How to Design and Choose Access Control System?

Designing an access control system solution requires making decisions on seven basic issues. This article is intended to help you understand the seven steps, options, and trade-offs involved in designing an excellent access control system solution.

1. What Kind of Electric Lock for Access Control System Should I Use?

There are many locks available for access control doors, and all locks have their applications.

1) Electric Lock

The electric lock replaces the latch plate on the door frame (the metal plate on the door latch) and unlocks when powered on.

2) Electromagnetic Lock

The most common access lock, electromagnetic lock, or magnetic lock is composed of coils around the metal core, which will generate a strong magnetic field when energized. The magnetic lock is usually installed on the door frame, and the door is equipped with a matching plate. In the locked condition, the magnet remains energized and fixes the plate on it. When the door is unlocked, the power is cut off and the door is released.

3) Electrification Hardware

The most inconspicuous method of an electrified door is to put the locking mechanism in the door hardware itself. These may take the form of the mortise or cylinder locks or export emergency hardware. When powered on, either form will retract the latch to open the door. In addition to exit requests, these locks can also have door position switches (DPS), so the door needs fewer devices.

2. What Kind of Reader Should You Use?

The reader allows users to request to unlock the door and has multiple options.

1) Keyboard

A simple form of access control in which the user enters his or her PIN code on the keyboard device to open the door. The keyboard has the security flaws inherent in the above PIN.

2) Card Reader

At present, there are many card reader technologies used in the industry, including contact and non-contact. The contact reader includes a magnetic strip, Wigan, and bar code. Among the three magnetic stripes, the magnetic stripe is the only technology that is still widely used. Barcode has some uses, mainly for legacy systems, but it is easy to copy because it can be copied. Magnetic stripe readers are still frequently used in university campuses and other facilities, especially where cards are used for other purposes other than simple access.

The magnetic stripe is very common in cashless payment, but now many applications are replaced by smart cards. By inserting foreign objects or even chewing gum into the slot, the contact reader is easily damaged by the saboteur. This is one of the reasons why contactless inductive cards are becoming more and more common.

Contactless readers include standard sensing, contactless smart cards, RFID, and other technologies, some of which are proprietary to specific manufacturers. HID inductive card reader is the most widely used technology in access control so far. Almost every manufacturer supports it and many resell it.

No matter which specific card reader you use, for this discussion, the technology is basically the same: the card reader emits a magnetic field, excites the coil on the card, and then transmits the embedded number to the card reader. The price of smart card technology is high when it is introduced, so it improves the acceptance and utilization rate and decreases as the technology matures. Smart card prices are now generally in line with the standard proximity.

3) Biometric Identification

For the purpose of access control, we usually see the use of one of three or four biometric readers: fingerprint, iris, hand shape, and retina. The fingerprint reader is the most common. No matter which reader you choose, you need to consider the following disadvantages:

Access times are usually longer than when using cards. In the high flux region, this may be a problem. For instance, you don’t want the factory workers having to filter through a biometric reader before accessing the building.

Biometric readers usually require additional weatherproof enclosures. This increases the cost and further slows down the visit time. In addition, many of these enclosures require employees to manually open and close them, which increases the risk of human error. Failure to close the weatherproof housing after use may damage the reader.

Compared with a card reader, the biometric card reader is expensive. Although the price of the card reader is between $150-200, the price of the biometric card reader usually exceeds $800. This is partly offset by the cost of eliminating the card.

No matter which technology you choose to deploy, you must consider the appearance factor (aesthetics). The card reader has a variety of external dimensions, from micro to super large, depending on the application. For example, the mini card reader can be used on the aluminum frame door, while the 12-inch square card reader can be placed at the entrance of the parking lot for a better reading range. Generally speaking, the reading distance of the card increases with the size of the card reader. The standard reading range is between one and four inches.

3. What Else Do I Need to Do at the Door?

The motion sensor and/or the request exit button allow people to leave freely. The activation of these sensors sends a signal to the access control that someone is exiting. If the door is open (the door position switch (DPS) reports the open status) without sending a request to exit (RTE) first, the access control system will interpret it as a forced door alarm. For convenience, motion sensors usually prefer to exit the requesting device.

