Today's access control products have evolved from a single product to the entire system. For access control, people call it more systems. Access control devices, access control card readers, proximity cards, access control software, and other devices are built into a complete set of access control systems to maximize safety performance.
First, the status of access control
The limitations of RS485 communication methods in terms of number of nodes, transmission distance, and communication speed limit its application, especially the application of large-scale access control systems. The access control system based on TCP/IP network communication has the advantages of no-node limitation, wide coverage area, fast communication speed, and small interference, and it is fully ahead of the RS485 bus system, which naturally will be favored by many users.
At present, some access control systems using external or built-in network converters on the market are actually using RS485 to TCP/IP intermediate devices, which are not true network access control. The access controller used in the true sense of the network access control is generally implemented by a 32-bit ARM7/9 microprocessor.
The access control system adopting the full TCP/IP method can make full use of the established network resources. The amount of new wiring works is small. It can be used across regions without distance limitation, and information transmission and storage capacity can be greatly improved. However, if the project does not have a network, the special installation of the network will increase the cost of the initial investment. At present, it is mainly used in large-scale systems with more than 100 doors.
Another aspect of access control system technology development is the integration of access control systems and other building intelligent systems, mainly integrated video surveillance systems, intrusion alarm systems, perimeter detection systems, fire alarm systems, and building automation systems. This combination provides Effective structure to enhance each other's systems complement each other. For example, once there is an event that triggers an alarm, it will send a signal to the video surveillance system to provide real-time recording of the incident scene, and the linked access control system will block the corresponding access control channel.
Second, security access network technology issues
1. Networking and security
At present, there are two networking methods for network access control systems. One is the access control system based on RS485 bus networking. The other is the "IP network access control" of the network access control system. The "IP network access control" refers to the access control system of the access control controller and the access control server using the TCP/IP protocol.
In the past, most of us were concerned about the reliability of access control systems. At present, the security of access control systems has received more and more attention. In particular, the security requirements for access control systems of certain countries' confidential departments and confidential departments are even higher.
Compared with the traditional access control system based on 485 bus network, the advantages of IP network access control are mainly reflected in: (1) greatly improve the system response speed, for more than 100 access control points above the access control system, especially for video linkage requirements occasions, Should be preferred; (2) improve system reliability, RS485 twisted pair bus technology is mature, easy to use, but poor anti-jamming performance; (3) improve system scalability, IP architecture is more suitable for standardization of the system expansion, and off-site It is the best choice for networking users. (4) Improve the maintainability of the system. IP network access control facilitates remote diagnosis and maintenance. Compared with the traditional access control system based on the 485 bus network, the IP network access controller should be higher than the RS485 access controller.
For the network security of the two networking systems, any kind of network communication is subject to the risk of being intercepted or modified by a third party. The RS485 bus communication technology is simpler than the IP network access control using TCP/IP protocol networking. "Easier to be attacked.
The TCP/IP protocol is the most widely used network communication protocol and has powerful communication capabilities. However, TCP/IP protocol packets are easily monitored and intercepted by dedicated software during the transmission process. The TCP/IP protocol in the network is easily communicated by third parties. Eavesdropping or modification.
The main danger of this kind of threat is that the access authority in the access control system and the administrator's user information and password are easily intercepted. The most terrible danger is the possibility of legal communications being modified, the modified information being used for illegal access, and even blocking the interception of real-time alarm events, etc. will cause incalculable losses to the customer's security.
TCP/IP communication packets are intercepted and executed in many ways. Changing the direction of the message causes the hosts on the network to change the address of the packets they send during the network session.
A saboteur interested in truncating a conversation may use one method to set up relays. A relay failure can occur anywhere in the network, even at a distance from the client system. The relay machine can adjust traffic in real time or record packets for later analysis. The relay machine can also change the content of the transmitted communication.
The method of obtaining the communication content only requires the use of a passive packet monitor (often referred to as a "packet sampler"). The packet sampler can provide the logged network information to the deliberately destructive system security in a relay-broken manner.
Currently, 99% of the TCP/IP access control systems used in large-scale projects such as subways, banks, unattended equipment rooms, telecommunication power, military, and national government agencies have no network-level anti-intrusion security mechanisms. Since customers do not understand the potential risk of being hacked at any time, once attacked will directly threaten the normal operation of the customer; it will even result in major loss of personnel and property, so solving the security problem of TCP/IP access control system becomes anxious The problem to be solved.
2. Application of Network Security Technology in Access Control System
At present, in order to ensure the security of data and communications for access control systems, the main network security technologies used are: security cryptography, counterfeit card protection, device authentication, intrusion detection, data transmission encryption, data storage, backup, and disaster recovery technologies. Wait. The following lists the application of several common network security technologies in ensuring access control systems.
Borrow VPN Network Channel Method
Using this method of Figure 1, the threat of illegal computer attacks outside the VPN tunnel is resolved. The disadvantage is that there is also the possibility of illegal computer attacks from inside the VPN tunnel.
