陕西理工学院毕业设计
附 录 A 外文翻译
The Access control system
Access control system is widely used in recent years and it is one of the high-tech and safety equipment , has become one of the intelligent signs of modern architecture. Access control , the export and the entrance control system, is to control the export and entrance channel system. Access control system is developed on the basis of the traditional locks (Entrance Guard/Access Control in English).
Access control is, in reality, an everyday phenomenon. A lock on a car door is essentially a form of access control. A PIN on an ATM system at a bank is another means of access control. Bouncers standing in front of a night club is perhaps a more primitive mode of access control (given the evident lack of information technology involved). The possession of access control is of prime importance when persons seek to secure important, confidential, or sensitive information and equipment .Item control or electronic key management is an area within (and possibly integrated with) an access control system which concerns the managing of possession and location of small assets or physical (mechanical) keys.
Physical access by a person may be allowed depending on payment, authorization, etc. Also there may be one-way traffic of people. These can be enforced by personnel such as a border guard, a doorman, a ticket checker, etc., or with a device such as a turnstile. There may be fences to avoid circumventing this access control. An alternative of access control in the strict sense (physically controlling access itself) is a system of checking authorized presence, see e.g. Ticket controller (transportation). A variant is exit control, e.g. of a shop (checkout) or a country. In physical security, the term access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons. Physical access control can be achieved by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through technological means such as access control systems like the Access control vestibule.
Within these environments , physical key management may also be employed as a means of further managing and monitoring access to mechanically keyed areas or access to certain small assets . Physical access control is a matter of who , where, and when. An access control system determines who is allowed to enter or exit, where they are allowed to exit or enter, and when they are allowed to enter or exit. Historically this was partially accomplished through keys and locks. When a door is locked only someone with a key can enter through the door depending on how the lock is configured. Mechanical locks and keys do not allow restriction of the key holder to specific times or dates. Mechanical locks and keys do not provide records of the key used on any specific door and the keys can be easily copied or transferred to an unauthorized person. When a mechanical key is lost or the key holder is no longer authorized to use the protected area, the locks must be re-keyed. Electronic access control uses computers to solve the limitations of mechanical locks and keys. A wide range of credentials can be used to replace mechanical keys. The electronic access control system grants access based on the credential presented. When access is granted, the door is unlocked for a predetermined time and the transaction is recorded. When access is refused, the door remains locked and the attempted access is recorded. The system will also monitor the door and alarm if the door is forced open or held open too long after being unlocked.
When acredential is presented to a reader,he
reader sends the credential information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the d
第 24 页 共 61 页
陕西理工学院毕业设计
oor remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door. The control panel also ignores a door open signal to prevent an alarm. Often the reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted .The above description illustrates a single factor transaction. Credentials can be passed around, thus subverting the access control list. For example, Alice has access rights to the server room but Bob does not. Alice either gives Bob her credential or Bob takes it; he now has access to the server room. To prevent this, two-factor authenticationcan be used. In a two factor transaction, the presented credential and a second factor are needed for access to be granted; another factor can be a PIN, a second credential, operator intervention, or a biometric input.
There are three types (factors) of authenticating information :
(1)something the user knows, ega password, pass-phrase or PIN (2)something the user has, such as smart card
(3)something the user is, such as fingerprint, verified by biometric measurement.
Passwords are a common means of verifying a user's identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, where another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios. For example, a user may have their password, but have forgotten their smart card. In such a scenario, if the user is known to designated cohorts, the cohorts may provide their smart card and password in combination with the extant factor of the user in question and thus provide two factors for the user with missing credential, and three factors overall to allow access. Now, as people's living standards improve and technology advances, more and more local needs of access control system such as residential entrance, garage entrance, the entrance and other public places. Many different types of access control system; because it has different characteristics, so do not use the place, IC card access control system because of its higher security, better convenience and cost-effective access control system into the mainstream. IC card technology is currently widely used in various industries, particularly public transport, wireless communications, identification, financial transactions and security and defense industries. Access control system through the import and export control, limiting staff and vehicles entering controlled areas, to ensure that controlled regional security. This study focuses on the underground garage access control system, which the requirements of the access control system with a clear direction, this design refers to radio frequency technology, the use of computer control of the IC card reader for reading and writing. ACCESS database software used to implement software system database services; using Visual Basic6.0 to design software with which the various common controls designed to log basic information, equipment management, card management, query management, system management a window Body. The IC access control system software with easy to use, simple features, the operator does not need a professional computer operating level.
Credential
A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being, that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something you know (such as number or PIN), something you have (such as an access badge), something you are (such as a biometric feature) or some combination of these items. The typical credential is an access card, key fob, or other key. There are many card technologies including magnetic stripe, bar code, Wiegand , 125 kHz proximity, 26 bit card-swipe, contact smart cards, and contactless smart cards. Also available are key-fobs which are more compact than ID cards and attach to a key ring. Typical bio
第 25 页 共 61 页
陕西理工学院毕业设计
metric technologies include fingerprint, facial recognition, iris recognition, retinal scan, voice, and hand geometry.
