Group items tagged

Geographical access control may be enforced by personnel (e.g., border guard, bouncer, ticket checker)

n alternative of access control in the strict sense (physically controlling access itself) is a system of checking authorized presence, see e.g. Ticket controller (transportation). A variant is exit control, e.g. of a shop (checkout) or a country

access control refers to the practice of restricting entrance to a property, a building, or a room to authorized persons

can be achieved by a human (a guard, bouncer, or receptionist), through mechanical means such as locks and keys, or through technological means such as access control systems like the mantrap.

Physical access control is a matter of who, where, and when

Historically, this was partially accomplished through keys and locks. When a door is locked, only someone with a key can enter through the door, depending on how the lock is configured. Mechanical locks and keys do not allow restriction of the key holder to specific times or dates. Mechanical locks and keys do not provide records of the key used on any specific door, and the keys can be easily copied or transferred to an unauthorized person. When a mechanical key is lost or the key holder is no longer authorized to use the protected area, the locks must be re-keyed.[citation needed] Electronic access control uses computers to solve the limitations of mechanical locks and keys. A wide range of credentials can be used to replace mechanical keys. The electronic access control system grants access based on the credential presented. When access is granted, the door is unlocked for a predetermined time and the transaction is recorded. When access is refused, the door remains locked and the attempted access is recorded. The system will also monitor the door and alarm if the door is forced open or held open too long after being unlocked

Credential

Access control system operation

The above description illustrates a single factor transaction. Credentials can be passed around, thus subverting the access control list. For example, Alice has access rights to the server room, but Bob does not. Alice either gives Bob her credential, or Bob takes it; he now has access to the server room. To prevent this, two-factor authentication can be used. In a two factor transaction, the presented credential and a second factor are needed for access to be granted; another factor can be a PIN, a second credential, operator intervention, or a biometric input

There are three types (factors) of authenticating information:[2] something the user knows, e.g. a password, pass-phrase or PIN something the user has, such as smart card or a key fob something the user is, such as fingerprint, verified by biometric measurement

Passwords are a common means of verifying a user's identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, whereby another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios

When a credential is presented to a reader, the reader sends the credential’s information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked.

A credential is a physical/tangible object, a piece of knowledge, or a facet of a person's physical being, that enables an individual access to a given physical facility or computer-based information system. Typically, credentials can be something a person knows (such as a number or PIN), something they have (such as an access badge), something they are (such as a biometric feature) or some combination of these items. This is known as multi-factor authentication. The typical credential is an access card or key-fob, and newer software can also turn users' smartphones into access devices.

An access control point, which can be a door, turnstile, parking gate, elevator, or other physical barrier, where granting access can be electronically controlled. Typically, the access point is a door. An electronic access control door can contain several elements. At its most basic, there is a stand-alone electric lock. The lock is unlocked by an operator with a switch. To automate this, operator intervention is replaced by a reader. The reader could be a keypad where a code is entered, it could be a card reader, or it could be a biometric reader. Readers do not usually make an access decision, but send a card number to an access control panel that verifies the number against an access list

monitor the door position

Generally only entry is controlled, and exit is uncontrolled. In cases where exit is also controlled, a second reader is used on the opposite side of the door. In cases where exit is not controlled, free exit, a device called a request-to-exit (REX) is used. Request-to-exit devices can be a push-button or a motion detector. When the button is pushed, or the motion detector detects motion at the door, the door alarm is temporarily ignored while the door is opened. Exiting a door without having to electrically unlock the door is called mechanical free egress. This is an important safety feature. In cases where the lock must be electrically unlocked on exit, the request-to-exit device also unlocks the doo

Access control topology

Access control decisions are made by comparing the credential to an access control list. This look-up can be done by a host or server, by an access control panel, or by a reader. The development of access control systems has seen a steady push of the look-up out from a central host to the edge of the system, or the reader. The predominant topology circa 2009 is hub and spoke with a control panel as the hub, and the readers as the spokes. The look-up and control functions are by the control panel. The spokes communicate through a serial connection; usually RS-485. Some manufactures are pushing the decision making to the edge by placing a controller at the door. The controllers are IP enabled, and connect to a host and database using standard networks

Access control readers may be classified by the functions they are able to perform

and forward it to a control panel.

Basic (non-intelligent) readers: simply read

Semi-intelligent readers: have all inputs and outputs necessary to control door hardware (lock, door contact, exit button), but do not make any access decisions. When a user presents a card or enters a PIN, the reader sends information to the main controller, and waits for its response. If the connection to the main controller is interrupted, such readers stop working, or function in a degraded mode. Usually semi-intelligent readers are connected to a control panel via an RS-485 bus.

Intelligent readers: have all inputs and outputs necessary to control door hardware; they also have memory and processing power necessary to make access decisions independently. Like semi-intelligent readers, they are connected to a control panel via an RS-485 bus. The control panel sends configuration updates, and retrieves events from the readers.

