Access Control By Example
Access Control by ExampleACCBYEGenIntroductory Guide
Access Control by ExampleTable of Contents en3Table of Contents1Introduction41.1The example42Materials Planning62.1Planning the doors62.2Low tier: Electrical components62.2.1Card reader technologies72.2.2Credentials technology72.2.3Wiring for non-reader components82.3Middle tier: Access Controllers82.4High tier: Hosting the software for the final system93Installation with RS-485, AMC and Access PE3.1Mounting the access controller and associated hardware103.2Installing the wiring103.2.1RS-485 bus topology for readers103.2.2RS-485 star topology for all other components10103.3Mounting the peripheral components103.4Connecting the peripheral components to the wiring113.4.1Protective diodes113.4.2Shielding data cables and avoiding ground loops123.5Connecting the AMC2 (Access Modular Controller)133.5.1Preparatory steps on PBC-60 power supply, AMC2 and computer133.5.2Connecting the peripheral components to the AMC2143.5.3Setting up the connection between AMC2 and the software174Installation with Wiegand and Access Easy Controller (AEC)194.1Mounting the access controller194.2Installing the wiring194.2.1Wiegand star topology for readers194.3Mounting the peripheral components194.4Connecting the peripheral components to the wiring204.4.1Protective diodes204.4.2Shielding data cables and avoiding ground loops214.5Connecting the AEC (Access Easy Controller)224.5.1Connecting the peripheral components to the AEC224.5.2Configuring the AEC hardware and network254.5.3Configuring the AEC software265Resources and further reading27Glossary28Index30Bosch Security SystemsIntroductory Guide 1.0 2009.10
4en Introduction1Access Control by ExampleIntroductionPurpose of this documentBased on a simple example, which nevertheless contains most of the common kinds of doorcontrol, this document provides an introduction to installing a small access control system. Itsintention is to steer beginners safely past some of the common dangers and pitfalls.Intended audienceThis document is intended for persons who will be involved, perhaps for the first time, inphysically implementing an access control system, and wish to gain a quick understanding ofthe main concepts and tasks involved.1.1The exampleDr. Jones has a small but busy medical practice in an inner-city area. In it there are five rooms:1.A waiting room with reception area and public access between the hours of 9.00 and16.00.2.A general Storeroom, opening off the reception area, where bandages, crutches, officesupplies and non-hazardous stock items are kept.3.A laboratory and secure Storeroom, opening off the reception area, where prescriptiondrugs, sharps and potentially hazardous materials are kept.4.An office opening off the reception area, where a computer and patients’ records arekept.5. 1.0 2009.10A treatment room, opening off the waiting area.Introductory GuideBosch Security Systems
Access Control by ExampleIntroduction en5The access control requirements of the rooms are as follows:Table 1.1RoomAccess for whomAccess control requirements1. Waiting Room withAnybody between 09:00 andDoor should be unlocked atreception area16:009:00, locked at 16:00 andrequires a card outside of thosehours.2. General StoreroomDoctor, lab technician,Access control to prevent theft.receptionist3. LaboratoryDoctor, lab technicianStrict access control to preventtheft and reduce danger topersons from hazardousmaterials and equipment.4. OfficeDoctor, receptionistStrict access control to preventmisuse or theft of medicalrecords and other sensitivedata.5. Treatment roomAnybody, anytime, as admittedNo access control as noby the doctor.valuables are present, andpatients are alwaysaccompanied by the doctor.Bosch Security SystemsIntroductory Guide 1.0 2009.10
6en Materials Planning2Access Control by ExampleMaterials PlanningThe following section contains a rough analysis of the requirements, and helps you to selectthe parts required in the quantities you need. It is useful to think in terms of three tiers: Theelectrical components, the access controller and the host system. These tiers are covered inmore detail below.2.1Planning the doorsFor each of the doors mentioned in Section 1.1 The example, page 4 we need to decide ingeneral what functionality is required:–The easiest case is the treatment room - it does not need to be locked and does notrequire any access control hardware.