What is a Physical Access Control System?

Physical access control systems are a type of physical security intended to restrict or enable access to a specific area or building. Often, PACS are installed to secure businesses and property from vandalism, theft, and trespassing, and are particularly useful in facilities that needed larger levels of security and protection.

Access controls protect against imprudent access of equipment, data documents, and software. It can restrict physical access, a security system should be able to differentiate between authorized and unauthorized individuals. Physical access can be restricted using three general techniques.

Identification − Identification based on comparing the physical traits of the individual with previously accumulated data. An individual‘s signature, personnel number, code, voice print, palm print, fingerprint, teeth print, or other personal features can be tested before permitting access. Secondary authentication such as the user‘s place of birth, can be needed for largely sensitive information.

User‘s Name and Passwords − Passwords based on some memorized combination of letters or numbers. There must be no logic to the password, therefore it cannot be easily presumed. Individuals are authorized based on what they understand.Passwords should be changed within a constant period of time. Inactive passwords (like more than 4 months old) should be deleted.

Passwords should be changed and confidential information taken from terminated employees. If a user alters a password, controls should appear to provide the user does not create the old password. Passwords should not be shared. Access control software can be used to have a minimum password time period in which a new password cannot be changed or a new password comparing an old one will be not authorized.

Cards/Keys − Access can also be limited by the use of cards, keys, or badges and individuals are authorized based on what they own. Improper use can be signalled by an alarm, and unauthorized access patterns should be tested.

A smart card, which is a small electronic device concerning the size of a credit card that contains computer memory, can be used in which the user enters both the identification number and a random generated code which changes each time the card is used or over a definite time period.

Smart cards are used for a multiple purposes, such as accumulating a patient‘s medical data, accumulating electronic cash, and generating network IDs (identical to a token)

Physical controls contains having a librarian keep a log. A lockout should occur with repeated faults. Logs should automatically be kept of the ID number, time of access, and function implemented. Moreover, data dictionary software provides an automated log of access to software and file data. Intrusion detection devices such as cameras and motion detectors should be accessed to detect sensitive and highrisk areas against permitted individuals.