Armed
The security system is armed when it is activated by
entering your personal security code on the keypad or by a button on a keyfob.
Arming your system activates the detection of unauthorized entry.
Access Control
The means of controlling and monitoring the movement
of people or vehicles through secured access points such as doors, turnstiles or
car park barriers.
Access Group
A list of areas to which a keyholder is allowed
access. The access may be restricted to certain times by the use of a Time
Profile
Access Card
A coded employee card, usually the size of a credit card,
recognizable to the access control system and read by a reader to allow access.
It can be used for photo identification of the cardholder and for other data
collection purposes. Card technologies include magnetic strips, wiegand-effect,
proximity (active/passive), barium fer-rite, and smart/intelligent
cards.
Access Code
Any system or method which automatically
controls the passage of people and vehicles into or out of an area or
structure.
Access Level
The door or combination of doors and/or
barriers an individual is authorized to pass through.
Access Point
Each means of entry into a controlled security area,
consisting of a card reader, monitor switches and/or latches. Access points are
wired to an access control panel.
Access Time
The period of time during which an access point is unlocked.
(Also see shunt time).
Acquisition device
The hardware used to acquire biometric samples. The
following acquisition devices are associated with each biometric
technology.
Active imposter acceptance
Acceptance of a biometric sample
submitted by someone attempting to gain illegal entry to a biometric
system.
Administrator
Individual responsible for the security
system and assigning operator passwords
AFIS (Automated Fingerprint Identification System)
A system
originally developed for use by law enforcement agencies, which compares a
single fingerprint with a database of fingerprint images. Subsequent
developments have seen its use in commercial applications, where a client or
customer has their finger image compared with existing personal data by placing
a finger on a scanner, or by the scanning of inked paper impressions.
Alogrithm
A sequence of instructions that tells a system how to
solve a problem. Used by biometric systems, for example, to tell whether a
sample and a template are a match. Cryptographic algorithms are used to encrypt
sensitive data files, to encrypt and decrypt messages, and to digitally sign
documents. "A set of computational rules specifying the procedures to
perform a specific computation"
Anti-Tamper
A means of detecting unauthorised disconnection of cables
or removal of covers from security equipment.
Anti-Passback
or Passback
Status of a card according to its last use. When the
card is used at an IN reader, the card will not be able to access another IN
reader until it hasused an OUT reader. This feature is optional and used in
higher security applications and parking
lots.
This feature protects against more than one person using the same card or number. It defines each sys-tem card reader and card I.D. number as IN, OUT, or Other. Once a card is granted access to and IN reader, it must be presented to an OUT reader before another IN reader access is granted. Cards will continue to have access to all authorized OTHER readers.
A feature that prevents a user from giving their code to someone else to use. A user code must be used to enter then used to exit before it can be reused to enter again. This feature requires one port for entry and a second port for exit.
Anti-tearing (or Anti-pulling)
A card feature, which
protects the contents of memory if the card is removed before the end of the
transaction.
Anti-collision (or collision avoidance)
A feature
commonly used in contactless card systems to prevent conflicts between different
signals competing for attention at the same time.
API
Application Program Interface. A computer code which is a
set of instructions or services used to standardize an application. Any system
compatible with the API can then be added or interchanged by the application
developer.
ASIC
Application Specific Integrated Circuit. An
integrated circuit developed for specific applications to improve
performance.
Asynchronous Multimodality
Systems that require that a user
verify through more than one biometric in sequence. Asynchronous multimodal
solutions are comprised of one, two, or three distinct authentication processes.
A typical user interaction will consist of a verification on finger scan, then
face if finger is successful.
Amplitude-shift keying (ASK).
ASK is rarely used in wireless applications because multipath effects can
dramatically influence the amplitude of the information-bearing signal. This
causes errors when the signal is received and decoded.
Audit trail
In computer/network systems: Record of events
(protocols, written documents, and other evidence) which can be used to trace
the activities and usage of a system. Such material is crucial when tracking
down successful attacks/attackers, determining how the attacks happened, and
being able to use this evidence in a court of
law.
Authentication
The process of establishing the validity of
the user attempting to gain access to a system. Primary authentication methods
are:
- Access passwords (something the user knows)
- Access tokens (something
the user owns)
- Biometrics
- Geography (a workstation, for example)
Auxiliary Dead Latch
A plunger which, when actuated,
automatically locks a projected latch bolt against return by end
pressure.
Authentication
The process of verifying the identity
and legitimacy of a person, object or system.