–The main entrance to the practice will be unlocked during opening hours, and require acard outside those hours. The arrival of the first member of staff at the card reader in themorning should put the door into unlocked mode for the duration of opening hours.–All the doors with card readers will require a REX (Request to EXit) unit. Its purpose is toprovide an alarm-free exit without the need for a card. A REX signal comes typically froma push button or a motion detector inside the room, or is embedded in the door’s ownhandle. Here we have decided on REX by motion detector.–All access-controlled doors will require magnetic contacts in order to trigger an alarm ifthe door is opened by force.2.2Low tier: Electrical componentsFrom these considerations we create a table of the doors and the electrical components eachrequires.RoomAccess control hardware1. Waiting Room with reception areaCard Reader, e.g. Bosch Delta 1000Electric door opener, e.g. Bosch Universal ElectricDoor OpenerREX by motion detector, e.g. Bosch DS150iMagnetic contact, e.g. Bosch ISN-C devices2. General StoreroomCard readerElectric door openerREX by motion detectorMagnetic contact3. LaboratoryCard readerElectric door openerREX by motion detectorMagnetic contact 1.0 2009.10Introductory GuideBosch Security Systems
Access Control by ExampleMaterials Planning enRoomAccess control hardware4. OfficeCard reader7Electric door openerREX by motion detectorMagnetic contactNote:This secured room, which already houses thecomputer, is the obvious place to put the accesscontroller itself.5. Treatment room2.2.1NothingCard reader technologiesCard readers differ in two important respects: scan frequency and protocol.Scan Frequency: 125kHz vs. 13.56MHzThe most common scan frequencies for readers are 125kHz and 13.56 MHz.125kHz is proven technology prevalent in the USA and in Eastern Europe. The cards andreaders tend to be lower priced.13.56 MHz is newer, more secure technology prevalent in EMEA and increasingly in APACcountries. Hardware is currently priced somewhat higher.RS-485 vs Wiegand:Decide early whether to use Wiegand or RS-485 technology for the readers; each has its ownadvantages and disadvantages. Maximum cable length and wiring topology are different, asthe following table shows.RS-485 ReadersWiegand ReadersWiring topologybus, (“chain”)starMaximum cable length1200m100mNumber of wires needed410for the reader(The slightly lower cost ofWiegand readers is offset byhigher wiring costs andpotential for wiring errors).2.2.2Credentials technologyDecide on the credentials technology you wish to use. For Wiegand readers the choiceincludes e.g. iCLASS (3.56MHz) and EM (125kHz) cards. For RS-485 readers there is a widechoice: MIFARE, HITEC or LEGIC. These credentials types are available in different physicalformats: Most common are the classic credit-card sized identity cards, and the smaller tokensBosch Security SystemsIntroductory Guide 1.0 2009.10
8en Materials PlanningAccess Control by Exampleand key fobs which usually carry no printed personal information.2.2.3Wiring for non-reader componentsDepending on its manufacturer and model, each of these electrical components will require acertain number of wires to control its operation. Typical values for number of wires percomponent can be found in the table below.Electrical componentTypicalNotes/explanationnumber ofwiresDoor opener2Power onlyMagnetic contact22 wires for power, but often extra wires fortamper detectionREX with push button2E.g. so that the receptionist can open the mainentrance from her desk.REX with motion6detectorHighly variable depending on manufacturer: 2wires for power, 2 to the magnetic contactsBurglar alarm4(not used in this example)Emergency exit4(not used in this example)If you know the total number of wires a door (with all its electrical components) requires, andif you have access to the site during the building phase, then you can influence the kinds ofcable which are laid to the doors.Cables differ both in the number and the thickness of their wires (also known as “cores”). Fordistances under 25m, as in our example; a wire thickness of AWG18 or 1mm² will besufficient. For longer distances and stronger currents correspondingly thicker wires will berequired. The AMC2 tolerates a maximum 2V drop from AMC to the devices. Voltage drop iscalculated by electricians according to standard formulae.It is advisable to use a spreadsheet to track the sum and thickness of wires required per door.NOTICE! Remember, although RS-485 readers can be wired together in a bus topology, othercomponents are wired to the controller directly, i.e. in a star topology.Although some RS-485 readers do provide