ACLs are one of the most widespread implementations of an access control system. They provide a mechanism through which you can specify which users or systems can access specific resources. Each resource in a DAC system must have an associated ACL for each or a group of users. The identification process is usually implemented in Fingerprint Access Control Systems using names that allow each user to be uniquely identified. For this reason, they are used:
- Account Numbers
- Email addresses
- Fiscal codes or other personal identifiers
Biometric features can also be used that play both the role of user identification and password. The uniqueness of the user identifier is essential. The name should be unique forever, to avoid that historical access data can be distorted by the fact that the username has been used at different times by different users.
In recent years RFIDs have spread, radio frequency devices that allow the recognition of users or even objects in a very efficient manner. The information contained in the RFID is read by an RFID Reader that transmits data to the access control system.
For the recognition of computer systems, the use of MAC Address or IP Address is pervasive. In network environments, these features are used to enable or disable access to specific resources, such as connecting to the Internet.
This information, which is part of the process of identifying a user or a system and serves for user authentication and authorization. They are organized manually: the data of each user is entered and changed manually, this process is complicated and expensive when users are many. In complex environments, this process is managed externally by specialized companies or with the support of software that reduces the time required to manage entries and changes.
A Door Access Control System must comply with the following characteristics:
- Consistency: Stored data must be consistent concerning reality
- Reliable: The system must be secure, especially if the information or systems are sensitive or critical for the company
- Usability: The system, mainly when used to access multiple types of data or functions, should provide for the possibility of using unique credentials.
- Efficient: Identification times must be reduced to a minimum.
- Scalable: The system must be able to adapt to the growth or scaling of the number of users
- Flexible: The system must be able to manage internal and external users, who could use different types of access credentials. For example, employees and customers/suppliers who have access to the company.
The implementation of an identification system involves three phases:
- Initial Configuration: Users are entered
- Modifications and maintenance: Users change and very access rights to information or functions over time
- Elimination: When users lose the right to obtain a data or service they must be deleted from the system
- A well-configured identification system provides several advantages:
- The number of managers or group leaders can be reduced because there is an automated control of data accesses
- There is an improvement in production, especially for the technical staff
- Reduction of the risk of loss or compromise of data and systems