Tuesday, July 13, 2021

What Are the Four Objectives of Access Control?

Bio Matric

 

Access control systems are broadly classified into three types. There are physical access control system, soft access control systems and hybrid systems. The primary objectives of an access control system are identification, authentication, authorization, and integrity.

Let us look at these objectives in detail.

Identification

One of the main objectives of access control systems is the identification and management of individuals granted access with credentials.

The credential may be a smart card, a magnetic card, radio-frequency identification badge or biometrics. Some systems also allow for password-only authentication.

Where access to a particular resource is determined based on time, it is called time-based access control (TBAC).

Given that access control credentials are often abused by imposters to gain entry to restricted areas, identification helps to prevent any unwelcome guests from entering prohibited areas.

Authentication

Authentication is the process used to verify that someone who is claiming to have a certain position, identity, or right is the one claiming it.

One of the most important aspects of an access control system is its authentication features. Authentication is the process of identifying an individual or object based on their unique set of characteristics, which is referred to as their ‘identity.

Access control systems use a variety of methods to ensure credentials are not stolen or used to gain entry.

A credential may be as basic as a username and password to a smartcard, fob or biometric identification. But as with any new technology, it is important to check into reliability and quality of service.

Access Control Systems are often controlled by computers running custom software that can track the activity of each credential and allow access at peak times using time-of-day based security controls.

A good example of authentication in practice would be Two-factor authentication (also known as 2FA).

It is a combination of two different components, such as a password, token, etc., and something only the user possesses, like a USB Security Key, his/her fingerprint or an authenticator application.

The advantage of using two-factor authentication is that it is extremely difficult for criminals to hack into accounts.

Authorization

Access control systems are used to control and monitor access to physical areas. Access is controlled by issuing authorized identification cards or keys. The process of issuing identification cards and granting access is called authorization.

Access control can be achieved by physical barriers, such as locked doors or gates or by software-based security systems that control the flow of traffic. All of this is done through computer-based rules, badges, or cards and by people who make decisions about whether someone should gain access to a particular area or not.

Integrity

One of the objectives of access control systems includes ensuring integrity and accountability in the physical environment. It is best achieved through a combination of physical, logical and procedural controls, for example, user identification and proper maintenance.

Integrity is about making sure that every transaction is authorized. Accountability means ensuring that the person who carried out the transaction can be identified and be held liable for any consequences.

Bottom Line

Access control systems work by identifying a person attempting to enter and making a decision whether to let that person in or not. The next phase is to let the personnel know in case someone has breached the security boundary.

Once you know these objectives, you can better understand what access control systems can do and can figure out how to use them at your business premises.