limited connections for REX and/or magneticcontacts, we do not use that specialized functionality in this example.2.3Middle tier: Access ControllersAn access controller is an electronic device which handles input and output signals from andto the peripheral components (readers, door controllers, REX units, magnetic contacts etc). Itis an interface through which the access control software communicates with thesecomponents, but the controller is able to handle some signal events on its own if ittemporarily loses its connection to the software.Examples are the Access Modular Controller AMC2 and the Access Easy Controller fromBosch Security Systems. The Access Easy Controller is controller hardware with a residentaccess control application. The AMC2 is software/host/reader neutral and provides variants tohandle either RS-485 or Wiegand readers. 1.0 2009.10Introductory GuideBosch Security Systems
Access Control by Example2.4Materials Planning en9High tier: Hosting the software for the final systemBosch offers a wide range of software products for configuring access control systems,depending on the size of the installation. For our small example one of two products would besuitable:–Access Professional Edition: (Access PE)This product installs on a standard PC. It controls doors via hardware modules calledAccess Modular Controllers (e.g. the AMC2 4R4).–Access Easy Controller: (AEC)The access control software is resident on the door controller itself (i.e. middle and hightiers are combined) and is operated over the network from a standard PC. It uses a webbrowser for its user interface.For the sake of example the following chapters describe two typical combinations:–RS-485 technology, AMC2 controller and Access Professional Edition software–Wiegand technology with Access Easy Controller hardware and softwareNote: An installation of Access PE / AMC2 with Wiegand technology (a combination notcovered in detail in this document) would proceed similarly to the Access PE chapter, butwith each of the 4 readers connected directly to the access controller rather than “daisychained” to other readers. A suitable AMC2 variant would be the AMC2 4W.NOTICE! The combination Access PE & AMC2 supports both RS-485 and Wiegand readertechnology through deployment of corresponding variants of the AMC2 controller (e.g. AMC24R4 and AMC2 4W).AEC supports only Wiegand.Bosch Security SystemsIntroductory Guide 1.0 2009.10
10en Installation with RS-485, AMC and Access PE3Access Control by ExampleInstallation with RS-485, AMC and Access PEThis chapter describes the installation of our example access control system using RS-485communication to the readers, an AMC2 as access controller hardware and AccessProfessional Edition as the configuration software. We will assume that all the componentsdecided upon in Section 2.2 Low tier: Electrical components, page 6 have been ordered fromand delivered by the hardware vendor of your choice. The installation is basically a 6 stageprocess:1.3.1Mounting the access controller and associated hardware, see 3.12.Installing the wiring, see 3.23.Mounting the peripheral components, see 3.34.Connecting the peripheral components to the wiring, see 3.45.Connecting the AMC to the wiring from the peripheral components, see 3.5.26.Connecting the AMC to the computer and configuring the software, see 3.5.3Mounting the access controller and associated hardwareThe obvious room in which to locate the access controller, the power supply and theconfiguration PC is the office. In it the hardware and software will be protected fromunauthorized access. The office is also situated centrally with regard to the doors. Thecontrollers should be housed in a lockable metal enclosure or cabinet for extra security. Theenclosure should also contain a battery to provide an uninterruptible power supply (UPS).3.2Installing the wiringLay the cables decided upon in Section 2.2.3 Wiring for non-reader components, page 8 fromthe office to the respective doors. Aesthetically it is always preferable to hide cabling beneathfloors, above ceilings or underneath wall plaster, but this is not always practical. Note junction boxes are commonly used near doors; we leave them out of this example only for thesake of simplicity.Make sure that cables carrying data (e.g. from the reader) are shielded, see 3.4.2Make sure that there is enough length to reach both components above the door (e.g. REXwith motion detector, magnetic contacts) and components at handle height (e.g. reader, dooropener).3.2.1RS-485 bus topology for