Systems with IP readers usually do not have traditional control panels, and readers communicate directly to a PC that acts as a host

a built in webservice to make it user friendly

Some readers may have additional features such as an LCD and function buttons for data collection purposes (i.e. clock-in/clock-out events for attendance reports), camera/speaker/microphone for intercom, and smart card read/write support

At the heart of Movenbank is a concept call CRED.

The difference today is our ability to capture data from across an array of digital services. With every trade we make, comment we leave, person we "friend", spammer we flag or badge we earn, we leave a trail of how well we can or can't be trusted.

An aggregated online reputation having a real-world value holds enormous potential

peer-to-peer marketplaces, where a high degree of trust is required between strangers; and where a traditional approach based on disjointed information sources is currently inefficient, such as recruiting.

opportunity to reinvent the way people found jobs through online reputation

"It's not about your credit, but your credibility," King says.

But this wealth of data raises an important question -- who owns our reputation? Shouldn't our hard-earned online status be portable? If you're a SuperHost on Airbnb, shouldn't you be able to use that reputation to, say, get a loan, or start selling on Etsy?

"People are currently underusing their networks and reputation," King says. "I want to help people to understand and build their influence and reputation, and think of it as capital they can put to good use."

Social scientists have long been trying to quantify the value of reputation.

Using functional magnetic resonance imaging, the researchers monitored brain activity

"The implication of our study is that different types of reward are coded by the same currency system." In other words, our brains neurologically compute personal reputation to be as valuable as money.

Personal reputation has been a means of making socioeconomic decisions for thousands of years. The difference today is that network technologies are digitally enabling the trust we used to experience face-to-face -- meaning that interactions and exchanges are taking place between total strangers.

Trust and reputation become acutely important in peer-to-peer marketplaces such as WhipCar and Airbnb, where members are taking a risk renting out their cars or their homes.

When you are trading peer-to-peer, you can't count on traditional credit scores. A different measurement is needed. Reputation fills this gap because it's the ultimate output of how much a community trusts you.

Welcome to the reputation economy, where your online history becomes more powerful than your credit history.

Presently, reputation data doesn't transfer between verticals.

A wave of startups, including Connect.Me, TrustCloud, TrustRank, Legit and WhyTrusted, are trying to solve this problem by designing systems that correlate reputation data. By building a system based on "reputation API" -- a combination of a user's activity, ratings and reviews across sites -- Legit is working to build a service that gives users a score from zero to 100. In trying to create a universal metric for a person's trustworthiness, they are trying to "become the credit system of the sharing economy", says Jeremy Barton, the 27-year-old San Francisco-based cofounder of Legit.

His company, and other reputation ventures, face some big challenges if they are to become, effectively, the PayPal of trust. The most obvious is coming up with algorithms that can't be easily gamed or polluted by trolls. And then there's the critical hurdle of convincing online marketplaces not just to open up their reputation vaults, but create a standardised format for how they frame and collect reputation data. "We think companies will share reputation data for the same reasons banks give credit data to credit bureaux," says Rob Boyle, Legit cofounder and CTO. "It is beneficial for one company to give up their slice of reputation data if in return they get access to the bigger picture: aggregated data from other companies."

PeerIndex, Kred and Klout,

are measuring social influence, not reputation. "Influence measures your ability to drag someone into action,"

"Reputation is an indicator of whether a person is good or bad and, ultimately, are they trustworthy?"

Early influence and reputation aggregators will undoubtedly learn by trial and error -- but they will also face the significant challenge of pioneering the use of reputation data in a responsible way. And there's a challenge beyond that: reputation is largely contextual, so it's tricky to transport it to other situations.

Many of the ventures starting to make strides in the reputation economy are measuring different dimensions of reputation.

reputation is a measure of knowledge

a measure of trust

a measure of propensity to pay

measure of influence

Reputation capital is not about combining a selection of different measures into a single number -- people are too nuanced and complex to be distilled into single digits or binary ratings.

It's the culmination of many layers of reputation you build in different places that genuinely reflect who you are as a person and figuring out exactly how that carries value in a variety of contexts.

The most basic level is verification of your true identity

reliability and helpfulness

do what we say we are going to do

respect another person's property

trusted to pay on time

we will be able to perform a Google- or Facebook-like search and see a picture of a person's behaviour in many different contexts, over a length of time. Slivers of data that have until now lived in secluded isolation online will be available in one place. Answers on Quora, reviews on TripAdvisor, comments on Amazon, feedback on Airbnb, videos posted on YouTube, social groups joined, or presentations on SlideShare; as well as a history and real-time stream of who has trusted you, when, where and why. The whole package will come together in your personal reputation dashboard, painting a comprehensive, definitive picture of your intentions, capabilities and values.

idea of global reputation

By the end of the decade, a good online reputation could be the most valuable currency in your possession.