Asynchronous
Microprocessor cards (MPCOS, GPK2000,
GemXplore, etc.). A card operating in asynchronous mode is capable of
automatically adjusting to the transmission frequency. See also Synchronous
Cards.
API (Application Programming Interface)
The set of
programming tools that allows a developer to work with low-level devices such as
smart cards.
AWG
American Wire Gauge, denotes the size of wire conductors used in a
system.
Biometrics
Unique human
characteristics such as fingerprint, voice and retinal pattern, or signature
(1997, Allen).
Bandwidth
The quantity of data that is able to
transit over a network at a given time.
Back Light Compensation
(B.L.C.)
A feature on newer CCD cameras which
electronically compensates for high background lighting to give detail which
would normally be silhouetted.
Badge
To use a card key in a reader to gain access to protected
areas; a card key itself, especially one with a photo
I.D.
Battery back-up
A means of automatically switching over to stored
battery power during a local power failure.
Biometrics
Refers to readers that identify human attributes
such as fingerprint, hand geometry, voice recognition or retinal analysis.
Baud
A unit of transmission speed. Often confused
with bits per second (bps).
Batch
A group
of users with the same door permission and restrictions.
Baud
Rate
Speed at which serial data
is being transmitted. 14,400, 9600, 2400 etc.
BioAPI
BioAPI V1.0, developed by the BioAPI consortium, and
released in March 2000. Designed to produce a standard biometric API aiding
developers and consumers.
Biometric (noun)
one of various technologies that utilize
behavioral or physiological characteristics to determine or verify identity.
“Finger-scan is a commonly used biometric.” Plural form also acceptable:
“Retina-scan and iris-scan are eye-based biometrics."
Biometrics (noun)
Field relating to biometric identification.
EG: “What is the future of biometrics?”
Biometric (adjective)
Of or pertaining to technologies that
utilize behavioral or physiological characteristics to determine or verify
identity. EG: “Do you plan to use biometric identification or older types of
identification?”
Biometric sample
The identifiable, unprocessed image or
recording of a physiological or behavioral characteristic, acquired during
submission, used to generate biometric templates. Also referred to as biometric
data.
Biometric system
The integrated biometric hardware and software
used to conduct biometric identification or verification.
Buffer Capacity
Refers to the amount of information the system can
store, this may include the users, time of day and specific door.
Buffer overflow
Most common cause of current security
vulnerabilities. A buffer overflow occurs when more data is put into a temporary
data storage area (buffer) than the buffer can hold. Because buffers can only
hold a finite amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the data in them. Programming errors are the
one of the most frequent causes of buffer overflow problems. In attacks which
exploit buffer vulnerabilities, extra data is sent to the buffer with code
designed to trigger specific actions, and which can damage files, change data,
or disclose confidential information. Buffer overflow attacks may have arisen
from poor use of the C programming language.
Card
A
plastic Card containing user ID information. Cards come in four different
technologies Bar Code, Magnetic Stripe, Proximity and Wiegand. This Card is
inserted into, swiped through, or presented to a reader.
Card Holder
The person to whom a personal card was issued (not
necessarily the person holding the card).
Card
Reader
A reading device, usually installed beside a controlled door, that
can decode user card information and transmit it to the access
controller.
Closed System
A system whose use is limited to the original
application issuer(s). Common closed systems include campus cards, corporate
badges, etc. See also Open systems
Code
A
sequence of digits which are sensed by the System when the user enters a Card or
presses numbered Keypad buttons.
Coercivity
The property of a magnetic material, as on a magnetic stripe
keys, which is a measure of the coercive force. It is used when describing the
strength of magnetic saturation when discussing magnetic stripe card keys.
Combi Card
A card which uses both contact and
contactless technology.
Controlled
Door
A door equipped with at least one card reader (or one PIN keypad), a
door locking device, a door contact, a request to exit sensor and a door closer.
In most installations, the access control system provides for automatic lock and
unlock of doors used for entry and, perhaps, exit of the premises. The
controlled doors may be secured all the time or only according to selected
schedules. To do this, door locking devices that are electrically operated and
linked to the access controller must be provided.
Contactless Smart Card
Smart card technology using
radio waves rather than contacts to energise and communicate with the chip
inside the card.
Contact
& Contactless
In regard to chip cards: whether the card
is read by direct contact with a reader or has a transmitter/receiver system
which allows it to be read using radio frequency technology (up to a certain
distance).
Crossover error rate (CER)
a comparison metric for different
biometric devices and technologies; the error rate at which FAR equals FRR. The
lower the CER, the more accurate and reliable the biometric device.