readersReaders in an RS-485 environment are connected in a bus topology, i.e. a reader is eitherconnected directly to the controller and to the next reader, or it is connected to the previousand possibly the next reader as part of a chain with a maximum length of 4 readers. SeeSection 2.2.1 Card reader technologies, page 7.With readers it is very important to follow the manufacturer’s instructions as regardsgrounding (earthing) the device and its cable shielding. See also Section Figure 3.3Avoidinga ground loop, page 123.2.2RS-485 star topology for all other componentsEvery other component in an RS-485 environment is connected directly to its respectivecontroller in a star topology.3.3Mounting the peripheral componentsElectrical components must always be mounted (i.e. attached to walls, racks, doors and doorframes) as per the manufacturer’s instructions. 1.0 2009.10Introductory GuideBosch Security Systems
Access Control by ExampleInstallation with RS-485, AMC and Access PE en11The following illustration shows typical locations of electrical components with respect to adoor. Note that the access controller (5) should always be in a secured area to preventtampering, preferably in a locked cabinet which has space for the power supply and backupbattery to ensure an uninterruptible power supply.Door from the outsideSame door from the inside1: Door opener - 2 wires3: Magnetic contact - 2 wires2: Reader - 4 wires4: REX with motion detector - 2 wires5: Access controller. NOTE: This should not be near the doors themselves, but shouldalways be located in a secured area (here represented by the cloud).3.4Connecting the peripheral components to the wiringElectrical components must always be connected as per the manufacturer’s instructions.Nevertheless there are certain basic rules and pitfalls which should be well understood byevery installer of access control devices. Please read the following sections carefully.3.4.1Protective diodesA door opener typically locks or unlocks a door by means of a magnet which is subjected to anelectric current. When this power is switched off a high voltage is induced in the magneticcoil, which needs to be dissipated to prevent damage to other components. This is generallydone by means of a protective diode.CAUTION!If the door opener (or other magnetic component, e.g. a door holding magnet) does not havean inbuilt protective diode, be sure to connect such a diode electrically in parallel with it. Seeillustration below. Section Figure 3.2Position of the protective diode, page 12. Installprotective diodes wherever excess voltage can be induced by magnetic fields. Suitable diodesare generally included in the hardware delivery.Bosch Security SystemsIntroductory Guide 1.0 2009.10
12en Installation with RS-485, AMC and Access PEFigure 3.13.4.2A diodeAccess Control by ExampleFigure 3.2 Position of the protective diode(Note theKey: 1: Door opener, 1A: Protective diode, 5: Access controllercolored ring)The colored ring corresponds to the crossbar in the diode symbol.Shielding data cables and avoiding ground loopsCables with cores that carry data have a conducting wrapper, accompanied by a nakedgrounding wire, between the cores and the outer plastic casing. When the naked wire isgrounded properly this wrapper “shields” the cores from electrical interference. Withoutshielding, the integrity of the data signals is threatened.A common installation error (particularly in cases where the reader-end and the controller-endof the cable are handled by different persons) is to ground the shielding at both ends. If thetwo grounds are not of identical potential, there is a possibility of current flow through theshielding, which can disrupt the signals in unpredictable ways, cause malfunctions in theaccess control hardware and even masquerade as software errors. This phenomenon isknown as a ground loop.Figure 3.3 Avoiding a ground loop5: Access controller6: Shielding around cable2: ReaderCAUTION!To avoid ground loops, be sure to ground cable shields only ONCE.CAUTION!Follow carefully the grounding instructions for the reader and other sensitive components.Failure to ground components correctly can result in damage to those components and tomalfunction of the access control hardware, which can masquerade as a software error. 1.0 2009.10Introductory GuideBosch Security Systems
