Poor Sister No More: Access Enters Spotlight, Again
August 1, 2010
Before everyone fell in love with their security video image, before there were millions of cameras from lipstick to megapixel, there were electronic access control systems, which were true revolutionary darlings.
Back when, pioneering access systems arrived as proprietary systems often on a dedicated Digital Equipment Corporation minicomputer, with a next step Wiegand card technology popping out of the R&D rooms at an East coast auto parts manufacturer.
Today, card access control systems are once again emerging from their workhorse profile to muscle onto the IP infrastructure more easily than video; migrate beyond proximity readers to multi-tech units that can mix smart cards and biometrics; and move from just opening doors to opening sensitive files as well as platform to other security and building systems.
No doubt, there is a huge installed base of legacy proximity technology, says Daiva Wood of integrator ADT Security Services. Now there is wireless to and from readers, Web-enabled interfaces, third party monitoring or what’s called by the IT folks software as a service (SaaS) and myriad biometrics, adds Wood. Integration with other systems has exploded. At seaports, for example, it is not uncommon that card access is integrated with sonar, radar, and iris scanning technology as well as into various homeland security databases, he points out.
Synergy Through IntegrationJohn Kenning, who heads the commercial side of ADT, also sees synergy and strength when combining video, especially analytics, with access controls in addition to traditional intrusion and fire. It brings value to the security director through a more intelligent managed service, he believes. Kenning aims at integration through multiple locations as he seeks out the best technologies linking into to a single platform.
Access software as a service is a hit with Larry King, CEO of Shape.net, which provides software to health clubs, wellness centers and personal trainers. King recently partnered with Brivo Systems to provide 24 hour access control to health club clients. Security 101, Birmingham, Ala., designed and implemented the system. “Three years ago, if a gym owner asked if we offered 24-hour access capabilities and we said no, they would just keep on walking,” says King. “Now, as soon as I say we offer 24-hour access, it’s a done deal.”
The Shape.net integration is made possible by XML Application Programming Interface, which allows different systems to exchange data in the XML standard so they can “understand” one another. “We’ve always had 24-hour access, but never such a user-friendly system,” adds Karrah Hunt, general manager of 24/7 Health Club and Tanning Salon in Huntsville, Ala. “If our staff has any problems when I’m not there, I can easily log onto the system at home from my own computer and correct the problem.” Hunt manages multiple locations using her Brivo ACS WebService-Shape.net integrated system. When a new member is enrolled, she can instantly assign which facilities the client can access. 24/7 Health Club’s clients don’t even need to carry access cards anymore: they are now granted access using biometric fingerprint readers at each site.
While individual clubs decide if they want to go 24 hours a day, the access control partnership can let operations cover entry doors and other interior facilities. “There is also the ability to better protect day care centers in some clubs as well as provide more secure access into men’s and women’s facilities, too,” says King. “Our management system and the Brivo system are synched and makes Web-based management services are better, more secure experience for customers as well as our clients.” Club owners also have the ability to set up a notification rule to email or send a text message.
Client information stored with Shape.net is automatically transferred to that customer’s system without manual intervention, so gym management no longer has to hassle with constantly clicking an external utility to update or sync accounts – data is transferred immediately.
Remote Access MonitoringShape.net customer Hunt monitors both of her locations using the email and text notification feature and through video feeds from integrated digital video recorders (DVRs). The DVRs allow Karrah to monitor who enters, making sure multiple individuals don’t enter under one account. Hunt and her staff manage more than ten doors, including access to tanning rooms, on-site day care facilities and even the ladies’ locker rooms.
While there is much talk about IP, there are other options. Software House and Deister Electronics see promise in RS485 multi-drop, for example. According to Deister’s Bill Nuffer, in certain circumstances, RS485 can offer advantages such as lower cost, longer range and extended multi-drop capability along with the extension of physical access control system communications methodologies. RS485 was a standard communication technique for many systems in the early days of access control. At the level of enterprise software and controllers, this has almost entirely been replaced by Ethernet. But RS485’s time has come again – not at the enterprise software/controller level but at the door/reader level.
Deister does not claim that RS485 is somehow a substitute for or even a better alternative for TCP/IP. Ethernet offers a powerful alternative and is, in fact, the best alternative for many applications when considering system cost (additional switch ports, etc.), wire run length and/or star wiring required from switches.
Flexibility is a key for readers and access integration with video and other applications. A recent advance, 802.3at-2009 Power over Ethernet (PoE) Plus Standard, recently ratified by the IEEE, defines the technology for powering a wide range of powered devices at higher wattage over existing CAT5e and above cable.
In addition, and at some level, Deister’s proxSafe radio frequency key and asset management systems will be integrating with Software House access systems, playing on the ability of access software to integrate with other systems to go beyond the door. In this example, there is greater security and auditing of RFID electronic key management systems.
While integration continues to impact access hardware and software, another crucial point of influence centers on what government has done to standardize and enhance worker cards.
Simple ID cards and badges are, of course, used to prove authorization to enter a protected space. Whether visually verified by a security officer or electronically using a card access system, there is a serious challenge. Both check whether or not a credential is authorized to enter a protected area. They fail, however, to verify that the card belongs to the person presenting it, that it is an original unaltered credential, and that it has not been revoked. Credential verification solves this problem by ensuring that a personal identity verification (PIV), transportation worker identification card (TWIC), first responder authentication card (FRAC), or the common access card (CAC) credential and its cardholder match and are currently valid.