Cylinder
The cylindrical
subassembly of a lock containing a cylinder plug with keyway and a cylinder body
with tumbler mechanism.
Data vaulting
The process of sending data off site, where it
can be protected from hardware failures, theft, and other threats. Several
companies now offer Web backup services that compress, encrypt, and periodically
transmit a customer's data to a remote vault. In most cases, the vaults have
auxiliary power supplies, powerful computers, and manned security. Also referred
to as a remote backup service (RBS).
Dead Bolt
A lock component having an end which protrudes
form or is withdrawn into, the lock front by action of the lock mechanism. When
the door is closed and the dead bolt thrown, it extends into a hold provided in
the strike, locking the door and will not retract with end
pressure.
Decision
The result
of the comparison between the score and the threshold. The decisions a biometric
system can make include match, non-match, and inconclusive, although varying
degrees of strong matches and non-matches are possible.
Either/or
multimodality describes systems that offer multiple biometric technologies, but
only require verification through a single technology.
Default
Preset values in the
software which the System will use if the user does not change
them.
Device Address
Value set on an access control device to determine its
unique identity
Digital certificate
In the PKI environment, the data,
equivalent to an identity card, issued to a user by a CA (Certificate
authority), which he/she uses during business transactions to prove his/her
identity.
Digital signature
The number derived by performing
cryptographic operations on the text to be signed. This operation, or hash
function (also called hash algorithm), is performed on the binary code of the
text. The result is known as the message digest, and always has a fixed length.
A signature algorithm is applied to the message digest, resulting in the digital
signature.
Disabled
Turned off. Not
active.
Door
Ajar
A condition that occurs when
a door is left open after a valid user has passed through.
Door Contact
Contact switch activated whenever a door is opened. This switch monitors
the door status (open or closed).
Door Controller
A microprocessor based unit from which a number of
doors may be controlled. The door controller makes the decision as to whether
access is to be allowed.
Door Open Time
The time allowed for a controlled door to remain open
after a valid entry. At the expiration of this time, the system records a
transaction which may be defined as an alarm. If the alarm bypass relay is used,
it would also de-energize at the end of this time.
Duress
Type of alarm activated by entering a special security
code that indicates to the monitoring station that you have been "forced" to
disarm your system.
DSA
Digital Signature Algorithm. Presented in 1991
by the NIST and patented in 1993. A publicly available one-way algorithm used to
generate or verify digital signatures of a text to be signed (not to
encrypt/decrypt information). As input, DSA needs
1. The message digest of the message to be signed
2. The signer's private key
3. A random number
Its output is a pair of numbers (often referred to as r and s) which together, make up the digital signature.To verify a digital signature, DSA needs as input
1. The message digest of the text to be verified
2. The signer's public key
3. The value s from the signature
DSA
then makes a computation, the output of which is called v, for example. If v =
r, then the signature verifies.
DSS
Digital Signature
Standard. Developed by FIPS (U.S. Federal Information Processing Standard).
Adopted the DSA in the early 1990s.
Electric
Strike
It is recommended to use a fail secure, continuous duty electric
strike that must be powered to unlock the door. The fail secure door strike will
keep the door secure in case of power interruption. Order strikes as: 1)
fail-secure (locked when you remove power), 2) 24VDC, 3) continuous operation,
and 4) low current. These specifications will usually correspond to the
requirements of access control. Some strikes can also be ordered with a
self-contained micro switch indicating whether or not the pen is actually held
by the strike. This contact is usually wired in series with the door contact. On
double doors, the door strike will be installed on the passive door which should
be bolted down and a door cord or electric-conductive hinge will carry the power
to the strike. It may not be possible to install door strikes on special doors
such as full glass doors. The only alternative may be to install an
electro-magnetic lock.
Electromagnetic
Lock (EM Lock)
An electro-magnet must be powered at all times to keep the door
locked. It is a fail safe locking device that will automatically unlock if power
is removed. Electro-magnetic locks are governed by different national and local
regulations and must be installed with caution.
Emergency
Exit
A door that is specially equipped to provide free exit in case of
emergencies
Events
Typical
system events are: Access granted, Date/time changed, alarms, modifications to
the data base. Every action taken on the system or taken by the system is an
event and can be programmed to be reported through the Report command.
Electric Door Strike
An electric door locking device that unlocks
the door when electrical power is applied to it. A fail-safe configuration
operates in reverse; that is, it is normally locked when power is applied and
unlocked when power is interrupted.
