Access Readers and Tokens: Difference between revisions
Jump to navigation
Jump to search
Line 2: | Line 2: | ||
====Overview==== | ====Overview==== | ||
Identification in this context means uniquely identifying each user who presents at an access terminal or reader. Since the point of access control and physical security is to enforce a security policy, it is important to know which exact user is attempting to gain access to the resource in question. Some typical identification methods include: | |||
**Token ID | **Token ID | ||
**Username/user ID | **Username/user ID | ||
**Biometric | **Biometric | ||
Authentication means verifying that the user is who they claim they are. It is important to logically separate these, as our system may present different choices or use different methods for different users. Authentication methods for users include: | |||
**Something they have (a token) | **Something they have (a token) | ||
**Something they know (a password) | **Something they know (a password) | ||
**Something they are (biometrics/facial recognition) | |||
* | |||
====Considerations for Access Control==== | ====Considerations for Access Control==== |
Revision as of 00:09, 26 November 2011
Identification and Authentication Methods
Overview
Identification in this context means uniquely identifying each user who presents at an access terminal or reader. Since the point of access control and physical security is to enforce a security policy, it is important to know which exact user is attempting to gain access to the resource in question. Some typical identification methods include:
- Token ID
- Username/user ID
- Biometric
Authentication means verifying that the user is who they claim they are. It is important to logically separate these, as our system may present different choices or use different methods for different users. Authentication methods for users include:
- Something they have (a token)
- Something they know (a password)
- Something they are (biometrics/facial recognition)
Considerations for Access Control
- Method must be simple and reliable
- Users tend to bypass controls that are too burdensome
- Must not lock out legitimate users frequently
- Must not allow unauthorized users in to the extent possible
- Tailgating protection
- Pass-back protection
Types of tokens
Contactless (RFID)
Advantages
- No electrical connection to the outside world
- Can be mounted behind glass or inside a secure perimeter
- No keypad or contacts to require maintenance
Disadvantages
- Tokens can be interrogated be a third party
- Transactions can be snooped with RF listening gear.
Types of RFID Tokens
- Mifare
- Have read/write capability
- Basic encryption on-board
- Come unconfigured, all 'F' values
- Blocks of data are stored with encryption key after first write
- 1K,4K version available