Curricula - Knowledge - Navigation

Access Control

Access control is a security technique that regulates, who can read restricted information, enter a restricted area or use restricted resources.

Access control describes the selective control of entry or restriction to a certain area or resource and can therefore also encompass digital information and physical security. Individuals are being validated and authorized if they can confirm their true identity.

Mechanisms that limit access and perform various forms of authorization verification, accountability and approval are generally used to detain or authorize personnel from using crucial resources.

The user has to present credentials to the confirmation device. The given data is compared to the saved access code and checked for a match. Only if the right information is given, access is granted. This can be done via various means: A very common form is password verification. The user has to know and present the right combination of numbers or the right phrase in order to enter. Another measure is the presentation of certain items, such as key cards. A third commonly used practice, requires the user to prove his or her identity via biometric data analysis. In more complex systems the measures can also be combined, where the user has to pass multiple steps of verification.

Utilisation and application

Access control is vital to restrain unauthorized persons from certain areas or content, be it physical or online. Therefore it is commonly used in almost all cases where one likes to maintain privacy and protection. This is especially vital for law enforcement agencies that need to maintain or access control over specific areas.

When it comes to physical access, electronic access control offers flexibility and saves money, since no actual security personal is required to guard a certain area. Businesses or governments generally have some kind of access control to prevent physical entry on private property, often using various forms of security code, key cards or biometric data analysis. Private households are more commonly secured by keys, but more and more modern houses use electronic access control to secure their property.

Online content is often only secured via password, since this is the easiest method and does not require further equipment.

Types and models

Password/Number: The easiest method to keep access control. A predefined password or numeric combination (depending on device) is set. This combination needs to be entered in the reader in the right order to gain access. Longer, more eccentric combinations are safer. This is the least secure approach, since the combination can be hacked online.  

Keycard/Item: The smarter version of the basic key is the key card, which is commonly used, since it fits easy into every wallet and can be taken along. It also has the advantage that it can be used quickly, when physically moved to a trigger that reacts to the card via electronic mechanisms such as barcode or magnetic stripe. Identification items have the potential flaw that they can be stolen or lost.

Biometric identification: More complex and expensive, but probably most secure is the access control via identification of the user. This can be done with biometric input, such as face, iris or fingerprint recognition. Even though it is possible to recreate identities, this method is much more secure and therefore also costly. Hence, it is more commonly used to safeguard classified resources.

Combination: To be absolute secure when guarding important assets, a hybrid of access control measures is another option commonly used. Next to the primary a second factor checks your identity, such as a specific code and a key card.

Target groups

Government, businesses, companies, private households

Requirements and considerations

Every system has its weak point. Passwords and codes can – if not sophisticated enough – be easily hacked, especially online. Identification cards can be stolen or lost, therefore making it necessary to reprogram the entire system. Biometric data identification is quite expensive and can, if the intruder is willing enough, be tricked as well. A comprehensive approach that combines the mechanics might still prove to be the best way to restrict entry.

Manufacturers, providers and brands

ODYSSEUS, Axis Communications, HID Global