Emergency Override
In the event of a fire or other emergency, it
would be usual for all doors on the system to be automatically unlocked. Each
PAC door controller provides an input for this purpose. In addition an emergency
override facility is available on individual doors.
Fail-safe Lock
Fail Safe locks (also sometimes called ‘Power to
Lock’) require a permanent supply to keep the door locked. This type of lock
would normally be used if safety was most important - i.e. in the event of
equipment failure the door would become unlocked.
Fail-secure Lock
Fail Secure locks (also called ‘Power to Unlock’)
require a supply to unlock the door.
False Alarm
Alarm condition that does not require a dispatch.
Global Anti-passback
Allows the anti-passback function to operate
across many controllers in the building.
Keyholder or Cardholder
A person who carries an ID device. Two
types of key/card holder exist: i. Personnel - usually a tenant or full time
employee. ii. Visitor - a contractor or other person who requires some access
around the site, but for a limited number of days only.
Latchbolt
A device for automatically retaining a door in the closed
position upon its closing.
Multi-site
A system which allows more than one group of door
controllers on different sites (even in different countries) to be administered
from the same central location.
Operator
A keyholder who is allowed to make changes to the PAC for
Windows database and accept alarms.
Password
A word which must be entered by an operator when logging
in to prevent unauthorised access to the system.
EMV
The Europay-Mastercard-Visa specifications for
chip-based payment cards. EMV part 1 corresponds with (and generally conforms
with) ISO 7816 parts 1-5; the other parts of this specification cover the
details of a standard credit/debit application and the requirements for
terminals.
EN
Euronorm or European Standard. Important ENs for
smart cards include EN 726 (a multifunction telephone card) and EN 1546
(Inter-sector Electronic Purse).
EPOS
Electronic Point of Sale (terminal): a networked
and programmable electronic till.
Enabled
Turned on.
Active.
Enter
To type
information on the System in response to a prompt. To complete the entering of a
code or command by pressing the #.
Encryption
"The use of cryptographic algorithms to
encode clear text data to ensure that it cannot be learned" (1997, Allen).
Encoding
Writing of system, issuer and cardholder
data onto the smart card.
EPROM
A
non-volatile memory chip used in the system which contains all instructions and
operates the system. EPROMs retain all information without the need for backup
power.
EEPROM
Electrically Erasable
Programmable Read Only Memory. A memory chip used in the System that contains
special information. EEPROMs retain all information without the need for backup
power.
Embossing
The action of implementing raised letters
or logos on a plastic card.
Embedding
This operation consists in placing the
micromodule in the cavity of the card body. An electrical test is carried out
and the embedded module is then encoded.
ESD
Electrostatic discharge - the effect of discharging a high voltage
but at a very low current, as when removing a woollen jumper or leaving a car
after a long journey. ESD can be very harmful to electronic devices,
particularly those using CMOS technology.
ESN
Electronic Serial Number. A 64 bit number, permanently programmed into a
non-volatile memory device. Used to identify a particular unit, date of
manufacture and other parameters.
Events
An action, condition or
something that happens on the access system and becomes part of the information
stored in the event data base. Event conditions can be used to trigger auxiliary
outputs.
FAR
False Accept Rate: the percentage of impostors accepted by a
biometric or other identification check.
Fail-Safe
If and when power to the
door fails, the door will be made permanently-open and allow entrance or exit
without the need for access control codes or Cards.
Fail-Secure
If and when power to the
door fails, the door will be made permanently closed and will not allow entry or
exit.
FAIL-SOFT
If and when power to the
portal (door) fails, the portal will be made permanently-closed and will not
allow entrance and/or exit.
Flash Memory
Semiconductor memory which can be written once, but can
thereafter only be erased as a block. It is increasingly used for program
storage, since it allows the program to be updated.
Forced
Entry
A condition that exists when
a door is forced open prior to a valid user entering the
door.
Form A
Relay
A type of relay that has a
single pole, single throw, normally open contact.
Form C
Relay
A type of relay which has
contacts including a common, a normally open (NO) leg and a normally closed (NC)
leg.
FRR
False Reject Rate: the percentage of valid users rejected by a
biometric or other identification check
Frequency- shift keying.(FSK).
The carrier is switched rapidly between the
two frequencies which represent 1 and 0. The frequency is lower for a 1 than 0.
The bandwith required for FSK is twice that for ASK because two frequencies are
changed. However it is less affected by noise and therefore has less errors
compared with ASK. .
