Access-control systems have been marketed to education institutions for more than 20 years. Prior to the early 1970s, the burglar-alarm industry was maturing and was offering basically two products--digital electronic locks and early versions of barium ferrite cards. These forerunners of today's sophisticated product offerings dominated the field. Then, advancements in access-control technology began accelerating in the late 1980s and 1990s.
These advancements have led many colleges and universities to install state-of-the-art access-control systems that provide everything from entry to a residence hall to the ability to make purchases off-campus. Yet, these advancements also have led to an endless array of questions that must be answered before an educated purchase can be made.
Philosophies of campus automaton Varied users and uses demand a multipurpose identification card with a common, yet individually unique, medium for communicating with varied databases and access devices.
The market has produced two diametrically opposed philosophies. The "closed architecture," where a single vendor provides all services from a single centralized system, and the "open architecture," where multiple vendors provide distinct services within their own field of expertise, and all systems connect and communicate over a single campus platform--the ID card.
With closed architecture, a single vendor simultaneously serves the needs of dining, security, library, vending, banking, telephone, etc. Open architecture allows for many vendors to serve the needs of each entity, as well as their individual service missions and system requirements.
Today, open systems are the norm. They offer in-depth expertise to distinct campus constituencies, flexibility in vendor replacement, and compliance with purchasing requirements for competitive bidding. These systems are designed to support the strong but distinct campus constituencies, such as security, food service, housing, business operations, registrar, enrollment services, accounting and others. However, often there can be problems interfacing databases across campus, so that if a card is deleted for one purpose, it is instantaneously deleted in every database.
Benefits of automation Students are used to being able to use credit cards and debit cards to make purchases. They can bank at all hours using a card; they can purchase gas with a card without ever going inside the station. At college, students expect the same kind of convenience on campus; thus leading administrators to install card-access systems.
In addition to convenience, there are other advantages, including: *Increased security awareness and motivation by students to safeguard their cards since the card provides multiple services including building access, dining and vending. *Access cards facilitate direct ADA compliance for handicapped students and staff without costly hardware redesign for handicapped-designated doors. *Costs are contained for emergency rekeying and recoring when keys are lost or misplaced. *Man-hours required to manually lock and unlock various campus buildings each day drastically are reduced, as well as the labor associated with key production, management and distribution.
In addition to these advantages over a mechanical key system, an access-control system provides improved response to the safety concerns of students, faculty and staff, and provides a proactive policy on campus that parents will appreciate.
Beyond these specific security benefits, a host of other service enhancements are possible, including: *Identification of employees. *Controlled access to labs and supply rooms. *Identification of alumni. *Controlled access to buildings. *Controlled access to residence halls. *Access to athletic events and facilities. *Access to conference functions. *Identification for alcohol-related events. *Identification of subcontractors. *Parking enforcement. *Controlled access to grades/records.
The first questions Once the decision is made to purchase a card-access system, administrators usually are confronted with similar concerns in regards to implementation, including: *Will the perceived benefits of an enhanced, integrated security system be realized? *What are the initial installation costs and ongoing operating costs? *What level of effort and staffing will be required to support large-scale implementation? *Are the benefits provided worth the cost and effort required to implement and manage them? *What procedural systems must be put in place to effectively manage a large-scale electronic access and security system? *Can the system be adapted to fit the culture of the college or university? *What are the limitations? *What features, capabilities and capacities will be required in a campuswide access and security system?
Many of the above issues will be operational in nature, such as: *What is the scope and objective of this project? *What are the budget estimates? *What is the impact on the campus atmosphere and spirit under security automation? *Which are the most appropriate technical specifications for this campuswide system? *Which is the most appropriate implementation strategy?
Answering these questions is one of the first steps in choosing and implementing a system. Talk with manufacturers, consultants and other users to determine the answers.
Criteria for technology selection The college must also determine the technology the system will use. The selection process usually is based on the following: *Purchasing hardware and software from nationally recognized manufacturers with off-the-shelf tested technologies. Be wary of custom or proprietary software restrictions. *The system should allow 100-percent expandability to accommodate future expansion without additional hardware or software. *The system should have a high degree of compatibility and connectivity with other institution-based databases and hardware platforms to accommodate direct electronic transfers of security access-control codes and interface with potential future applications. *The system should comply with the technical capacity minimum profile and functional capability minimum profile, as outlined in the bid document. *The software package should comply with the minimum operational options, minimum program features, minimum report requirements and minimum command configuration capabilities, as outlined in the bid document. *The system should exhibit the best technical features, speed and flexibility possible to satisfy and accommodate at least 10 years of operation without substantial need for upgrades. Scheduled software edition upgrades should be part of the package. *The system should meet as many of the UL, FM, FCC and NFPA code requirements as possible.
A typical system When putting together a package, consider the elements of typical card technologies and ID-card specifications. Most systems are based on a non-embossed plastic photo card with two magnetic stripes. There should be one ABA-standard (American Banking Association) magnetic stripe to be used for financial processing, self-inquiry terminals, access control, etc., and one magnetic stripe for small-transaction operations such as making copies, accessing laundry facilities and purchasing food.
In addition, most cards must fit the following requirements: *Banking standards as defined by the International Standards Organization (ISO) specifications 7810, 7811/2, 781 1-4 and 7813, and the American Banking Association for credit/debit cards. *Be made of CR80 30 mil PVC/PET plastic. *Have the UV security seal printed on the front of the card.
Most cards feature a standard format with the design layout of the front, provided by the college, featuring a digitized color photo, logo, name, ID number, status, date issued and a library bar code. The back usually includes an off-line vending stripe, the ABA two-track encoded magnetic stripe, a signature block, calling-card information and options to add banking information.
The ABA magnetic stripe is a .8 cm-wide, high-coercivity stripe encoded at the time of card creation. Data for encoding on track 1 and track 2 comes from the campus databank file without modification. The system should be capable of downloading this information from the campus computer to the photo ID computer. The cashless magnetic stripe--sometimes a smart chip--has a single-track, high-coercivity stripe for cashless transaction processing. These cashless transactions will be treated as sales, not cash advances. This stripe is .03 cm wide and will be written to by approved point-of-sale devices.
The system's backbone Another important aspect of card-access systems is placement of the card readers. A typical design requires placement at the main points of entry to buildings and designated high-security interior doors. Fire exits should be equipped with door contacts and/or micro switches and request-to-exit devices that detect propped-open conditions or forced entries. While access to many residence halls is through card access, it is still cost effective to use regular keys or combination mechanical locks to gain entry to individual rooms.
The system head-end houses the security database and is located within a secured facility. Individual terminals for database management will need to be installed in participating locations. Student database information should be downloaded from the main university database to the participating computer on either a batch or on-line configuration. Existing keying policies should be retained as emergency key-override policies. Thus, police and support personnel can access all entries and are issued keys for emergency-access system overrides.
The typical system is set up where cards reported as lost or stolen will not allow the user access and will send a silent alarm back to the system.