However, some factors must be considered when using the magnetic lock. In the United States, life safety regulations require a method to physically disconnect the power supply of the magnetic lock. This is to prevent the access control system from failing. If the system no longer receives the exit request signal or fails to unlock the magnetic lock when receiving it, the door cannot be opened. For this reason, you often see a request to exit the motion sensor and a button for the magnetic lock door. Motion sensors for daily use, and buttons for emergency or system failure.

Of course, all the above equipment needs a power supply, so a power supply is another consideration when designing the access control system. There are three ways to power the door equipment:

1) Centralized Power Supply with Access Control Panel

This is the simplest method. It requires the lowest operating voltage, so it can reduce the cost. However, the voltage drop may become a problem, so it must be calculated to take it into account.

2) Door Local Power Supply

This is common when using electrified hardware. The power consumption of live equipment is usually much greater than that of magnetic lock or electric shock, so a local power supply is installed to avoid voltage drop. The disadvantage of this is that it adds another failure point instead of a single central power supply.

3) Power over Ethernet (POE)

Power over Ethernet is used to power single-door (or, in some cases, double-door) controllers, which in turn power all connected devices. According to our experience, this is usually enough to power the typical strike and small magnetic lock, but not enough to power the latch retraction device. Power consumption also varies from manufacturer to manufacturer, so care must be taken to ensure that there is sufficient power to operate the selected lock.

No matter which method you use to power the equipment at the door, you may need to consider the fire alarm interface. Generally, doors on the exit path need to allow free exit in case of fire. Please note that this does not necessarily mean that they must unlock, which is a common misconception. Doors equipped with electric locks need not be unlocked if they are also equipped with emergency hardware. Maglocks are required to unlock in almost all cases. Please keep this in mind when considering locks for your access control system, because if a magnetic lock is used, simply pulling the fire alarm may make the building completely fragile.

We also recommend the use of monitoring power in access control applications. These power supplies provide contact closure in case of AC failure or battery failure in case of standby power supply, so as to remind the access control system that the door is powered off. This allows more active monitoring, rather than waiting for the user to find that the door is not open, or in the case of a magnetic lock, it is not locked.

If the integrated access device is not mentioned, the discussion of the door device will be incomplete. These devices build card readers, locks, DPS, and RTEs into the hardware of the door. They can be wired or wireless, network-based, or open platforms. They reduce labor costs by eliminating the need to install multiple pieces of equipment, but they do require more professional skills.

Replacing locks and emergency hardware can be tricky and requires a strong knowledge of hardware applications. In the case of such wired equipment, the door must also be “cored”, which means drilling a hole in the entire width of the door so that the cable can pass through it from the hinge side, which requires special equipment. This wireless lock greatly reduces the number of cables that must be operated, but it also has its own problems

4. How Do I Choose the Right Access Control System?

There are three types of management in the access control system:

1) Embedded

Also known as network-based or serverless, the access control system is managed completely through the access control panel, web interface, or occasionally through software. In general, the function of this method is somewhat limited, because the operations that can be completed in standard browsers applicable to all platforms (Windows, Mac, Linux) are limited. Registration and logging functions are easy to obtain, but real-time monitoring is more challenging. The cost is reduced because there is no need to provide servers

2) Server-based

In most cases, the access control system is managed, managed, and monitored on a central server. The client software installed on the management or monitoring computer connects to the server to perform the necessary functions.

3) Trusteeship

The managed access control system is managed by a central server, which manages multiple end-user systems from the “cloud”. The only hardware required on site is the access control panel with an internet connection. The user interface usually makes managed access a combination of Web-based and server-based management through a Web portal. The hosting company must manage the system like the traditional server-based system, but for users, all interfaces are conducted through the network. Managed access also introduces a continuous monthly fee to host the access system, and the increased cost needs to be considered and weighted in your financial cost/benefit analysis.

When selecting the access control system, please consider what functions you need at present and the future development direction of the system. Some questions to ask:

Does it use a standard card reader? Not every system uses compatible readers. Some manufacturers only support proprietary readers. If the system is changed to products from different suppliers in the future, these readers usually need to be replaced. Others use different cabling topologies, which usually require fewer cables to connect to each door, usually one cable. All devices on the door are connected to smart card readers or small controllers. If you are worried about facing the future (usually and should be), please select a system using a standard cabling scheme.