Ground
A direct electrical path to
earth ground. Usually a cold water pipe, the steel beams of a building, or a
steel rod which is driven into the earth and bonded to the Electrical System as
defined by the National Electrical Code.
Holiday
A different system operation for weekdays that are holidays is provided
through the schedules. An eighth day has been added to plan holidays.
(point)
It is possible to supervise up to 16 inputs on the system.
Equipment such as door contacts, status switches, dry contacts, relay contacts,
emergency buttons, motion detectors, glass break detectors, gas leak detectors,
etc...can be supervised by the system's inputs in either normally open or
normally closed fashion. Point monitoring can be limited to a schedule; for
example, motion detector monitoring after regular business hours
only.
Locking
Device
The most usual locking devices used in the access control industry
are electric strikes and electro-magnetic locks. To select which locking device
should be used on a specific job, the installer must proceed to an evaluation
that will take into account not only the security requirements but also the
regulations imposed by local or national authorities. Simple rules for most
cases: Rule #1: If possible, always use electric strikes on controlled doors
(doors equipped with at least one reader). Rule #2: Add an electro-magnetic lock
if you want to prevent exit through that door or to control exit with a card
reader or a keypad. Note that we are adding an electro-magnetic lock and keeping
the door strike. This is necessary to keep the door locked and the premises
secured when the electro-magnet lock has to be unlocked because of an AC power
failure or a fire alarm signal (see regulations). Rule #3: Always check with
local authorities before installing any electro-magnetic lock. Once installed,
it can be quite expensive to replace maglocks by strikes and repair doors and
door frames. Other hardware: The outside door knob (or handle) should be
permanently locked. It is always the access controller that will unlock the door
by releasing the door strike. The inside door knob should always be free
(unlocked) to permit safe exit to occupants in case of emergency. To prevent the
door from being left manually unlocked, make sure there are no lock-unlock
buttons on the inside door knob. An hydraulic door closer is almost mandatory to
insure that the door is re-closed after an entry and to prevent "Open Too Long"
or "Door Left Open" alarms.
Hologram
A flat optical image which looks three dimensional when
viewed with the naked eye. Holograms are implemented as a security feature to
prevent fraud.
IC Card
Same as "chip card". The banking industry prefers the term "IC
card" or "ICC".
Initializing
The automatic process of
configuring the system at power-up. Default values are set and memory is
tested.
Initialization
First stage of the card issuing process. The purpose
of this process is to load all the data common to one application into the smart
card's EEPROM.
Interoperability
The ability of products manufactured by different
companies to operate correctly with one another
Java
Card
Schlumberger and Gemplus have developed specifications for
running a subset of the Java language on a smart card. Java is an open,
machine-independent language which offers a high level of protection between
applications; it is thus well suited to a multi-application smart card, although
it imposes a higher overhead than conventional smart card operating systems.
The term is a registered trademark of Sun Microsystems and refers to the specifications for running Java on a smart card. The current specification level is 2.1.1
Java
An object oriented programming language
developed by Sun Microsystems. Java is a machine independent language and offers
considerable protection between applications.
Latch Bolt
A lock component having a beveled end which
projects from the lock front in an extended position, but may be forced back
into the lock case by end pressure or drawn back by action of the lock
mechanism. When the door is closed, the latch bold projects into a hold provided
in the strike, holding the door in a closed position.
ISO
International Standards Organisation. The main ISO standard
relating to smart cards is ISO 7816: "Identification cards: integrated circuit
cards with contacts". ISO 10536 and the draft standard 14443 cover,
respectively, close-coupled and remotely coupled contactless cards. Many other
standards covering aspects of security and computer systems operations are used
by smart card systems.
LED
Light
Emitting Diode. A semiconductor device that emits light.
Magnetic
Stripe
Card technology that uses a
Magnetic Stripe to hold its data. System 2 uses a track 2 ABA
format.
Master
A system unit, programmed to
be part of a network of systems and in control of "slaves" on the
network.
Memory Card
A chip card with memory, but controlled only by fixed
logic rather than by a microprocessor.
Encryption
The scrambling of data so that it becomes
difficult to unscramble or decipher. Scrambled data is called ciphertext, as
opposed to unscrambled data, which is called plaintext. Unscrambling ciphertext
is called decryption. Data encryption is done by the use of an algorithm and a
key. The key is used by the algorithm to scramble and unscramble the data. The
algorithm can be public (for scrutinization and analysis by the cryptographic
community), but the key must be kept private. Encryption does not make
unauthorized decryption impossible, but merely difficult. Time, and the power
(ever increasing) of computers are the factors involved in the feasibility of
decryption.
