Access Control (AC) in physical security refers to the measures and procedures used to restrict access to a physical space, facility or resource. This is done in order to protect the safety and security of people, information, and property within aa facility or organization.
AC systems typically use a combination of physical and technical barriers to limit access to restricted areas. Physical barriers can include gates, doors, turnstiles, fences, and security personnel. Technical barriers can include electronic locks, access cards, biometric readers, and surveillance cameras.
AC systems can be designed to allow access only to authorized personnel or visitors, and can also restrict access based on various factors such as time of day, specific location within a facility, or even individual credentials such as job title or security clearance.
Effective AC systems play a critical role in maintaining the security of facilities, assets, and people. They help prevent unauthorized access, reduce the risk of theft, vandalism, or sabotage, and provide a way to monitor and track who has accessed specific areas.
Types of Access Control
There are three main types of access control:
- Mandatory Access Control (MAC): This type of access control is based on a set of predefined rules and policies, and it is commonly used in high-security environments such as government and military facilities. The system administrator defines the access rights of each user or group, and these permissions cannot be changed by the user.
- Discretionary Access Control (DAC): In this type of access control, the owner or administrator of a resource determines who is allowed to access it and sets the level of access for each user. DAC is commonly used in smaller organizations where the security requirements are less stringent, and it allows users to share resources among themselves.
- Role-Based Access Control (RBAC): RBAC is based on a user's role or job function within an organization, rather than on individual users or groups. Users are assigned roles with corresponding access permissions, and these permissions are granted based on the needs of the user's job function. RBAC is commonly used in large organizations where there are many users with different levels of access to various resources.
There are also some additional types of access control, such as Attribute-Based Access Control (ABAC), Rule-Based Access Control (RBAC), and Dynamic Access Control (DAC), which combine elements of the above types of access control. These different types of access control can be implemented in physical security systems, as well as in IT security systems to control access to digital resources.
Differences between Access Control Systems
Access control systems can be grouped into different categories based on various criteria.
Analog vs. Digital Access Control
Analog access control systems uses analog technology to control access to physical spaces. Technologies used for analog access control include:
- Mechanical Key Systems: This includes traditional lock and key systems that use mechanical keys to grant or restrict access to physical spaces.
- PIN code-based Systems: These systems require users to enter a numerical code to gain access.
- Magnetic stripe Systems: These systems use magnetic stripe cards to grant access to physical spaces.
Digital access control systems use digital technology to control access to physical spaces. Technologies used for digital access control include:
- Proximity card Systems: These systems use radio frequency identification (RFID) to grant access to physical spaces.
- Smart card Systems: These systems use integrated circuit cards to grant access to physical spaces.
- Mobile Phone Systems: By communicating with the lock over Bluetooth or other wireless technologies, smartphones are a convenient way to replace keys.
- Biometric Systems: These systems use biometric data, such as fingerprints, facial recognition, or iris scans, to grant access to physical spaces.
On-premise Vs Cloud-based Access Control
On-premise access control systems are installed and managed locally, within an organization's physical premises. One can further differentiate on premise systems further into:
- Standalone Systems: These systems do not require a network connection and operate independently.
- Networked Systems: These systems are connected to a local network and can be managed remotely.
Cloud-based access control systems are managed and hosted in the cloud, rather than locally within an organization's premises. Cloud based access control can be further distinguished into:
- SaaS Systems: These are software as a service systems that are offered on a subscription basis, and are hosted and managed by a third-party provider.
- PaaS Systems: These are platform as a service systems that allow organizations to customize and develop their own access control systems on a cloud-based platform.