Physical building security and electronic access control

Discussion in 'Business & Enterprise Computing' started by gords, Nov 28, 2010.

  1. gords

    gords Oh deer!

    Joined:
    Aug 3, 2001
    Messages:
    6,623
    Location:
    Sydney, Australia
    Hi folks,
    I figure some of you guys will have some experience in the area of building access control, mag stripe cards, proximity locks etc.

    My situation is this: I work at a school with 13 buildings on one campus. We're having a new building built, and within the last couple of days I've found out that the master key system that has been used throughout the rest of the school cannot be used in the new building as the cylinders aren't being made anymore.

    With that in mind, a new (traditional) master key system is being looked at which will be installed in the new building and be progressively rolled out to the other buildings.

    My view is that with all the different keys, people and programs that are in place at the moment, a traditional hierarchical keying system will not do everything we want (and will be horrendously complex to set up). I know that electronic access control systems were previously investigated but discounted due to their cost. I believe the cost of wired electronic locks and doorstrikes would cost too much to retrofit to the hundreds of doors, but I do know that we looked at another option which was an offline electronic lock. From what I can remember, it involved replacing the mortise locks with an electronic lock which had a unique ID number. Users had programmable 'keys' which could be programmed to open certain doors and not others. Each user had to 'recharge' their key within a set timeframe (e.g. every week) at a self-service station, which was basically a way to indicate to the controller that the key was still in use, and for the controller to update the key's programming if necessary. If the key wasn't recharged within the set time period, it would deactivate, reducing the likelihood of someone picking up a set of keys and being able to use them.

    I've searched to try and find the product I'm thinking of but haven't had any luck. Does anyone know what the name of this product is? It would've been maybe 5-6 years ago that I last looked at it.

    Thanks for your help!

    Cheers,
    Daniel
     
  2. AzzKikr

    AzzKikr Member

    Joined:
    Aug 25, 2002
    Messages:
    1,078
    Location:
    .au
    I believe the product you're looking for is called CyberLock, which is made by Videx. The Australian distributors are EKA Security, who rebrand the product under their label.

    Also, Kaba have a product called elolegic which appears to do something similar.

    FWIW - I'd view Swipe/Prox systems as being more flexible for your kind of situation, especially given that there's a number of IP-based systems these days that operate off your LAN and don't require the building-to-building cabling of the older systems. I haven't used the CyberLock, but I'd also be interested to know how they revoke lost or stolen keys, given that it appears there's no communication between cylinders and a central control system, and keys aren't updated until they're docked or similar.

    -A.
     
    Last edited: Nov 28, 2010
  3. Embercide

    Embercide Member

    Joined:
    Jun 17, 2002
    Messages:
    1,819
    Location:
    Brisbane
    The Kaba stand was near ours at the ASIAL expo this year, they seem to have a large variety of options :thumbup:
     
  4. OP
    OP
    gords

    gords Oh deer!

    Joined:
    Aug 3, 2001
    Messages:
    6,623
    Location:
    Sydney, Australia
    AzzKikr: Awesome, thanks! I was thinking of the CyberLock but the Kaba elolegic may perhaps be a bit more useful in our situation (using RFID rather than requiring physical insertion of key).

    An online system would be great. We do have a lot of Cat6 cable in these buildings, but none has been specifically run to doors, so we'd still have quite a job trying to get it there. I've seen systems that use a WLAN but I don't think we could implement this without a great deal of work on redundancy of switches, radios, power sources etc.

    Regarding lost or stolen keys or fobs, I would hope that any system like this allows barrels to be reprogrammed fairly easily. For example, key #39 is lost. There's no way to send out a command to all the door hardware to notify them about key #39, but presumably you could look up which doors the person holding that key had access to, and do a walk-around, reprogramming the barrels so that key #39 no longer works. It could be time-consuming when it happens, but it doesn't happen very often and is much better than the existing system we have.

    If there are any other systems similar to the elolegic I'd be interested to hear about them!
     
  5. AzzKikr

    AzzKikr Member

    Joined:
    Aug 25, 2002
    Messages:
    1,078
    Location:
    .au
    Gords: I'd be interested in finding out which way you end up going, and the deciding factors. :)

    Cheers
    -A.
     
  6. Raktor

    Raktor Member

    Joined:
    Jul 20, 2007
    Messages:
    92
    The manual states (p.50) that when a key is lost, you can program a few of the locks (manually, I assume), as disablers. If the key tries to open one of those disabling locks, it will deny access and revoke all permissions from the key itself.
     
