Access on the edge

Access & Identity Management Handbook 2018 Access Control & Identity Management, Integrated Solutions

As technology advances, access control readers, especially biometric readers, have taken on more functions. They can now store large databases, enabling offline operation when networks are down, while eliminating the need for external controllers by incorporating relays on the device, allowing for direct input of sensors such as door-left-open and alarms and even direct connection of release-to-exit buttons where biometrics only control one way access.

Benefits derived from this include simplified installation and, in most cases, cost effectiveness. This came about with the era of ‘IP convergence’ as previous readers left processing and communication to the controller and did not have a direct network interface. Then, with IP on the rise, processors became cheaper and the new thing became having a direct network interface on the device. This created excitement for corporate IT departments and fitted right in with keeping control in the hands of the corporate, leading to endless conversations of the changing role of security managers or merging the same into the IT department.

The challenges created by distributed access control topologies

What this power play did not consider was that these devices were not the standard Window, iOS and Linux platforms which could be included in the midnight anti-virus and malware scan, and as with anything new it was not necessary as these black boxes ran propriety OS kernels and communication protocols and were therefore not exposed. This created new challenges and therefore opportunities for villains, which now had these in their reach and who could try and make them do what they wanted, or if not successful, would simply break them, creating loopholes and overrides in the ‘unbreakable security’. Soon we heard about device weaknesses and malware taking over IP cameras and security devices.

Then the hot topic of identity theft and the privacy of personal information also had its say. If devices are intelligent, can operate offline and sit outside of the office, what stops someone from stealing my data by stealing the device? A good and logical question coming from a supposed non-expert in access terminal data storage and biometric data reconstruction. It remains a valid question though, as consumers cannot always ensure that best practices are followed by manufacturers and that someone cannot peep into these mostly proprietary black boxes. Going hand in hand with the device on the edge, since it controls the relay to open the door, what stops someone from removing the device and triggering the lock?

Some of these downfalls enter the realms of Mission Impossible and James Bond, but as we know these are drivers of innovation in technology, luring those infiltrating cyber security, in turn causing manufacturers to improve and sell more products. This is the infinite loop we are in with technology: produce, break, improve, sell and repeat.

So are we going back to centralised topologies?

Most of these decentralised challenges have been resolved, for now, by adding peripherals to move the relay back into the roof, data encryption and including certificates for devices. So decentralised is here to stay, but going through the process has helped us relook the benefits and downfalls of both. Some questions that came about were:

• Is it really more cost effective to have network cables going to each door?

• Yes, it’s definitely nice to have everything on one device, but does it always make it easier?

• Having a direct network connection to a device surely introduces convenience when managing devices, but how does it weigh up against having to manage communication to all these devices and does it create more points of failure?

• Today, an intelligent biometric access control device, managing half a million records, costs about the same as a non-intelligent device a decade ago. However, if we removed some of that intelligence could we make solutions even more efficient and cost effective by performing the functionality on a controller?

In short, the answer depends on the implementation. There is no one size fits all.

Centralised topology definitely has a place, but some things have changed. When using centralised controllers we now need to have more power. Users became used to 150 000 matches per second on a device and if we want to move back to centralised, we need to make sure we keep offering the same, but for multiple unintelligent devices. Controllers also need to offer the same flexibility, managing external inputs, provide Wiegand interfaces to ease upgrading current systems and support OSDP as a form of secure open platform communication to mention a few.

Suprema’s CoreStation address all these needs. It is not here to replace our leading decentralised topology, but rather to offer our clients more options to better suite their security needs and pockets, depending on their requirements. No need to choose because one segment of your access control implementation might benefit by centralising door control where others might be more effective utilising decentralised.

Manufacturers and system designers now also have this intelligent controller with massive high-speed fingerprint matching, using Suprema’s pace-setting algorithms, available to them to translate all the benefits to their users.

Intelligent biometric controller

CoreStation fulfils the demand for biometric technology within more secure, larger-scale access control applications that utilise a centralised topology. It has the capacity to handle half a million users with a fingerprint matching speed of up to 400 000 match/second and simultaneous matching speeds of up to 8 devices in 1 second.

On the security side, the CoreStation enhances levels of security over edge-based IP access control topologies. Taking full advantage of centralised access control, CoreStation provides for secure storage of biometric data and secure wiring options. In addition, by featuring secure TLS 1.2 communication and 256-bit (AES-256) encryption, CoreStation offers the most stringent data security available today.

CoreStation provides a multi-port interface for fingerprint/RF readers and also supports locks, sensors, release-to-exit and alarm devices. It delivers comprehensive access control functionalities for up to 132 access points through the company's BioStar 2 security platform and also allows access control manufacturers to take advantage of the same for their platforms. The device interfaces with a complete set of reader technologies including RS-485 (OSDP) and Wiegand further extending its flexibility and scalability.

In a statement announcing CoreStation, Suprema’s global business director, Hanchul Kim, commented that “with its extension module peripherals, reader compatibility and versatility in application, CoreStation will provide perfect access control solutions for both new installations as well as a replacement of existing systems.”

Suprema offers you more choice and flexibility in designing your security system with recently launched BioEntry R2, a dedicated slave fingerprint/RF reader which together with the CoreStation, completes your biometric-enabled centralised access control system.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Future trends for electronic safety and security in mining
Fang Fences & Guards Mining (Industry) Integrated Solutions AI & Data Analytics
The mining industry is ever evolving, driven by technological advancements and the growing need for enhanced safety and security measures, with significant innovation seen in turnkey electronic security for mining operations.

Read more...
Unlocking enhanced security for mining
Mining (Industry) Integrated Solutions
In the dynamic landscape of African mining, security remains of paramount concern as threats evolve and challenges persist, and mining companies seek innovative solutions to safeguard their operations, assets, and personnel.

Read more...
A constant armed struggle
Technews Publishing XtraVision Editor's Choice Integrated Solutions Mining (Industry) IoT & Automation
SMART Security Solutions asked a few people involved in servicing mines to join us for a virtual round table and give us their insights into mine security today. A podcast of the discussion will be released shortly-stay tuned.

Read more...
Defending against SIM swap fraud
Access Control & Identity Management
Mobile networks must not be complacent about SIM swap fraud, and they need to prioritise the protection of customers, according to Gur Geva, Founder and CEO of iiDENTIFii.

Read more...
Access Selection Guide 2024
Access Control & Identity Management
The Access Selection Guide 2024 includes a range of devices geared specifically for the access control and identity management market.

Read more...
Biometrics Selection Guide 2024
Access Control & Identity Management
The Biometrics Selection Guide 2024 incorporates a number of hardware and software biometric identification systems aimed at the access and identity management market of today.

Read more...
Smart intercoms for Sky House Projects
Nology Access Control & Identity Management Residential Estate (Industry)
DNAKE’s easy and smart intercom solution has everything in place for modern residential buildings. Hence, the developer selected DNAKE video intercoms to round out upmarket apartment complexes, supported by the mobile app.

Read more...
Authentic identity
HID Global Access Control & Identity Management
As the world has become global and digital, traditional means for confirming authentic identity, and understanding what is real and what is fake have become impractical.

Read more...
Research labs secured with STid Mobile ID
Access Control & Identity Management
When NTT opened its research centre in Silicon Valley, it was looking for a high-security expert capable of protecting the company’s sensitive data. STid readers and mobile ID solutions formed part of the solution.

Read more...
Is voice biometrics in banking secure enough?
Access Control & Identity Management AI & Data Analytics
As incidents of banking fraud grow exponentially and become increasingly sophisticated, it is time to question whether voice banking is a safe option for consumers.

Read more...