Access Readers and Tokens: Difference between revisions
Jump to navigation
Jump to search
Line 20: | Line 20: | ||
**Tailgating protection | **Tailgating protection | ||
**Pass-back protection | **Pass-back protection | ||
====Types of tokens==== | ====Types of tokens==== |
Revision as of 23:59, 25 November 2011
Identification and Authentication Methods
Overview
- Identification in this context means uniquely identifying each user who presents at an access terminal or reader
- Token ID
- Username/user ID
- Biometric
- Authentication means verifying that the user is who they claim they are
- Something they have (a token)
- Something they know (a password)
- Identification and authentication may be combined, but need to be considered separately.
Considerations for Access Control
- Method must be simple and reliable
- Users tend to bypass controls that are too burdensome
- Must not lock out legitimate users frequently
- Must not allow unauthorized users in to the extent possible
- Tailgating protection
- Pass-back protection
Types of tokens
Contactless (RFID)
Advantages
- No electrical connection to the outside world
- Can be mounted behind glass or inside a secure perimeter
- No keypad or contacts to require maintenance
Disadvantages
- Tokens can be interrogated be a third party
- Transactions can be snooped with RF listening gear.
Types of RFID Tokens
- Mifare
- Have read/write capability
- Basic encryption on-board
- Come unconfigured, all 'F' values
- Blocks of data are stored with encryption key after first write
- 1K,4K version available