Enrollment
the initial process of collecting biometric data from a
user and then storing it in a template for later comparison.
Feature extraction
The automated process of locating and
encoding distinctive characteristics from a biometric sample in order to
generate a template.
False-acceptance rate (FAR)
the percentage of imposters
incorrectly matched to a valid user's biometric.
False-rejection rate (FRR)
the percentage of incorrectly rejected
valid users.
Identification
the process by which the biometric system
identifies a person by performing a one-to-many (1:n) search against the entire
enrolled population.
Identification (1:N, one-to-many, recognition)
The process of
determining a person’s identity by performing matches against multiple biometric
templates. Identification systems are designed to determine identity based
solely on biometric information. There are two types of identification systems:
positive identification and negative identification. Positive identification
systems are designed to find a match for a user’s biometric information in a
database of biometric information.
Mapping (or memory map)
A functional representation of the different
memory blocks.
Matching
The comparison of biometric templates to determine
their degree of similarity or correlation. A match attempt results in a score
that, in most systems, is compared against a threshold. If the score exceeds the
threshold, the result is a match; if the score falls below the threshold, the
result is a non-match.
Minutiae Points
Local ridge characteristics that occur at either
a ridge bifurcation or a ridge ending.
Multos
A programming language developed by Mondex
for systems using MAOS (multi-application operating systems) for smart
cards.
Multi-application Card (or general purpose card)
A
smart card that can accommodate more than one application while maintaining
separate security conditions.
Networking
The ability of system's to
be linked together. A multi-drop, twisted pair of wire is connected to each
system unit in the network in a daisy-chain fashion
Off-line
A transaction during which no direct
connection is made to a central computer facility. see also On-Line
On-line
A transaction during which a direct
connection is made to a central computer facility (usually via the public
telephone network or computer networks). see also Off-Line
OpenCard (OCF)
The OpenCard Framework is an architecture for cards and
terminals primarily intended to standardise the development of smart card and
terminal applications in NCs. It is promoted by Apple, IBM, Netscape, NCI, and
Sun.
Open Platform
This term refers to the specifications of the
same name provided by the GlobalPlatform consortium for managing open
multiapplication smart cards. They are available for download fromthe consortium website. Augmented
specifications, usually referred to as VISA OpenPlatform (VOP) are
provided by VISA International.
Passive
A non powered element of a system.
PIN
"Personal Identification Number. Code the user
possesses for verification of identity" (1997,Allen). "A business or payment event for the exchange of value for
goods and services"
Personalisation
Adding the individual card details to
a card after manufacture. These will include the cardholder data in the chip's
memory, usually the cardholder's name and an expiry date printed or embossed on
the front. It may include other forms of personalisation such as magnetic stripe
data or a photograph. During personalisation, any variable program (in addition
to the mask) may be stored in the card, as well as cryptographic keys.
PC/SC
The PC Smart Card architecture promoted by
Microsoft and other smart card and PC operating system vendors, to standardise
hardware and software interfaces for smart cards in PCs.
Port
A
designation given to all the input and output connections required to operate a
door. It may contain an input for RTE, Door Ajar, Keypad, Card Reader etc. and a
relay output for controlling the door.
Power
Supply
A source of power for the
access system, door locks and auxiliary devices. Usually consists of a plug in
transformer, circuit board and standby battery. Power supplies are rated by
their voltage and current capacity.
Prompt
A cue. When programming, the
System will "ask" you to enter various information. This "asking" is called a
prompt.
Protocol
A set of rules and procedures governing interchange of
information between a smart card and a reader. The ISO defines several
protocols, including T=0, T=1 and T=14
Proximity
A type of card technology
that sends wireless digital data from a card to a reader through means of an
electrostatic coupling.
Privacy-Protective
A privacy-protective system is one used to
protect or limit access to personal information, or which provide a means for an
individual to establish a trusted identity.
Privacy-Sympathetic
A privacy-sympathetic system is one that
limits access to and usage of personal data and in which decisions regarding
design issues such as storage and transmission of biometric data are informed,
if not driven, by privacy concerns.
Privacy-Neutral
A privacy-neutral system is one in which privacy
is not an issue, or in which the potential privacy impact is slight.
Privacy-neutral systems are difficult to misuse from a privacy perspective, but
do not have the capability to protect personal privacy.