Access Control by Example3.5Installation with RS-485, AMC and Access PE en13Connecting the AMC2 (Access Modular Controller)The following is an illustration of a typical AMC2. Here the AMC2 4W.Figure 3.4 An AMC2 access controllerR: Reader connectionsP: Pluggable screw terminalsL: LC DisplaySpace restrictions do not permit a detailed treatment of the AMC2 controller hardware, ofwhich there are several variants. Always consult the installation guide of the controller you areusing. For our example we have chosen the AMC2 4R4. The relevant installation guide, alongwith all the other documentation referenced below, is available in PDF format from the BoschSecurity Systems internet site, see Section 5 Resources and further reading, page 27As we only need to control 4 doors, one AMC2 device will be sufficient. For connection to theaccess control software we will use an ethernet crossover cable aka “null modem”(alternatively you could use normal ethernet cables and place a hub or a “switch” betweencomputer and access controller). Other possibilities for the software connection are RS232(serial) and RS-485 bus). For the power supply we will use the standard Bosch PBC-60 whichalso charges the UPS backup battery.3.5.1Preparatory steps on PBC-60 power supply, AMC2 and computerStepWhereStep descriptionIllustrations / Referenceno.1PBCMake sure the PBC-60 is not plugged in (underPBC-60 Datasheet.power), then use the switch on the side of the PBC-60to set which voltage is to be fed to the AMC2. In ourexample we require only 12V for a simple door opener.Certain peripheral devices, especially some readers2PBCand powerful door openers, require 24V.Connect the battery temperature sensor to the RTHPBC-60 Datasheet.socket, even if no UPS battery is being used. If abattery is used then sensing end should be placed near3AMCthe battery. This sensor is supplied with the PBC-60Remov
Access control to prevent theft. 3. Laboratory Doctor, lab technician Strict access control to prevent theft and reduce danger to persons from hazardous materials and equipment. 4. Office Doctor, receptionist Strict access control to prevent misuse or theft of medical records and other sensit
Access control software is applicable for access control machines of various modes. It can connect a number of access control machines . Click menu: access control management- equipment management. Shortcut key F2 11. Access Control Software Manual 3. Click "add device",a window will appear, as shown in the
Using Access Control Lists 107 Access Masks 108 Access Lists 108 Rate Limits 109 How Access Control Lists Work 109 Access Mask Precedence Numbers 110 Specifying a Default Rule 110 The permit-established Keyword 111 Adding Access Mask, Access List, and Rate Limit Entries 111 Deleting Access Mask, Access List, and Rate Limit Entries 112
conflict-of-interest factors. At a high level, access control policies are enforced through a mechanism that translates a user’s access request, often in terms of a structure that a system provides. An access control list is a familiar example of an access control mechanism. Access
Install the access control software by following the installation wizard. 3. Switch over the database. If the MS Access database is used, no operation is required, and the software . Access Control Device Management Return to Table of Contents After startup, the access control software can manage all access control devices. The initial window .
Aug 16, 2017 · Factoring out GCF and by Grouping[In Class Version][Algebra 1].notebook 1 September 17, 2017 Sep 17 4:14 PM Homework Assignment The following examples have to be copied for next class Example 1 Example 2 Example 3 Example 4 Example 5 Example 6 Example 10 Example 12 Example 9
The access points within a mesh network operate in one of the following two ways: 1. Root access point (RAP) 2. Mesh access point (MAP) Note All access points are configured and shipped as mesh access points. To use an access point as a root access point, you must reconfigure the mesh access point to a root access point. In all mesh networks,
Access Control Wireless Access Control Video Door Entry Our networked access control system, Net2, is administered using one or more PCs and can be monitored and managed from a central location. The Net2 PaxLock and PaxLock Pro are wireless networked access control solutions in a door handle. They communicate wirelessly to the server
Summit24e3 Switch Installation and User Guide Contents - 7 Access Mask Precedence Numbers 94 Specifying a Default Rule 94 The permit-established Keyword 95 Adding Access Mask, Access List, and Rate Limit Entries 95 Deleting Access Mask, Access List, and Rate Limit Entries 96 Verifying Access Control List Configurations 96 Access Control List .
