Commit 8518b1
2025-03-07 22:01:41 R. Bishop: Initial Commit| /dev/null .. security/access control.md | |
| @@ 0,0 1,142 @@ | |
| + | # Access Control System Basics |
| + | |
| + | ## What is an Access Control System? |
| + | |
| + | An **Access Control System (ACS)** is a security solution that **regulates and restricts entry** to buildings, rooms, or digital systems. These systems are essential for **commercial buildings, residential properties, government facilities, and high-security areas** to prevent unauthorized access and enhance security. |
| + | |
| + | In the UK, access control systems must comply with **specific regulations and standards**, ensuring they are legally compliant and effective in securing premises. |
| + | |
| + | --- |
| + | |
| + | ## Why Use Access Control Systems in the UK? |
| + | |
| + | ### **1. Security & Unauthorized Access Prevention** |
| + | - Restricts entry to **authorized personnel only**. |
| + | - Reduces the risk of **theft, vandalism, and unauthorized access**. |
| + | |
| + | ### **2. Compliance with UK Security Standards** |
| + | - Adheres to **BS EN 60839-11-1** (electronic access control systems). |
| + | - Meets **GDPR** requirements for biometric and personal data processing. |
| + | - Complies with **BS 7273-4** (fire door release regulations). |
| + | |
| + | ### **3. Audit Trails & Real-Time Monitoring** |
| + | - Logs entry and exit data for **compliance and security auditing**. |
| + | - Provides **real-time alerts and notifications**. |
| + | |
| + | ### **4. Integration with Other Security Systems** |
| + | - Works with **CCTV, intruder alarms, and fire alarms**. |
| + | - Enables automated **lockdowns during security threats**. |
| + | |
| + | --- |
| + | |
| + | ## Types of Access Control Systems |
| + | |
| + | ### **1. Discretionary Access Control (DAC)** |
| + | - **User-based system** where access is granted at the owner’s discretion. |
| + | - Common in **small businesses and residential properties**. |
| + | |
| + | ### **2. Mandatory Access Control (MAC)** |
| + | - Access permissions are strictly regulated by **security policies**. |
| + | - Used in **government, military, and high-security industries**. |
| + | |
| + | ### **3. Role-Based Access Control (RBAC)** |
| + | - Access is assigned based on **job roles and responsibilities**. |
| + | - Suitable for **corporate offices, hospitals, and financial institutions**. |
| + | |
| + | ### **4. Rule-Based Access Control** |
| + | - Access is granted or denied based on **predefined rules** (e.g., time-based access). |
| + | - Often combined with **RBAC** for enhanced security. |
| + | |
| + | --- |
| + | |
| + | ## UK Access Control Standards & Regulations |
| + | |
| + | | **Standard** | **Description** | |
| + | |-------------|----------------| |
| + | | **BS EN 60839-11-1** | Defines electronic access control system requirements. | |
| + | | **BS 7273-4** | Specifies integration of access control with fire alarm systems. | |
| + | | **GDPR (General Data Protection Regulation)** | Regulates biometric data processing and privacy rights. | |
| + | |
| + | --- |
| + | |
| + | ## Components of an Access Control System |
| + | |
| + | ### **1. Credentials** |
| + | |
| + | | **Credential Type** | **Description** | **Common Uses** | |
| + | |------------------|---------------|----------------| |
| + | | **Key Cards & Fobs** | RFID/NFC-based access tokens | Offices, hotels | |
| + | | **PIN Codes** | Numeric entry via keypad | Secure rooms, safes | |
| + | | **Biometric Scanners** | Fingerprint, retina, or facial recognition | High-security facilities | |
| + | | **Mobile Access** | Smartphone-based authentication | Smart locks, modern offices | |
| + | |
| + | ### **2. Readers & Scanners** |
| + | |
| + | | **Device** | **Function** | |
| + | |------------|-----------------| |
| + | | **RFID/NFC Readers** | Reads keycards or fobs for access authentication. | |
| + | | **Keypad** | Accepts PIN codes for entry verification. | |
| + | | **Biometric Scanner** | Uses fingerprints, facial recognition, or iris scanning. | |
| + | |
| + | ### **3. Access Control Panels & Controllers** |
| + | - Acts as the **central hub** managing authentication data. |
| + | - Sends signals to **unlock doors or deny access**. |
| + | - Can integrate with **alarms and security monitoring systems**. |
| + | |
| + | ### **4. Locks & Door Hardware** |
| + | |
| + | | **Lock Type** | **Function** | |
| + | |------------|------------| |
| + | | **Magnetic Lock (Maglock)** | Uses electromagnets to secure doors. | |
| + | | **Electric Strike Lock** | Releases upon authentication for door access. | |
| + | | **Smart Lock** | Keyless entry with mobile or biometric access. | |
| + | |
| + | ### **5. Management Software** |
| + | - Admins use software to manage users, credentials, and **security policies**. |
| + | - Can be **on-premises** or **cloud-based** for remote management. |
| + | |
| + | --- |
| + | |
| + | ## Authentication Methods |
| + | |
| + | | **Authentication Type** | **Description** | **Security Level** | |
| + | |-----------------|-------------------|----------------| |
| + | | **Single-Factor Authentication (SFA)** | Uses **one method** (e.g., keycard) | Moderate | |
| + | | **Two-Factor Authentication (2FA)** | Combines **two methods** (e.g., keycard + PIN) | High | |
| + | | **Multi-Factor Authentication (MFA)** | Uses **multiple layers** (e.g., fingerprint + PIN + keycard) | Very High | |
| + | |
| + | --- |
| + | |
| + | ## Installation Best Practices in the UK |
| + | |
| + | ### **1. Strategic Placement of Readers & Locks** |
| + | - Install **readers at entry/exit points** and high-security zones. |
| + | - Use **biometric authentication for restricted areas**. |
| + | |
| + | ### **2. Redundancy & Backup Systems** |
| + | - Implement **battery backup** for continued operation during power failures. |
| + | - Store **entry logs securely in encrypted databases**. |
| + | |
| + | ### **3. Compliance with UK Privacy & Security Laws** |
| + | - Follow **GDPR** when handling **biometric data and access logs**. |
| + | - Ensure **signage and user consent** for biometric scanning. |
| + | |
| + | ### **4. Integration with Emergency Systems** |
| + | - Ensure access control integrates with **fire doors and emergency exits**. |
| + | - Adhere to **BS 7273-4** for safe fire alarm and security integration. |
| + | |
| + | --- |
| + | |
| + | ## Access Control in UK Fire & Security Industry |
| + | |
| + | Access control systems are essential for **fire safety and security management**, ensuring: |
| + | |
| + | - **Emergency Lockdown & Fire Door Release** → Automatic unlocking in emergencies. |
| + | - **Intrusion Prevention** → Restricts unauthorized access to sensitive areas. |
| + | - **Integration with CCTV** → Provides video verification for access events. |
| + | - **Multi-Site Access Control** → Centralized security for **corporate offices, hospitals, and educational institutions**. |
| + | |
| + | --- |
| + | |
| + | ## Conclusion |
| + | Access control systems in the UK **enhance security, ensure regulatory compliance, and streamline access management**. By selecting the right **authentication methods, hardware, and software**, businesses can **protect assets, control entry, and maintain safety** in accordance with UK security regulations. |