Access control is a fundamental concept in security that minimizes risk to the business or organization. This system is a safeguard for selective restriction of access to a place or other resource while access management describes the process. The act of accessing may mean consuming, entering, or using.
There are two types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access control limits connections to computer networks, system files and data.
How It works:
To secure a facility, Access control systems perform identification authentication and authorization of users and entities by evaluating required login credentials that can include passwords, personal identification numbers (PINs), biometric scans, security tokens or other authentication factors. Multifactor authentication, which requires two or more authentication factors, is often an important part of layered defense to protect access control systems.
Access control system components
Components of an access control system include:
· An access control panel (also known as a controller)
· An access-controlled entry, such as a door, turnstile, parking gate, elevator, or other physical barrier
· A reader installed near the entry. (In cases where the exit is also controlled, a second reader is used on the opposite side of the entry.)
· Locking hardware, such as electric door strikes and electromagnetic locks
· A magnetic door switch for monitoring door position
· Request-to-exit (REX) devices for allowing egress. When a REX button is pushed, or the motion detector detects motion at the door, the door alarm is temporarily ignored while the door is opened. Exiting a door without having to electrically unlock the door is called mechanical free egress. This is an important safety feature. In cases where the lock must be electrically unlocked on exit, the request-to-exit device also unlocks the door.
Access control topology
Access control decisions are made by comparing the credentials to an access control list. This look-up can be done by a host or server, by an access control panel, or by a reader. The development of access control systems has observed a steady push of the look-up out from a central host to the edge of the system, or the reader. The look-up and control functions are by the control panel. The spokes communicate through a serial connection; usually RS-485. Some manufactures are pushing the decision making to the edge by placing a controller at the door. The controllers are IP enabled, and connect to a host and database using standard networks.
Implementing access control
Access control is a process that is integrated into an organization's IT environment. It can involve identity and access specific surroundings. The best practice of "least privilege" restricts access to only resources that an employee requires to perform their immediate job functions.
A common security issue is failure to revoke credentials and access to systems and data when an individual moves into a different job internally or leaves the company.