1851 SITO/City & Guilds masterclass [part 23] - Software: for door control

Welcome to the 11th paper on access control. In this month's session we shall continue with unit four in the series and consider Central Data Gathering and the Display Unit.

CENTRAL CONTROL UNIT

In order to reduce costs, most multi-door systems will have central control units designed specifically to store and display both programmed and historic event data. At its simplest, the data storage and programming display unit will need the following elements (see Fig 1):

1. A data storage device, such as a hard disk.

2. A display unit, such as a monitor or VDU.

3. A processor or memory.

4. A keyboard to enable the user to input data and commands.

The use of personal computers (PCs) has become widespread throughout the access control industry due to its comparatively low cost and versatility, with IBM or IBM-compatible machines the most common.

All such machines communicate to the outside world through a program called the operating system. This is responsible for activities such as reading keypresses on the keyboard, displaying messages on the VDU, printing messages on a printer and storing data in the memory. The common operating systems, due to the prevalence of IBM-compatible machines, include MS-DOS and Windows.

SOFTWARE FEATURES

Since multi-door systems are larger than single-door controllers they will naturally process more data and thus require enhanced processing capabilities. Enhanced processing capabilities and the collating of activity data from many access points enables manufacturers to offer a wide variety of software features to aid the day-to-day running of the system.

There is also a growing tendency for manufacturers of access control systems to provide added value by using the system for more than just access operations. With information about who is in the building at a given time, it is possible for the access system to be used as a source of information when combined with a management reporting capability.

The variety of software features available for use on multi-door systems are described in the following paragraphs.

LIST OF TOKENS

In the past papers we have seen that a list of token holders is a useful feature in a single-door controller. In multi-door access control systems, such information is critical as staff will typically have access to different areas of the premises at different times of the day.

This means that against the name of each token holder will be an access code authority that determines the doors through which they are allowed.

Since multi-door systems also tend to have larger memory capacities, the amount of information that can be held about an individual can be considerably more detailed, as shown in Fig 2 (previous page).

As with single-door controllers, the time code will typically be a numeric code or text message that represents the times during which an employee can gain access. Example 1:

Similarly, the access code may be a numeric code that represents the doors through which the token holder is allowed access. Example 2:

Such detailed information allows total control over the activities of the staff ensuring that they access only those areas in which they work. It also provides enhanced security over single-door controllers since the theft of a token may not provide access to all areas of the site.

ROLL-CALL

This feature, a list of people in the building, finds its main use in emergency situations. Basically, it consists of a printed list of tokens (and thus people) currently registered as 'in' the building at any given time.

ANTI-PASSBACK

Anti-passback is a feature that monitors tokens used to enter the site, ensuring that someone doesn't gain access to a site then pass back the token to someone else

HISTORICAL LOG

Due to the amount of space that piles of paper can occupy, many manufacturers of access control systems offer both printed events and historical logs, with the print-outs displaying selected events in real time, i.e. as they occur. Their main purpose is for security checking. The historical log, which resides in the system's memory, is used for longer-term storage.

The historical log usually consists of a list of all the events that have been recorded by the system. Since it is stored in the system's computer memory, it can be interrogated and is more efficient than a real-time paper print-out.

Searching aids allow a particular day's events to be called up quickly and easily.

Typically, the information recorded in an historical log will look like the example in Fig 3.

CARD AND DOOR LOGS

A card or door log allows a search of the historical log for all past occurrences of a particular card or door activity that have been logged by the system. Those last few words are important – the system will only show events that it has been instructed to log. It cannot, for instance, show any valid access events if it has been instructed to log only invalid events.

CARD AND DOOR TRACE

The card trace and door trace commands are similar to the card and door log commands in that they provide a printed history of the usage of a particular card. The difference between the trace and log commands becomes apparent when the timing of the information generated by the commands are compared.

The card log command prints all events recorded in the history log some time after the events have occurred. The card trace command will flag an alarm to the system whenever the card holder uses their card in real-time, and would display events that may not normally be logged into the history archives, such as valid entry, for instance.

The trace command thus allows the system operator to 'watch' a cardholder's movements through various reader points.

The door trace command works in a similar fashion, with the exception that it monitors door rather than card usage.

TOKEN LOCKOUT OR INVALIDATION

A method of locking out or invalidating tokens is essential if the security of the system is not to be compromised by lost or missing tokens.

Normally, this is achieved simply by entering the internal or external token number and pressing the equivalent of an 'invalidate' key. Once a token is invalidated it will not be recognised by the system and the token holder will thus be denied access at all access points.

DISABLE READERS

The disable readers option is provided for situations where we wish to bar access to particular areas on a temporary basis. Once again, it is usually a simple matter to select a reader then press the equivalent of the 'disable' key to inhibit its operation to all tokens.

Re-enabling the readers should also be simple, by reprogramming the reader and pressing the 'enable' key.

DISABLE TIME OR ACCESS CODES

The disable time codes or access time codes features operate in a similar manner to the disable readers option but work instead on a collection of times or readers as appropriate.

Where permanent changes are required, the disable function should not be used and the codes should be deleted or altered accordingly.

That's it for now. The next session will be the last in this series on Access Control, but look out for a 12-session series on CCTV coming soon.