Home System Design Access Control: On the Cards

Access Control: On the Cards

by Benchmark

Given the numerous applications that chip-based cards can deliver, it is not surprising that many are looking towards a single credential-based solution for a wide number of applications. Indeed, access control is now just one of many benefits such solutions deliver.

When the concept of ‘smart cards’ was first touted in the UK, many years ago, there was something a negative feeling about the technology. Fears surrounding personal data were widespread, and the general feeling was that the technology wasn’t welcomed. The slow acceptance of the benefits on offer does go some way to underline the fact that perceptions are harder to disprove and dislodge than realities!

Of course, over the years the technology has grown, and is used increasingly in a diverse range of industries. The term ‘smart card’ has slipped from use, and today those utilising the technology are more aware of the benefits on offer.

One significant benefit of the technology exists in applications were multiple applications require the use of a credential. Being able to control various elements via one solution makes increasing sense, especially if the data from the various elements can be used to create a smoother and more effective experience for the user. Additionally, the resultant data can also be utilised to assist in the creation of enhanced management policies. Reduced credential management also can deliver true cost efficiencies!

A ‘One Card’ option

The University of Salford introduced its ‘One Card’ project in 2011, following the development of its high tech digital learning and research campus at MediaCityUK. The site, flagged as a centre for digital and creative industries, is home to the BBC, ITV and SIS, as well as the digital and creative faculty of the University. The site houses around 1,500 students, and boasts radio and television studios, post-production facilities and digital media suites.

The One Card project is designed to allow students and staff access to facilities, buildings and services throughout the campus. When a student enrols, specific details of their course and learning requirements are uploaded to the system where an access profile is created and linked to their student profile. This then authorises them for access to their distinct learning areas, as well as to other services and general areas. In addition, the access control element of the system is complemented by a room management system. This enables staff and students to book available rooms for study or project-based work via the central system. This approach allows the access profiles of staff or students to be adapted to meet needs as they arise, without a need to reconfigure general settings through the core system software.

The heart of the system – which manages vending and purchasing functions, management of facility bookings, printing rights, library management and parking control, as well as access to buildings and rooms – is an access control system. The Janus solution from Grosvenor Technologies was already in use at the original campus buildings of the University, where in excess of 300 card readers are installed. As the needs of the University expanded, so the software-based system was used as the core of the new project.

This development was aided by the fact that the solution utilises an ‘open’ database, which delivered the benefit of allowing a wider range of information to be stored and managed. Some access control systems have limited or restricted databases, only allowing data relative to the system’s core functions to be stored. The ‘open’ nature also enabled simpler integration with other solutions, such as the room management system from Condeco and a printing solution from Ricoh. The database is also able to share information with regard to sports facilities and library requirements.

Derek Drury, CIO, Information Services at the University, stated, ‘Grosvenor Technology was pivotal in successfully bringing together several key strategies into a ‘one card fits all’ solution. With a single card our staff and students link into parking, secure access, the library, ‘follow me’ printing, leisure facilities and fund loading for catering and printing. It is one of the most complex implementations in the University, touching multiple systems across the campus. The success of the project has been measured in the wealth of integration, across the entire University, and enjoyed by all.’

The cards include a number of elements, such as photographic ID, magnetic stripe, bar codes and smart storage. On enrolment, the student’s image, if not already available, is captured by the card services bureau and uploaded to a central server for access by other university databases and services. This is achieved via the system’s software.

One of the challenges for the One Card project was to get all the third-party integrations to use a single unique credential. The DESFire EV1 card was used as the core component. However, to achieve interoperability with the other solutions, multiple methods of identification are required from the single card to satisfy the criteria for all the platforms. These include an internally AES-encrypted number, a 56-bit DESFire unique ID, a 32-bit classic Mifare emulation, and encoded magstripe and printed barcodes. Each of these components are captured at the time of card personalisation and made available for the relevant systems.

The central software enables full management reporting that allows detailed analysis of card access events. One example of how the University uses the reporting facilities is with regard to the library. The system analyses data pertaining to the number of students and staff using the facility at any given time or period of the day. The reports can determine the peak and average usage, and to which school or college the user is assigned. The total time spent in the library by individuals can also be assessed. The collected management data helps the library to better plan and improve its services to students and staff.

The system uses distributed intelligence, which enhances overall fault-tolerance. The central server interfaces to card readers via intelligent door controllers located at each access point. Each controller is a standalone unit that can control two doors/locks and is compatible with a wide range of card readers and lock mechanisms.

Every card profile associated with an individual controller is downloaded to the unit to ensure continued operation, even in the event of a network or power failure.

In summary

The benefits of a One Card implementation are obvious, and can streamline the data handling processes, as well as making operations simpler for on-site users. As is proven by the University of Salford’s implementation, the interoperation not only delivers ease of use for cardholders, but also enhances site management.

Related Articles