  7. Iceman

    Iceman Member

    Joined:
    Jun 27, 2001
    Messages:
    6,647
    Location:
    Brisbane (nth), Australia
    Can't speak to the exact kind of system you're after. And may I suggest clarifying a bit more about who you need to give what level of access to. eg I'm guessing it's not swipe cards for the students. But do you want to be able to restrict teachers to business hours only? Janitor/security access that work after hours etc. Doors that only say.. science teachers can open?

    In any case, I'm with AzzKikr, push for an electronic system.

    What about running two systems, electronic locks for the new building (and moving forward, all new doors) and leaving the old key system there for the old building. Yes a dual system sucks in terms of managment but it's not the end of the world. Swipe cards can be as small as a 20c coin with a tail.

    But if you really do want to spend the money to retrofit the existing school you can add a mag lock and swipe card reader to almost any door. They're not very expensive and industry standard, you're not really tied to a provider for supply, service or repair. The core system would allow centralised control as well, which sounds like something you are looking for.

    This is balanced against the concern that you pay all this money for this fancy in cylinder retrofit and the company making it or the sole supplier to australia goes bust in 5 years.
     
  8. AzzKikr

    AzzKikr Member

    Joined:
    Aug 25, 2002
    Messages:
    1,078
    Location:
    .au
    Curious: How would you have been able to steal the 'Domain Admin' password, if the 'Security' network and the 'Production/Data' network are running on separate VLANs?

    (This assumes the system is configured with some degree of security e.g. each port in access mode only, trunking disabled, hardcoded to a single permitted VLAN per port, and maybe port-security or dot1x enabled, etc.)

    -A.
     
  9. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    750
    Location:
    ork.sg
    You assume VLAN's are secure. :D VLAN hop. (VLAN Security whitepaper - this is old stuff, but you would not belive how prevelant poor configs are, or EOL products being still in use (or most non-Cisco gear in use too)) http://www.cisco.com/en/US/products...cts_white_paper09186a008013159f.shtml#wp39054 And you assume they have modern, patched switches with all the relevant port security options enabled and functioning, most people do not. When was the last time you upgraded all your edge switches IOS?

    Yes it would be very difficult to break VLAN's when you assume that all possible security settings are in place, but given 99.999% of the world doesn't, its generally not too hard - some don't even run seperate VLAN's...

    Though, dependant on the security system (and this is independant of sharing the network), you can just sniff some traffic, or access the management system directly and let yourself in anyway.. then I can walk up to the switch and take it with me.

    So many options, yet if they are physially seperated, options with large risk go. From an info sec. perspective, people don't want access to your building, they want access to your information, but if they can't get that a TV would be good instead.
     
    Last edited: Nov 29, 2010
  10. cbb1935

    cbb1935 Guest

    Would IP based fingerprint scanners be of interest?

    If done right the teachers can register their fingerprint and (depending on the system deployed) have that configuration pushed to every door in the school.

    Only downside would be the cost to implement, but security would be higher than prox cards/rfid tags, as it'd be single register, and easy to remove if a teacher left, or another joined.

    Control over certain doors would be fairly easy (only allowing certain prints access to certain rooms).

    So security side is high, but the cost of implementation won't be cheap.

    Facial rec is another way, but it's far too expensive unless you are talking about access to say 13 buildings, rather than doors insde those buildings.

    Another consideration to make (which is somewhat of a safety/possible OH&S issue), is that the locks SHOULD have a manual override, or be operational in the event of a power outage.
     
  11. AzzKikr

    AzzKikr Member

    Joined:
    Aug 25, 2002
    Messages:
    1,078
    Location:
    .au
    FWIW, attacks of this nature are largely negated (in Cisco-land) through the use of switchport mode access and switchport nonegotiate on all end user ports. Also mitigated through the use of an exclusive VLAN on trunk ports.

    Funnily enough, last weekend (regular maintenance weekend; we upgrade all switches during this time and have the routine down to a fine art). :)

    Just saying - I agree that separate physical networks provide better security, however I'm yet to see a successful VLAN hopping attack on a well configured network. :thumbup:

    -A.
     
  12. NeXuS

    NeXuS Member

    Joined:
    Jun 28, 2001
    Messages:
    542
    Location:
    Southern Suburbs, Melb
    May also be worth look into the Salto Access Control System, we are currently investigating it, it allows both online readers (IP based) and offline readers using HID/Mifare/iButton/etc proxy cards.

    They have a thing called virtual network, which uses proxy cards as data mediums, to update programming on the offline readers. So if a card is added to the deny list, it writes this to every card scanned at an online reader, and then when any of these cards use the offline reader, it updates the programming on the offline reader.