Using the method shown in Figure 2 for each controller with an independent VPN device, the advantage is that each device in the system has an independent security channel, effectively solving the threat of internal and external computer attacks. The disadvantages are very high investment costs and high maintenance costs.
High-security encryption technology of the network door vegetable equipment
Such as Siemens company's SIPASS access control system, this type of product communication service uses SSL encryption technology, communication service software and management of customer full and controller communication between all through SSL encryption, decryption, authentication and other strict security detection mechanism To be done.
At present, online banking security encryption uses SSL encryption technology. The comprehensive system security mechanism in this kind of access control system products ensures the security of customers in complex network environments. It is characterized by satisfying customers' high security of the entire system. The requirements are relatively cost-saving, and can also significantly save on subsequent use and maintenance costs. This is a very valuable option.
Third, the access control system and other systems of interactive sharing
With the rapid development of digital networking and intelligent building technologies, the integration of access control systems with other systems will become even closer, and the scope will become wider and wider, infiltrating into all areas of society and playing an increasingly important role. In addition to access control, attendance, documents, patrolling, dining, consumption, fitness, medical care, parking, book information, meeting attendance, visitor management, elevator control management, office equipment management, club entertainment, three watches and property payment, etc. Also with other intelligent systems necessary integration and linkage, such as anti-theft alarm, closed-circuit monitoring, fire alarm, and even building automation systems.
In addition, the system will also make data interfaces with systems such as ERP, such as attendance and payroll, personnel management, and other interactive data, which are mutually supportive.
The network access control system has the following features:
Data sharing: Utilize system resources to speed up data exchange.
Real-time monitoring: Real-time monitoring of all terminals in the system.
Quick Search: All records can be retrieved at one time in the same database, improving efficiency and accuracy.
Comprehensive statistics: All statistical reports can be completed in the management center.
Convenient management: Management of all systems can be completed in the management center.
With the development of building intelligent systems, the integrated management of network access control and card systems is already a general trend. The “cards†that are simply put together can no longer meet the actual demands of the society, but require a seamless link within the card system, and External linkage of other intelligent systems.
There are two main ways to implement the linkage between the access control system and other systems
The first is the hardware method
That is, the access control system outputs the relay dry contact to the matrix alarm input module of the analog television monitoring system and the alarm input end of the DVR, so as to realize the image capture and monitoring functions of the controlled door point or related parts. This kind of integration method is the most commonly used and the most basic one in the past. However, the problem is that afterwards, it can't be queried through more efficient means. At the same time, installation and debugging are quite troublesome.
The second is software
The access controller with digital video server (encoder) function supports the dual data exchange function from the device protocol layer to the software database layer simultaneously with the digital monitoring system. Another method is to directly integrate the program of the access control management system software in the SDK of the DVR video capture card, and connect the DVR equipment through the access control system software function item. The above two software methods have their advantages and disadvantages. The advantage of the former is that the system responds quickly and there is no delay. The disadvantage is that the video data must be stored in the local management host, and the capacity of the host hard disk must be high. The latter has the advantage that the local management host does not need to save the video stream data, and only needs to call the data in the remote DVR when needed. The disadvantage is that the associated video will have a delay of about 1-3 seconds and cannot be abnormal at the channel. The previous video was called. In addition, there is also a software approach that is integrated by an intelligent system platform. This software is provided by the equipment provider's OPC standard interface or data development package, and then developed by a professional software vendor, in the third-party software. Show in and out of data and video information, such software also integrates various systems to achieve the purpose of unified management, the drawback is a long development cycle.
Fourth, the network access major trends
In summary, the networked access control refers to the access control system based on TCP/IP communication. The advantages of the access control system adopting the TCP/IP communication protocol are: the communication speed is fast, the network is not limited by the distance, the network resources are easily obtained, and the system can be managed. Because of the large number of devices, access control devices that use this protocol as a networking mode have become mainstream products for large-scale access control system projects and remote management access control system projects. Compared with the traditional access control, it has greatly improved the communication and real-time monitoring, data transmission, networking, etc., and improved the shortcomings of the lack of real-time RS485. It has broken through the early single RS485 bus access to 128 The limitation of the station controller is changed from a bus network to a star structure. Any problem at any point will not affect the system. The system failure is also easy to find and eliminate.
Undoubtedly, with the continuous development of intelligence, integration and networking in the security industry, the access control system will embark on a brand new road, complete with security video surveillance systems, anti-theft alarm systems, and fire alarm systems and building automation systems. Taiwan has become a development trend; in addition, the information sharing and seamless integration of building and building intelligent subsystems will certainly be the direction of the development of access control systems.
Detail: 5mm copper free mirror with polished edge / Matt black s/s 304 frame, Explosion Proof membrane, 2 bracket
Framed Mirror, Black Round Mirror, Black Framed Mirror, Frames For Mirrors, Foamed Mirror On The Wall, Stainless Steel Frame with Mirror Finished, Bathroom Mirror with frame