Another consideration when discussing the “openness” of the system is whether the selected manufacturer uses open platform control panel hardware or their own proprietary panel. If the system is running on open hardware, most front-end panels can be reused when changing to competitive systems, even if not all of them. For small organizations with only a few doors, open platform hardware may not be a problem.

If the required feature set is small and the possibility of mobility and expansion is low, then a proprietary Web-based platform is sufficient. However, for enterprise-class systems, it is strongly recommended to use non-proprietary hardware to avoid the plight of a single vendor.

In addition to the typical access control scenario, we may encounter some special use cases of access control:

• There are two ways to restrict access to the elevator.

Call the elevator car after reading the valid card instead of pressing the button. This method places a single reader outside the elevator. The user shows his or her credentials to call the car. Once entering the elevator, the user can enter any floor he or she chooses. This is a simpler and cheaper access restriction method because only one reader needs to be installed, but if you need to access a single floor, it may not be applicable in all cases.

Individual floors can be selected according to the provided credentials. In this case, when the user enters the elevator, the floors he or she is restricted to enter are lit, while the floors they are not allowed to enter remain off. They will only be allowed to take the elevator to the floors they have access. This method has many disadvantages, but if such security is required, it may be inevitable. First of all, it needs to install a card reader in the car, which needs to interface with the accompanying cable of the elevator or use wireless transmission. Secondly, it requires the input and output of each floor to activate and deactivate each button, which may be labor-intensive, depending on how many floors there are in the building.

• Harsh environment

When using access control in a harsh environment, all equipment in the system must generally be intrinsically safe, also known as explosion-proof. This means that the equipment will not produce sparks and may cause explosions. Although there are card readers specially produced for these environments, they usually include standard card readers installed in explosion-proof instrument housings, which can be easily obtained from electrical dealers and easily manufactured in the field.

• Call together

A function of some access control systems is to summon employees leaving the building through designated readers or reader groups. Therefore, in an emergency, security, and safety personnel may see how many employees and visitors are still in the facility. Dedicated wireless readers can also be used for collections. In this case, the security personnel carry the reader and ask employees to swipe their credentials when they arrive at the assembly point.

5. Is the Benefit of designing the Access Control System Proportional to the Cost?

When it comes to designing the access control system, we should first consider the cost. The access control electronic system is more complex and safer than the traditional key lock. However, most people still use keys. The reason is simple: cost. The industry average price of electronic access control is $500 to $2000 per installed door. On the other hand, the price of locks is between $50 and $500, depending on the security level required.

Although the electronic system has many advantages over the key, the cost of each door is higher than the key/lock. Therefore, you may determine that the cost of the electronic access control system is economically unreasonable, or only some doors are worth installing the electronic access control system. To determine whether electronic access control is worth your project cost, please understand whether the following benefits apply to your use:

• Access control system simplifies the management of building access

There is no need to make keys and distribute them to employees or contractors. The certificate (permanent or temporary) is issued to the corresponding party. For example, I have a friend who is a custom bathtub supplier. Once he invited me to visit his office once. I found that the door of their company was installed with a smart door lock. He opened it with an access card. He told me that this smart door lock is very convenient. It is not only highly secure but also convenient for access management.

• The potential risks associated with misplaced or stolen keys are significantly reduced.

Generally, if the key to the external door is lost, best practices and common sense will force the facility to be reset to ensure that the facility is still protected even if the key falls into the hands of criminals. Re-entering the key is usually a huge expense. The cost of the lock cylinder is between $30 and $80, or even more, while the locksmith’s cost is as high as $70 per hour. Therefore, a four-door building will cost hundreds of dollars to replace the key every time it loses a key.

• Improved audit trail

With the key, it will not record who goes in and out of each door and when. Intrusion detection and monitoring systems may provide some ideas, but they are not so simple and detailed.

With keys, in many facilities, staff must manually lock and unlock the door at the beginning and end of the business. This takes time and carries the risk of forgetting or not locking the door correctly. The door controlled by the access control system, whether controlled by the card reader or not, can be automatically unlocked in the morning and locked at night as scheduled, or when the intrusion detection system is released and restarted.

If advantages are important to your project, capital investment in electronic access control systems may be a good project worth considering.