Privacy-Invasive
A privacy-invasive system facilitates or
enables the usage of personal data in a fashion inconsistent with generally
accepted privacy principles.
Phase-shift keying (PSK).
As the he binary signal is changed from 1 to 0 or from
0 to 1, the carrier voltage reverses its direction, which is equivalent to a 180
degrees phase change. As with ASK it is a single carrier system and it can be
shown that a PSK system requires the narrowest bandwidth compared with ASK and
FSK for the same rate of data flow. PSK also has the lowest probability of error
of all three systems.
Real Card (as opposed to Virtual
Card)
This refers to an actual OpenPlatform/JavaCard (compliant with ISO7816) that runs a JCVM on an 8bit
smart card microcontroller.
Radio Frequency (RF)
Signals with a repetition rate above audible
range, but below the frequencies associated with heat and light.
RF/DC
A method of communication without physical
contact. Accomplished through the use of radio waves (1997, Auto ID Service
Providers).
RF/ID
A method identification without physical
contact. Accomplished through the use of radio waves (1997, Auto ID Service
Providers).
RAM
Random Access Memory (the equivalent of normal
computer memory).
Request to
Exit
On each access door equipped with only one card reader (or only an
entry reader will be used during certain hours), it is necessary to provide free
exit through the monitored door without creating a Door Forced alarm. The
request to exit button (usually when electro-magnets are used) or the request to
exit motion detector (usually when electric strikes are used) sends a
pre-warning signal to the door controller that the door is going too open and
that this will be a normal operation of a person exiting. When the door is
locked, the access controller supervises the door contact and will report a
"Forced door" alarm if the door is opened without using a card. To provide free
exit from the premises without causing an alarm, the access controller must
know whether the door is opened by someone breaking in or someone exiting. To do
this, an "Exit Motion Detector" is installed above the door on the inside. When
an individual leaving the premises approaches the door, the detector will send
that information to the access controller which will record the event as an
authorized exit.
Schedule
Most of the system's operations are based on time
and/or day of the week. The system can manage up to 100 different schedules.
They are defined by the system administrator according to specific requirements
(automatic unlocking, point monitoring, etc.). Each schedule can be composed of
up to 4 different intervals (start-stop times) valid for any number of week days
or holidays.
User
A
person to whom the system administrator has issued an access card.
RFID
Radio Frequency Identification: a technology
which allows an object or person to be identified at a distance, using radio
waves to energise and communicate with some form of tag or card.
RS-232
Data transmission standard
using +/- 12 volt transitions to transmit digital data.
RS-485
Data transmission standard
using differential voltage levels to send and receive data on a shielded,
twisted pair of wire in a multi-drop configuration up to four thousand feet
long. Highly immune to electrical noise.
RTE
Request
to Exit. A circuit controlled by a push button installed within a secured area
which, when pressed, allows a user to exit the area. RTE's should always be
redundant, that is, a second method should be used to allow an exit.
RTS
Request
to Send. An RS-232 output from the system. It tells a device attached to it that
its OK to send data. Generally connected to the CTS of the sending
device.
RXD
Receive
Data. An RS-232 input that receives data from a transmitting device. This Input
must be connected to the TXD output of the transmitting
device.
Scanning
The rapid movement of the election beam in a pickup device of a
camera or in the CRT of a television receiver. It is formatted in a
line-for-line manner across the photo sensitive surface which produces or
reproduces the video picture. When referred to a video surveillance field, it is
the panning or the horizontal camera motion.
Sensitivity
(pickup
device)
The amount of current developed per unit of incident light. It can be
measured in watts with the projection of an unfiltered incandescent source of
light at 2870 K degrees to the pickup device surface area. It can be then
expressed in foot-candles.
Seed
Number
A number used to generate an
exact duplicate list of users when batch programming keypad
codes.
Serial
Number
A unique combination of
digits and/or letters. All system software (firmware) and hardware is serialized
Score
A number indicating the degree of similarity or
correlation of a biometric match. Traditional authentication methods –
passwords, PINs, keys, and tokens - are binary, offering only a strict yes/no
response. This is not the case with most biometric systems. Nearly all biometric
systems are based on matching algorithms that generate a score subsequent to a
match attempt. This score represents the degree of correlation between the
verification template and the enrollment template. There is no standard scale
used for biometric scoring: for some vendors a scale of 1-100 might be used,
others might use a scale of –1 to 1; some vendors may use a logarithmic scale
and others a linear scale. Regardless of the scale employed, this verification
score is compared to the system’s threshold to determine how successful a
verification attempt has been.