Such advances have themselves encouraged a kind of higher level integration among providers of access software. Earlier this year, for instance, Honeywell and Codebench came together through their security management system and PIVCheck. The integrated solution has already been implemented at sites such as Delaware’s Port of Wilmington, the leading North American importation site for fresh fruit, bananas and juice concentrate. The system allows the port to comply with expanded TWIC regulations that require it to implement software that can read TWIC cards. It also allows port officials to access lists of unauthorized users and re-validate TWIC cards each day, once they are enrolled using the Honeywell system.
Check That Revocation ListThat’s an important element, as it’s a way for enterprise and government security leaders to leverage existing access control infrastructure. It’s that constant tie to a revocation list that strengthens security and meets government requirements.
While there are government, software and card improvements, nothing seems to have racked up a higher access score than open standard communications platforms that have changed the way security directors view and control traditional security and other building management systems.
In the past, security control systems and building systems were controlled as separate entities with no physical or logical connection. Today, managers are more aware of the increased efficiency available by converging all of the different systems that are required to run a large or distributed facility. Whether this is manifested in direct personnel cost-cutting or indirect energy saving procedures, the financial savings are extensive.
Technological advances such as the Internet allow us to transfer and manage the most sensitive of data quicker and safer than ever thought possible. And, crucially, the proliferation of open platforms, such as universal plug and play or UPnP, breaks down the barriers to the convergence of security and building systems by providing a single language with which all of the different kinds of systems can communicate with each other.
As with other openness movements, there is an UPnP Forum, an industry initiative designed to provide simple but robust connectivity among consumer electronics, intelligent appliances, computers and mobile devices from different vendors. For the past decade, the UPnP Forum has led the industry in driving the development and adoption of standards for device interoperability for IP-based networked devices. Since its formation in 1999, it has developed a device architecture and interoperability interfaces recognized by the International Organization for Standardization and the International Electrotechnical Commission as the world’s first international standard for device discovery and control on IP networks.
Simplicity is also an access goal for smaller installations such as the Colorado State Veterans Nursing Home in Walsenburg.
Simplicity is also an access goal for smaller installations such as the Colorado State Veterans Nursing Home in Walsenburg.
The nursing home is a 120-bed long term care facility for the country’s veterans and their spouses. It provides care to veterans from the region and nearby states. Built in 1993 and adjacent to Spanish Peaks Hospital, the nursing home offers a bright, modern and comfortable atmosphere with views of the nearby mountains and state park lakes.
Meeting Access ChallengesAn inoperative door was a final breaking point for the facility’s Anthony Aldretti. That’s when he called consultant Earl Truncer, who had visited with him in the past, discussing online and wireless access control systems. According to Truncer, the facility had a series of access control challenges including:
• The facility is an “L-shaped” building with the veteran’s home on one wing and the hospital on the other. Medical and staff personnel go back and forth regularly.
• The facility provides meals to the nearby prison. Prison personnel pick up the trays of food and later return the trays.
• On very cold nights, the homeless are permitted to stay within specified areas of the hospital.
• The combination hospital/nursing home has 200 employees and 20 doors that need locking.
Knowing of the facility’s then key-based system and the access control needs of the hospital/nursing home, Truncer put Aldretti in touch with Russell Bogner of Colorado State Safe & Lock in Colorado Springs. Bogner had recently installed Schlage’s bright blue embedded system at several Colorado locations and Truncer felt that it would provide a solution that Aldretti would like. According to Bogner, the proposed system is especially for smaller facilities. “Bogner was right,” emphasizes Aldretti. “We had already used other systems with all the bells and whistles that we didn’t need and never used. They were just too cumbersome.” So the facility upgraded from keys to proximity readers and keyfobs which authorized users keep on their keychains.
“Administrators found that the system is self-explanatory,” assures Aldretti. “As with other Web applications, it is simply accessed with a user name and password. Being so easy to use, we look forward to expanding the system into additional buildings at the medical center.” Aldretti’s boss, Support Services Director Dave McGraw agrees. “We like the reliability this embedded system provides. We wanted a system that we could count on to control access at our perimeter doors, especially for those emergency occasions that happen, including when we need to isolate an incident. It was important that we could lockdown with as few steps as possible.” Lockdown is a simple click of the mouse.
“We also wanted to keep expenses down by using whatever we already had,” adds McGraw. Although much of the facility was key-based, there were a few standalone doors being controlled electronically and being accessed with proximity keyfobs. “We issue keyfobs to personnel on an as-needed basis,” McGraw adds. “What is especially helpful is that now we can issue different levels of security to various individuals. Some people can access all doors; others can only access some doors. Others can only access doors at certain times of the day. To date, we’ve issued about 75 keyfobs, primarily to supervisors, managers and those who must enter after hours.”
Disposable Access CardsFrom small to large installations, covering special doors or integrated with building controls or security video, the hardware and software can handle a lot. But card access control systems also can work with or instead of security officers. With commercial, corporate and multi-tenant facilities, says Jess Johannsen of Universal Protection Security Systems, access control is a matter of information, whether is it validating through checkpoints or electronic visitor management. Johannson sees value in disposable smart cards – what he calls Site-Control – that is more common in the transit industry.
Site-Control systems can remotely manage myriad aspects of a building, including card access, security video monitoring, intrusion detection, elevator control, HVAC/energy management, parking control and visitor entry. The approach can also be set up to allow clients or visitors access through self-operated kiosks which can capture a photo and issue an ID.