6. What Do you Protect through the Access Control System?

After answering why, what is the second question when planning access control deployment? What assets need to be protected? Doors that are infrequently used or only used by a few employees, such as closets, typical non-key offices, and mechanical spaces, may not be worth the cost of increasing access control unless the legal risk of high-value assets is expected. Check the usage of each door. If the door is not critical to your business, it is fair to fix the door with locks (keys and locks).

Here lists the typical space for application access control:

1) Outer Door

Generally speaking, the outer door is the first thing to ensure safety. This simplifies the process of entering the building, so the staff does not need keys, and at the same time, unauthorized personnel is excluded. Visitors may be directed to specific entrances where staff can receive them. Usually, this is done in one of the following two ways.

• Remote: In this case, visitors to the facility use walkie-talkies (audio/video is preferred) to talk to the reception staff or security personnel, and then the security personnel open the door remotely to let them enter.
• Face-to-face: In this case, visitors only need to enter the building through a group of unlocked doors and talk with the reception staff. In both cases, visitors may be completely rejected, or they may be allowed to enter the lobby or lobby of the building,

2) Gate

The entrance gate usually has no access control system. This moves access to the perimeter of the property. This is usually desirable in areas with high crime rates or in highly secure facilities. In combination with the monitoring and/or video interphone, the gate access control provides visual confirmation of who is requesting access. Remotely releasing the door for deliveries or visitors is then possible. By eliminating trenching and wiring costs, the wireless interface simplifies gate access control. Gates are usually controlled either through the interface of the gate operator or through a lock specifically designed for the application.

3) Human Resources and Accounting

Maintain and archive company confidential records, usually followed by.

4) Inventory and Warehouse Area

Storage rooms and warehouses can easily become targets of internal and external threats. Protecting access to these areas will reduce access rights, provide activity logs, and introduce additional barriers for anyone who intends to steal materials or equipment.

5) Data Closet

Network security is still a concern of companies of all sizes, and access control of data centers and server rooms has increased. Considering that the server room is usually the brain of organization operations, this is a good practice. There are special systems to protect the cabinets in large (usually multi-user) data centers.

6) Classroom

Because computers are a common target of school theft, it is usually necessary to lock the classroom. The electric lock installed in each classroom also provides a locking function, so in an emergency, the security personnel can lock the entire campus through one action.

7) Cabinet

Cabinets can be equipped with dedicated locks so access control can be transferred to specific assets instead of doors.

8) Key Control Cabinet

The management of keys for vehicles, cabinets, or other purposes is a necessary task for many organizations, even those that use electronic access control. Usually, these keys are placed in the cabinet or on the back plate. These places are very conspicuous and easily become the target of criminals. This risk can be reduced by using the safety installation cabinet with an electric lock. There are also more sophisticated systems for key management, providing control and audit trails to the level of a single key.

7. What Form of Authentication Do You Need and Who Are Allowed to Enter?

In access control, selective entry is a key objective. To do this, you need to select a technology for people to prove that they can legally access the portal. This proof usually belongs to the common mantra, you know, possession or something. Let’s look at the practical options used in the actual security system:

• Things you know

This is the most commonly used technology to access computers and the second most common technology in access doors. The best examples are passwords or personal identification codes. Because they are easy to share and steal from authorized users, most physical access control systems avoid using them as the only authentication method.

• What you have

This is the most commonly used technology in physical access and is best represented by a card or fob. The user carries this physical token with him and shows it at the entrance. It is generally considered more powerful than pin code because it is more difficult to copy. On the other hand, it can be copied, and the risk of shared cards is still a threat.

• What are you

This is the least commonly used technology in the security field, but it is generally considered the most powerful technology. Good examples include the geometry of fingerprints, faces, veins, and hands. These are hard to forge. However, biometric technology is still rarely used in statistics. Even for those cards that are considered to work well, the price rise makes it difficult for most people to justify it.

You can use these controls in combination. This method called “multifactor authentication” is very popular among security practitioners. You can perform dual or triple-mode authentication, which requires users to use passwords and cards or cards and fingerprints or both. If both fail, entry is refused. One of the advantages of this method is that it makes it more difficult for illegal users to enter. The biggest disadvantage is that it brings inconvenience to users. If they forget one, they will be locked out of the door and need more time and trouble to enter. Therefore, the number of authentication factors will generally increase with the overall security level or paranoid degree of the facility (for example, the apartment is a single factor, the military base may be a triple factor, and so on).