Access control system components
An access control point, which can be a door, turnstile, parking gate, elevator, or other physical barrier where granting access can be electronically controlled. Typically the access point is a door. An electronic access control door can contain several elements. At its most basic there is a stand-alone electric lock. The lock is unlocked by an operator with a switch. To automate this, operator intervention is replaced by a reader. The reader could be a keypad where a code is entered, it could be a card reader, or it could be a biometric reader. Readers do not usually make an access decision but send a card number to an access control panel that verifies the number against an access list. To monitor the door position a magnetic door switch is used. In concept the door switch is not unlike those on refrigerators or car doors. Generally only entry is controlled and exit is uncontrolled. In cases where exit is also controlled a second reader is used on the opposite side of the door. In cases where exit is not controlled, free exit, a device called a request-to-exit (RTE) is used. Request-to-exit devices can be a pushbutton or a motion detector. When the button is pushed or the motion detector detects motion at the door, the door alarm is temporarily ignored while the door is opened. Exiting a door without having to electrically unlock the door is called mechanical free egress. This is an important safety feature. In cases where the lock must be electrically unlocked on exit, the request-to-exit device also unlocks the door.
Access control topology
Access control decisions are made by comparing the credential to an access control list. This lookup can be done by a host or server, by an access control panel, or by a reader. The development of access control systems has seen a steady push of the lookup out from a central host to the edge of the system, or the reader. The predominate topology circa 2009 is hub and spoke with a control panel as the hub and the readers as the spokes. The lookup and control functions are by the control panel. The spokes communicate through a serial connection; usually RS485. Some manufactures are pushing the decision making to the edge by placing a controller at the door. The controllers are IP enabled and connect to a host and database using standard networks.
Types of readers
Access control readers may be classified by functions they are able to perform:
(1)Basic (non-intelligent) readers: simply read card number or PIN and forward it to a control panel. In case of biometric identification, such readers output ID number of a user. Typically Wiegand protocol is used for transmitting data to the control panel, but other options such as RS-232, RS-485 and Clock/Data are not uncommon. This is the most popular type of access control readers. Examples of such readers are RF Tiny by RFLOGICS, Prox Point by HID, and P300 by Far pointe Data.
(2)Semi-intelligent readers: have all inputs and outputs necessary to control door hardware (lock, door contact, exit button), but do not make any access decisions. When a user presents a card or enters PIN, the reader sends information to the main controller and waits for its response. If the connection to the main controller is interrupted, such readers stop working or function in a degraded mode. Usually semi-intelligent readers are connected to a control panel via an RS-485 bus. Examples of such readers are InfoProx Lite IPL200 by CEM Systems and AP-510 by Apollo.
第 26 页 共 61 页
陕西理工学院毕业设计
(3)Intelligent readers: have all inputs and outputs necessary to control door hardware, they also have memory and processing power necessary to make access decisions independently. Same as semi-intelligent readers they are connected to a control panel via an RS-485 bus. The control panel sends configuration updates and retrieves events from the readers. Examples of such readers could be InfoProx IPO200 by CEM Systems and AP-500 by Apollo. There is also a new generation of intelligent readers referred to as \\o PC that acts as a host. Examples of such readers are PowerNet IP Reader by Isonas Security Systems, ID08 by Solus has the built in webservice to make it user friendly, Edge ER40 reader by HID Global, LogLock and UNiLOCK by ASPiSYS Ltd, and BioEntry Plus reader by Suprema Inc . Some readers may have additional features such as LCD and function buttons for data collection purposes (i.e. clock-in/clock-out events for attendance reports), camera/speaker/microphone for intercom, and smart card read/write support.
Access control readers may also be classified by the type of identification technology.
Attribute-based access control
In attribute-based access control (ABAC), access is granted not based on the rights of the subject associated with a user after authentication, but based on attributes of the user. The user has to prove so called claims about his attributes to the access control engine. An attribute-based access control policy specifies which claims need to be satisfied in order to grant access to an object. For instance the claim could be \n 18\identification are not strictly required. One does however require means for proving claims anonymously. This can for instance be achieved usinganonymous credentials or XACML (extensible access control markup language).
门禁管理系统原理
门禁系统是最近几年才在国内广泛应用的又一高科技安全设施之一,现已成为现代建筑的智能化标志之一。门禁,即出入口控制系统,是对出入口通道进行管制的系统,门禁系统是在传统的门锁基础上发展而来的(英文 ENTRANCE GUARD / ACCESS CONTROL)。
在现实中访问控制是,我们的日常生活中的现象。一车门上的锁,本质上是一种形式的访问控制。在一家银行的ATM系统是一个PIN访问控制的另一种方式。站在一家夜总会门前的安保人员是缺乏涉及信息技术,也许是更原始的访问控制模式。拥有访问控制是当人寻求安全,机密或敏感的信息和设施时非常重要的.项目控制或电子钥匙管理的区域内(和有可能集成) ,一个访问控制系统,它涉及到管理小资产或物理(机械)键的位置。一个人可以被允许物理访问,根据支付,授权等。
有可能是单向交通的人,这些都可以执行人员,如边防卫兵,一个看门人,检票机等,或与设备,如旋转门。有可能会有围栏,以避免规避此访问控制。在严格意义上的访问控制(实际控制访问本身)的另一种方法是一个系统的检查授权的存在, 例如,车票控制器(运输)。一个变种是出口控制,例如的店(结帐)或一个国家。在物理安全方面上的访问控制是指属性,建筑,或授权人一个房间,限制入口的做法。
在这些环境中,物理密钥管理还可以进一步管理和监控机械键区或某些小资产。 物理访问控制访问的一种手段,是谁,地点和时间的问题。访问控制系统决定谁可以进入或退出,在那里他们被允许离开或进入,而当他们被允许进入或退出。从历史上看,这已经部分实现通过钥匙和锁。当门被锁定只有有人用一把钥匙可以通过门禁,这时取决于锁定如何配置。机械锁和钥匙的钥匙持有人
第 27 页 共 61 页