.
Time Attendance machine
• Modern automated time and attendance systems like ClockIt simply require
employees to touch or swipe to identify themselves and record their working hours
as they enter or leave the work area. Originally this consisted of using a RFID
electronic tag or a barcode badge but these have been replaced by bio-metrics(vein
reader, hand geometry, fingerprint, or facial recognition), and touch screens devices.
Modern biometric TNA systems offer additional benefits[2] over traditional manual
systems which include
• Faster processing of employees as attendance can be recorded with just one
touch or a quick scan
• Fraud prevention by eliminating duplicate and fake registration
• Saves time as attendance can either be integrated directly with your payroll
system or it can produce a report that can be downloaded or printed
• Improves punctuality and reduces long breaks and absenteeism
Keypad
Keypads are a great way to let users interact with the project. It can use them to
navigate menus, enter passwords, and control games and robots.
• A series of switches that are systematically arranged to be able to provide a
range of data depending on their combined states
• 4x3 keypad – common arrangement used for keypads
• Membrane/casing format keypad are popular in installation fixtures for its
minimalist design and structure
• Beneath each key is a membrane switch. Each switch in a row is connected to the other
switches in the row by a conductive trace underneath the pad. Each switch in a column is
connected the same way – one side of the switch is connected to all of the other switches in
that column by a conductive trace. Each row and column is brought out to a single pin, for a
total of 8 pins on a 4X4 keypad:
Pressing a button closes the switch between a column and a row trace, allowing current
to flow between a column pin and a row pin.

The schematic for a 4X4 keypad shows how the rows and columns are connected:
Biometric Devices
• Fingerprints
• Hand Geometry
• Retinal Patterns

First, Second, or Third Layer of Defense

ACCESS CONTROL SYSTEM
Biometric
• Biometrics is the technical term for body measurements and calculations. It refers to
metrics related to human characteristics. Biometrics authentication (or realistic
authentication) is used in computer science as a form of identification and access
control. It is also used to identify individuals in groups that are under surveillance
• Biometric identifiers are then distinctive, measurable characteristics used to label
and describe individuals. Biometric identifiers are often categorized as physiological
versus behavioral characteristics. Physiological characteristics are related to the
shape of the body. Examples include, but are not limited to fingerprint, palm veins,
face recognition, DNA, palm print, hand geometry, iris recognition, retina and
odour/scent. Behavioral characteristics are related to the pattern of behavior of a
person, including but not limited to typing rhythm, gait, and voice. Some researchers
have coined the term behaviometrics to describe the latter class of biometrics.
Biometrics:
• These systems use biometric identification as a key to access any facility. This may
include finger print scans, retina identification, facial identification and so on.
Biometric access systems are more accurate than other access systems as they are
difficult to be broken.
• The following image shows a biometric security system using finger print access:

• Fig. Biometric security system

• More traditional means of access control include token-based identification systems,
such as a driver's license or passport, and knowledge-based identification systems,
such as a password or personal identification number. Since biometric identifiers are
unique to individuals, they are more reliable in verifying identity than token and
knowledge-based methods; however, the collection of biometric identifiers raises
privacy concerns about the ultimate use of this information
Types of Biometric
• Face recognition
• Of the various biometric identification methods, face recognition is one of the most
flexible, working even when the subject is unaware of being scanned. It also shows
promise as a way to search through masses of people who spent only seconds in
front of a "scanner" - that is, an ordinary digital camera.
• Face recognition systems work by systematically analyzing specific features that are
common to everyone's face - the distance between the eyes, width of the nose,
position of cheekbones, jaw line, chin and so forth. These numerical quantities are
then combined in a single code that uniquely identifies each person
Fingerprint identification
• Fingerprints remain constant throughout life. In over 140 years of fingerprint
comparison worldwide, no two fingerprints have ever been found to be alike, not
even those of identical twins. Good fingerprint scanners have been installed in PDAs
like the iPaq Pocket PC; so scanner technology is also easy. Might not work in
industrial applications since it requires clean hands.
• Fingerprint identification involves comparing the pattern of ridges and furrows on
the fingertips, as well as the minutiae points (ridge characteristics that occur when a
ridge splits into two, or ends) of a specimen print with a database of prints on file.
Hand geometry biometrics
• Hand geometry readers work in harsh
environments, do not require clean
conditions, and forms a very small dataset. It
is not regarded as an intrusive kind of test. It is
often the authentication method of choice in
industrial environments.
Retina scan
• There is no known way to replicate a retina. As far
as anyone knows, the pattern of the blood vessels
at the back of the eye is unique and stays the same
for a lifetime. However, it requires about 15
seconds of careful concentration to take a good
scan. Retina scan remains a standard in military and
government installations
Iris scan
• Like a retina scan, an iris scan also provides unique biometric data
that is very difficult to duplicate and remains the same for a
lifetime. The scan is similarly difficult to make (may be difficult for
children or the infirm). However, there are ways of encoding the
iris scan biometric data in a way that it can be carried around
securely in a "barcode" format. (See the SF in the News article
Biometric Identification Finally Gets Started for some detailed
information about how to perform an iris scan.)
Signature
• A signature is another example of
biometric data that is easy to gather and
is not physically intrusive. Digitized
signatures are sometimes used, but
usually have insufficient resolution to
ensure authentication
Voice analysis
• Like face recognition, voice biometrics
provide a way to authenticate identity
without the subject's knowledge. It is
easier to fake (using a tape recording); it is
not possible to fool an analyst by imitating
another person's voice.
Advantages of Biometric systems
• Advantages of Biometric systems Biometric recognition has several advantages
compared to the traditional access system with simple passwords and IDs.
• • Users do not need to remember passwords
• • Users need not have to carry an ID card
• • Unless the person is physically present, access is denied.
• No impersonation of identity is possible Physical Security and Biometrics
• • Biometric traits cannot be stolen or duplicated
• • Biometric systems are hard to break
• • Biometric systems have good accuracy
• • With the advent of the computers, the declining cost of computers, the cost of the
biometric systems have significantly reduced
•
Scanner Systems
• Scanner systems are automated systems which check the identity of any individual by
checking a unique pattern and comparing it with the records. These include card
scanner, finger print scanner and so on.
• These are more reliable as they are accurate and can be used at a greater level for a
large number of users.
• • Door Frame Metal Detector: These are systems which are installed at the
entry of any facility to check the entry of any unwanted substance such as metal
objects (which are objectionable). This allows individuals to pass through it and
checks by electromagnetic radiation for any unwanted material, if detected the alarm
turns on.
Closed Circuit Television
Interior CCTV - alarm
Assessment, card reader door
assessment, emergency exit door
assessment, and surveillance of
lobbies, corridors, and open areas

Exterior CCTV - alarm

Assessment, individual zones and
portal assessment, specific paths
and areas, exclusion areas,

First, Second, or Third Layer of Defense