    Seems pretty perfect for school, especially where portable classrooms are around. No hard wiring involved for those, but install online readers in your main building or where you care about security (Hall, Theatre, Library, Computer Labs, Gym, Staff Areas & Offices, Server Room).
     
  13. driver

    driver Member

    Joined:
    Jun 28, 2001
    Messages:
    3,581
    Location:
    Brisbane
    From my experience, in all sectors of QLD schools...

    Usually Teachers only get keys to the classroom blocks/areas they teach in. Not uncommon for many teachers carry 5+ keys for the same school. Most key systems have turned in to a nightmare due to room relocations/changes over the years. Then Heads of department / middle management style positions are on the next rung with more universal keys. Then Principal/Senior Management/IT/Grounds staff/cleaners tend to get a single master key.

    When someone looses a grand master key - it's expensively bad news then because schools have zillons of doors and keys to match.
     
  14. NeXuS

    NeXuS Member

    Joined:
    Jun 28, 2001
    Messages:
    542
    Location:
    Southern Suburbs, Melb
    Yer, we have had a few complete re-keys after master keys have been lost.

    Currently we have it broken up into classroom,store,office,admin,library,hall,portable,music, and a few other one-off's with masters for it/pricpal/cleaners/facilities staff.

    It works ok, but we have issues with weekend/after school access to certain areas, for language school, hiring of the hall/gym, etc.
     
  15. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    750
    Location:
    ork.sg
    Yes, like I said:
    And before that they are always updated and configured correctly? If so well done your doing better than most places.

    Come work in my world for a while, you will see it. Do the same to VOIP systems with a phone in the foyer, or entrance way... :thumbup:

    Yes but as I said, you can't assume everyone is perfectly secure so there is no risk. The REALITY is, 99% of businesses are swiss cheese, making this threat, very real, very easy to exploit, and gives you significant gain. Thus flinging it through a 31000 process you end up with a very high risk.

    So my advice stands, don't run physical security systems on your data network - I guess unless you are really bloody good, your systems are good, and everything will always BE very good until its replaced, and what is the chances of that?
     
  16. OP
    OP
    gords

    gords Oh deer!

    Joined:
    Aug 3, 2001
    Messages:
    6,623
    Location:
    Sydney, Australia
    Thanks for all the discussion and links. The conclusion was that I contacted EKA Security and Kaba regarding the CyberLock and elolegic products, and found that they were 6- and 10-times more expensive than a regular barrel. That completely discounts any possibility of us being able to get a system like this (at this point in time, anyway).
     
  17. Disco_Stu

    Disco_Stu Member

    Joined:
    Apr 10, 2002
    Messages:
    580
    Location:
    Ipswich, Qld
    We setup/install access control systems for a few businesses big and small.

    Cons: You'll pay a fair amount to get it setup (cabling to each door, installing the strikes and lock mechanisms to replace existing).

    Pro: Lost key = 5 minutes work, compared to up to hundred or so for single door, thousands if you lose a GM.
    * Staff carry one card, not a ring of keys.
    * Don't have to worry about staff making their own copies secretly.
    * Restrict access to doors/rooms etc by time/day.
    * Can be managed by a admin staff member with a little bit of training.

    I think the savings you make are on the list of hard to quantify unfortunately.. :(
     
  18. Mikos

    Mikos Member

    Joined:
    Mar 12, 2004
    Messages:
    2,851
    Location:
    Cydonia
    Surely at the end of the day though the people using your network will be a far bigger security risk than any of these technical based attacks. I'd imagine it would be much easier to send a virus to an admin-level teacher in an email to gain access to the network, than it would be to physically gain access to a swipe card terminal and then hope they are insecure enough to be able to break their vlan setup.
     
  19. Grunner

    Grunner Member

    Joined:
    Mar 7, 2005
    Messages:
    123
    Location:
    Ringwood, VIC
    As a manager of a site that uses cyberlocks in 11 buildings, costs of locks and keys were reasonable compared to mag swipes but the cost of batteries was the hidden cost which makes the system not so attractive. If we knew what we knew now about the batteries as well as the keys quirky moments I think we would not have gone down this path.
     
  20. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    750
    Location:
    ork.sg
    I guess in that case dont worry about protecting anything else... just assume your compromised and move on? :lol:
    Do a TRA apply effort/respurces where the risk is higher.
    You do realise that swipe access is on the outside of buildings right? you just walk up to them?
     

Share This Page