Access Control Gets Internet Injection
“By combining IP video and audio with access control, you have a complete solution for remotely managed access control, especially when it comes to concierge services where visitors or delivery personnel are allowed to access a remote, unattended location,” says Heiser.
This kind of open architecture, off-the-shelf integration approach has resulted in interoperability between what once was dissimilar functions, as well as dissimilar makes and models of access control hardware and software. Because of the security industry’s efforts toward standardization, the number of security manufacturers that now offer remote managed access has grown considerably.
Internet-Based Access Control Looks a Lot Like WAN Architecture
Security manufacturers commonly use network technology to perform the access control mission in industrial, commercial and government facilities.
The network architecture deployed in most remote managed access control systems using the Internet is nearly identical to that of any conventional wide area network (WAN). What is relatively new to access control is a built-in Web server, which, of course, gives people access to the system via the Internet.
Unlike older systems that used a proprietary operating platform, most of the managed access control systems made today receive software updates direct from the manufacturer over the Internet. In many cases the software is contained in flash memory.
Data storage in this environment is usually carried out with the help of an open database connectivity (ODBC)-compliant database. ODBC offers a standard software application programming interface (API) module for using database management systems (DBMS). The creators of ODBC wanted to make it independent of programming languages, database systems and operating systems.
S2 Se
curity’s S2NN IP-connected network nodes, for example, are designed using blade technology (multiple thin, modular electronic circuit boards). This allows security installers to add and remove features using plug-and-play methods.
Size of the Pipe Determines the Effectiveness of Services Offered
In the past, the most common methods of connection between a remote managed access control system and the point of command and control was through a dial-up connection or a leased line of some kind.
On the dial-up side, this often involved the public switched telephone network (PSTN), and because of the expense associated with using leased lines as a wide area network (WAN) arrangement, many companies were forced to use the former.
Use of PSTN for remote managed access control was largely successful, but because of data throughput limitations related to the size of the pipe employed for signal transport, efficiency was not the hallmark of these early systems.
The first obvious advantage to Internet use relates to throughput. Case in point, the data transmission rate using plain old telephone service (POTS) is 56kbps, whereas asymmetric digital subscriber line (ASDL) users can expect a data rate of 9 to 15Mbps. Thus, the primary determinant with regard to Internet speed is the Internet service provider (ISP).
“In the past, network latency has been cited as a major concern in security system deployment, but times have changed,” says Scott Stogel, cofounder and vice president, engineering, of Lakeforest, Ill.-based Digital Acoustics. “Today it is common to communicate between network points on opposite ends of the earth in less than 300 milliseconds. In a LAN environment the speed is a far faster.”
There are also downsides to the Internet, such as security and dependable, on-demand throughput.
“With the Internet and private [LANs] or IP networks, the network is a shared resource and some of those sharing it can’t be allowed access to the security system. This means that security of the system itself is an issue,” says Moss.
As anyone who has worked with the Internet knows, there are hackers who lurk about hunting for unprotected computers to victimize.
“Data theft and security are still a serious issue. To ensure privacy, encrypted networks, such as VPNs, can provide moderate protection, and end-to-end encryption [3DES and AES] can provide nearly totally secure links,” Stogel says. The use of high-end encryption, he says, requires consideration of import and export laws in certain countries, including the United States, Europe and Asia.
When the stakes are high enough, facilities that use the Internet for data transport could very well find themselves up against an adversary that specifically targets their access control data.
“Good products secure themselves, but many that were converted from proprietary-wired serial connections to TCP/IP did not,” Moss says. “Beyond that, because it’s a shared resource, there are no throughput guarantees and that means data may be transmitted more slowly than it would have been in a proprietary-wired system. In practice, though, this is rarely seen.”
Web-Based Access Control Data Needs to Be Protected
Because of the Internet’s inherent vulnerability, communication between remote managed access control systems and either a remote network or lone PC must be protected in some manner. There are numerous ways to do this, one being the use of Secure Sockets Layer (SSL).
SSL is an encryption method originally devised by Netscape that enables secure transmission of data over the Internet. The technology behind SSL turns on the use of key escrow encryption using a private and a public key. Where the public key is known to all concerned, only the user knows the private key. There are two browsers that currently use SSL, Internet Explorer TM and Netscape NavigatorTM.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
