The Access Control System (ACS) based on RFID

Price, security and convenience

In the simplest cases where the high level of security is not required, and the budget selected for the organization of a system is small, for creation of SKD the EM Marine standard is used. All cards and readers of this standard work at frequency of 125 kHz, and they are set at most small and medium-sized enterprises. In addition to low cost such systems are attractive to the user also a variety of proposed solutions. At least, they allow to organize access control through one-two doors and as at most — to create modern network IP solutions with a scaling option. In such cases IP controllers (for example, Smartec, Perco, Parsec) which allow to connect to the general control system of access not only one local office, but also geographically distributed filial structure are used.

Time recording

It is represented very convenient on one hardware base from SKD to organize as well the system of accounting of working time (SAWT). The software of Timex which supports work of control systems of access based on the equipment Smartec, Lenel, Keri Systems and Hirsch Electronics well is suitable for these purposes. For integration with other SKD and also with ERP systems (including with 1C) Timex software developers created the special SDK module. Using the data collected by RFID readers and SKD controllers, the program creates different types of reports: a time recording with grouping on the employee or by date, delay for work, early goings and also summary reports where total values of working off, regulation, processing, delay, etc. are displayed.

Besides, Timex can be used for creation of an independent system of accounting of working time where as hardware base RFID readers of different producers can be used. Let's note also that in the similar systems on an equal basis with radio frequency identification application of budget biometric solutions is possible. If at the enterprise there is already the general network structure, then it is possible to unroll the system covering all divisions of the company. And in one network and under control of uniform software (Timex) it is possible to integrate different types of controllers, RFID-and bioterminals. The ACS of the increased reliability

In comparison with budget EM Marine more 'advanced' standard in the field of radio frequency identification is iCLASS created by the American company HID Global entering into ASSA ABLOY holding. Cards and the readers iCLASS work at frequency of 13.56 MHz, and succeeded the proximity format of the same company (125 kHz). Data encryption at exchange between the card and the reader and, secondly, presence at the card of the internal memory where it is possible to write different applications belongs to main advantages of iCLASS, first.

For ensuring the protected data exchange in a chip of similar cards is available crypto - the coder for coding of the transmitted data. Depending on model memory of cards of iCLASS can make 2 or 16 KB and is divided into 2 or 16 sectors in which data for different applications are stored. Thus, one card can be used as for identification in SKD (including biometric), and for access, for example, to the personal computer or on the parking, for transactions with the virtual account and for work with many other applications.

In each sector of the card the key registers that allows to provide an authorized access to each application. The possibility of storage in memory of a similar smart card of a biometric template (for example, a fingerprint) allows to execute two-factor identification and to increase reliability of a control system of access even more, unlike a card the user will not be able to transfer the biometric sign to anybody.

Profitable combination

That the companies whose objects are already equipped with systems based on EM Marine, proximity or Wiegand technologies, could pass smoothly to more progressive format of radio frequency identification iCLASS, the HID company issues composite maps. In such cards along with the iCLASS chip the chip supporting the technologies taken out of service is built-in. With this purpose the combined readers capable to work with identifiers of different standards are issued.

Such variety allows to use, in addition, within one enterprise different methods of identification. For example, at the central office where it is required to provide the high level of security, it is possible to use identifiers of the iCLASS format, and in branches and departments — proximity or EM Marine. At the same time for access to all divisions to one employee only one card will be necessary (of course, if necessary here it is possible to enter access isolation). Exclusive control

Especially for corporate customers HID offers the iCLASS Elite program. Its advantage consists in use of unique key at data exchange between the card and the reader, i.e. for each company which passed to this program, HID releases the corporate key. This solution is the powerful tool for increased security on a controlled object, at the same time the cost of readers does not change, and cards become more expensive slightly.

RFID 'guards' an input in computer networks

Considering a problem of access restriction to the computer, it is possible to draw a direct analogy between the metal keys and passwords used for login. As well as keys, these passwords are undependable, require storing and easily are selected. Users often write them and use identical passwords for access to the different systems that sharply reduces degree of security of information.

Thanks to the solution HID on the Desktop, it is not more difficult to organize logical access restriction to the computer, than to control physical access for employees to premises of office of the company or the organizations. This system allows to use for 'input' in the computer the same cards using which the personnel 'open' doors. Similar approach combines the increased safety of access to Windows and computer networks with convenience of use of RFID cards. Within this solution it is possible to use cards of standards both proximity, and iCLASS and also recently developed HID company of a smart card Crescendo which along with the contactless chip are equipped with the powerful contact smart chip with the cryptographic coprocessor. In addition to identifiers, on cards of Crescendo it is possible to store different certificates and also to cipher, sign and send e-mail with their help.

Protective boundaries

The solution for restriction of logical access can be used as locally, for one or several computers, and it is global when it is implemented at the level of a corporate domain. In the latter case it is possible to create interesting sheaves between physical access control and domain structure of logical access. For example, based on the equipment and software of the Lenel brand it is possible to organize the structure of access consisting of several boundaries, i.e. so far the user does not pass an external boundary, access to internal to it will be closed. So, if the employee did not enter identification boundaries on an input the building, department, etc., it will not be able to enter a corporate computer network. Besides, all system can be customized so that when the user leaves a workplace and takes away with itself the card, the computer is automatically blocked, reducing thereby risk of date leak.

Thus, it is possible to tell safely that as a part of access control systems the RFID technology takes the strong settled positions and practically all fundamental standards of its use are already quite developed and conventional. Further development of the similar systems moves mainly in the direction of increase in level of their security and security of information. Also the increasing merging of SKD with IT-systems and expansion of opportunities in the field of the organization of logical access^[1] is observed^[1].

Notes