Single Error Rates
Error rates state the likelihood of an error
(false match, false non-match, or failure to enroll) for a single comparison of
two biometric templates or for a single enrollment attempt. This can be thought
of as a "single" error rate.
Slave
A
system unit that is programmed to be part of a network of systems and under
control of a master system.
Smart Card
A card which incorporates a microprocessor chip and some
form of storage. By extension, and in common usage, any form of chip card.
Strike
A plate fastened
to the door frame into which the bolts project.
Strike Box
A housing used in back of a strike to enclose
the bolt or bolt openings
Synchronous Multimodality
the use of multiple biometric
technologies in a single authentication process. For example, biometric systems
exist which use face and voice simultaneously, reducing the likelihood of fraud
and reducing the time needed to verify.
Submission
The process whereby a user provides behavioral or
physiological data in the form of biometric samples to a biometric system. A
submission may require looking in the direction of a camera or placing a finger
on a platen. Depending on the biometric system, a user may have to remove
eyeglasses, remain still for a number of seconds, or recite a pass phrase in
order to provide a biometric sample.
Tag
An electronic device
(contactless) that can communicate with a reader by means of a radio frequency
signal.
Template
a mathematical representation of biometric data. A
template can vary in size from 9 bytes for hand geometry to several thousand
bytes for facial recognition.
Threshold
A predefined number, often controlled by a biometric
system administrator, which establishes the degree of correlation necessary for
a comparison to be deemed a match.
Time & Attendance
The Time Attendance Mode is used to record the Clock In / Clock Out time of the employees, and it is very useful to avoid the buddy-punching problem. The major difference is that in this mode, the device is not used to control the door strike, and there is no time & terminal restriction.
Transaction
"A business or payment event for the exchange of value for
goods and services". Any event that occurs on a PAC for Windows system is
called a transaction. All transactions which originate from a door controller
are reported to the PC, and stored on the hard disk for later analysis. In
addition, the PAC for Windows system then decides the fate of each transaction -
display on screen, printer, generate an alarm, etc.
TXD
Transmit Data. An RS-232 output that sends data to a receiving device.
This output must be connected to the RXD input of the receiving
device.
UL
Underwriters Laboratories. An organization that certifies the safety and
functionality of electrical devices.
Verification (1:1, matching, authentication)
The process of
establishing the validity of a claimed identity by comparing a verification
template to an enrollment template. Verification requires that an identity be
claimed, after which the individual’s enrollment template is located and
compared with the verification template. Verification answers the question, “Am
I who I claim to be?” Some verification systems perform very limited searches
against multiple enrollee records. For example, a user with three enrolled
finger-scan templates may be able to place any of the three fingers to verify,
and the system performs 1:1 matches against the user’s enrolled templates until
a match is found. One-to-few. There is a middle ground between identification
and verification referred to as one-to-few (1:few). This type of application
involves identification of a user from a very small database of
enrollees. While there is no exact number that differentiates a 1:N from a 1:few
system, any system involving a search of more than 500 records is likely to be
classified as 1:N. A typical use of a 1:few system would be access control to
sensitive rooms at a 50-employee company, where users place their finger on a
device and are located from a small database.
Virtual Card (JC32)
This is an implementation of the
JavaCard Virtual Machine (JCVM) specifications for a 32bit processor. It behaves
in all aspects identical to the JCVM on the actual smart cards, down to the
resource restrictions (RAM and EEPROM) and transactions semantics found on a
real card. The 32bit JCVM can be run in two modes: One emulates a real JCOP card
in all regards including the (reduced) speed on that 8-bit processor. The other
mode only emulates the resource restrictions, but otherwise executes at the
speed the 32bit processor permits. The second configuration is therefore meant
to be used during applet development and testing to ensure fast turnaround
times, while the first one is meant to get a feeling for where tuning will be
needed before bringing the applet onto a real card. As this is a single program,
be aware that no state is stored between executions of the 32bit JCVM: Anything
loaded will be lost once the Virtual Card is stopped.
Video Verification
This is a software feature that allows an
operator to compare a persons appearance with that in a personnel database.
Visitor
A keyholder who is only allowed access for a limited number
of days. The system will automatically restrict the keyholders access to the
allowed dates.
Watchdog
A circuit in the System that
prevents microprocessor latch up. The watchdog circuit minimizes the likelihood
that voltage transients will "crash" the system.
Wiegand
Technology
Card technology that uses
special patented wires imbedded inside the Card to encode its data.