Closer, seamless integration
November 2018, Access Control & Identity Management, Cyber Security, Integrated Solutions
We are now seeing an increased focus placed on data protection, and this will roll over into the access control market. We are already seeing the access control market adopting a combination of technologies such as SEOS (other secure card format technologies) with credentials at the edge, TLS 1.2 (or equivalent, OSDP to controller) during transmitting and receiving data and software asset management on the server/client side. This is according to Chris Lelicanin, product specialist for access control at Elvey.
He says that while none of these are really brand new technologies, they are technologies pulled together to service specific requirements such as personal information security. They are more prominent now because there are bodies in place to enforce these standards.
“The security sector is definitely becoming more IT-centric and a number of broad categories are dominating our industry, including IoT devices, artificial intelligence (AI), cloud and serverless computing and robotics,” says Lelican.
IoT devices and cybersecurity
IoT devices are generally not designed with cybersecurity in mind and are typically an easy target. According to a recent report in IoT For All one known security risk is that those companies with IoT devices that have known vulnerabilities don’t fully patch the devices.
Some scary statistics that came out of the report include the fact that the annual cost to the US economy due to breaches of these systems is $100-billion, resulting in the loss of approximately 100 000 jobs. Malware made for IP cameras is still a matter of concern and researchers associated with Kaspersky Labs found that a type of malware for those devices infected 57 000 units in only a week. Elvey sees the cybersecurity space growing substantially as these attacks increase with the commensurate increase in adoption of connected devices.
Network-level attacks are a security risk for IoT devices, with hackers known to carry out a distributed denial of service (DDoS) attack. This DDoS floods network-connected devices with too many requests and prevents the server from processing legitimate requests under the load.
Another challenge with IoT devices is RFID spoofing which allows cybercriminals to create fake RFID signals that let them read and record data transmissions. Probably the largest issue however, is software threats from Trojan viruses, malicious scripts, and malware.
AI, and more specifically Deep Learning predictive analytics, is becoming more evident in time and attendance (T&A) where systems learn from the user’s patterns. Additionally, it is being used in monitoring or control rooms where the guard is the software and it can use a combination of analytics and user data/behaviour to provide security models with alerts to take action autonomously.
While there are positive benefits to be derived from implementing AI, it can be taken to extreme (and negative) levels. A seemingly dystopian world can be imagined in China’s planned implementation of a pervasive system of algorithmic surveillance. According to an article in The Atlantic, the government will harness advances in artificial intelligence and data mining and storage to construct detailed profiles on all citizens.
Apparently, a vast accompanying network of surveillance cameras will constantly monitor citizens’ movements, purportedly to reduce crime and terrorism. The security organs of the communist party-state will filter, collect, and analyse staggering volumes of data. This poses a grave threat to the freedom of the Chinese populace and is likely to filter down to other countries in the world, albeit in a perhaps less severe fashion.
Cloud and serverless computing
Cloud and serverless computing, like Hattrix, means that clients need not worry about data security, deployment or backup, allowing them to focus solely on their clients. According to the RightScale 2018 State of the Cloud report, serverless computing is the number one growing cloud service, with a growth rate of 75%.
“To a lesser and more real extent we can see the advances in computing and sensor technology already benefitting the industry, with larger user databases and faster, more accurate identification on biometric readers. In addition, there is an increasing number of higher resolution cameras with deeper and richer analytics and metrics, together with longer storage periods, capturing the market,” says Lelicanin.
“Here we see security robotics and AI at play and we can also lump drones into this category as well. A classic example of this is the robot developed to serve as a security guard at train stations in the run-up to the 2020 Tokyo Olympics and Paralympics. The robot is equipped with a security camera powered by artificial intelligence and it can detect and report suspicious persons or objects at stations,” says Lelicanin.
Perseusbot, as it is known, can avoid obstacles and travel over uneven pavement during patrols. It can send alerts to the smart phones of security staff if it discovers objects left unattended for a long time or if it captures aggressive movements by individuals that could lead to conflict.
Access control technologies
Three areas need mention here. Low-energy Bluetooth or near field communications (NFC) where one uses one’s smartphone as an edge device or as a credential with an edge device to gain access to premises.
Self-learning fingerprint algorithms provide improved accuracy over time and require less computational resources. Finally, iris scanning will become increasingly useful for voter registration and as a passport replacement tool.
“In general I don’t think we’re going to see any ground-breaking new technology, just closer integration of existing systems,” says Lelicanin.