[Date]

Individual
Assignment
Prepared by: Tigist Woldesenbet

ID: fill in
HP
Contents
Introduction...........................................................................................................................................2
Logical Access Controls....................................................................................................................4
Physical Access Control....................................................................................................................6
Comparision.............................................................................................................................................8
Summary..................................................................................................................................................9
Bibliography..........................................................................................................................................10
Introduction
This research is about two types of access controls. But, before we dig into the
types of access controls we need to have ample information about access controls.

What are access controls?

Security is an important priority for organizations of all sizes and industries. If you
work with pricey equipment or confidential data, safeguarding your company’s
assets is crucial for success. Whether your employee roster has 10 people or 10,000
people on it, an access control system can facilitate their needs – and deny access
to people who aren’t on the list.

Access control is a method of security that can regulate who views or uses
resources – thus, minimizing the potential risk of a business.

Application of security policies for computers and their systems and procedures
leads into the mechanism of access control. The fundamental goal of any access
control instrument is to provide a verifiable system for assuring the protection of
information from unauthorized or inappropriate access, as outlined in one or more
security policies. Generally, this translation from security policy to access control
implementation is dependent on the nature of the policy and involves the inclusion
of confidentiality and integrity. There are two primary types of systems: logical
and physical.

WHAT ARE THE COMPONENTS OF ACCESS CONTROL?

Any physical or logical access control system has five main parts:

1. Authentication. This is the act of proving the identifying of the user. This

might involve verifying the authenticity of a website’s digital certificate,
validating a form of ID, or comparing login credentials to stored data.
 2. Authorization. This specifies whether a staff member has access to certain
resources.

3. Access. After a person is authenticated and authorized, they are allowed to

access the resource.

4. Manage. The system can add or remove the authorization and authentication

of systems or users. There are some systems that streamline the management
process by syncing with Azure Active Directory or G Suite.

5. Audit. This is used to enforce the “least privilege” principle – essentially,

audits minimize the risk of users having access to resources that they no
longer need.

Modern access control systems have many new different components.

MODERN ACCESS CONTROL SYSTEMS COMPONENTS & PARTS

Access control management systems increase their convenience and reliability by

combining various technologies. Here are some components they may have:

Reader: To read a fob or keycard, the door needs to have a reader. There are
several kinds – for instance, wireless, standalone, and IP readers.

Electric Locks: Typically, access control systems use magnetic locks, electric
strikes, or wired mortise locks. There can also be an electrified push bar, which
comes in handy if there is a fire.

Door Sensors: Contact sensors and motion sensors will be able to understand the
door’s status – is it open? Closed? Has there been motion nearby?
Video Surveillance: Some smaller businesses may use wired DVR systems, while
modern businesses may have IP cameras connected to an NVR.

Video Intercoms: You may have a single- or multi-unit intercom; this depends on
whether you need to call a single party or multiple ones. Intercoms may also have
audio, video, dial-in, or touch screen configuration.

PIN Pad: These are used for convenient access – however, this comes with the
drawback of PINs being shared among users. Sometimes the pad is located on the
lock or installed as a standalone pad.

Access Control Panel: A standard panel is the center of controls that connects all
doors to the Internet. It will trigger the dogs to unlock under “correct” scenarios.

Push to Exit Button: This button ensures that anybody can leave the area if there is
an emergency.

Power Supplies: A good supply is of great importance; if the power were to fail,
the door could unexpectedly unlock.

This paper is mainly going discuss about the two types of access control.
Logical Access Controls

Logical access control tools are used for credentials, validation, authorization, and
accountability in an infrastructure and the systems within. These components
enforce access control measures for systems, applications, processes, and
information. This type of access control can also be embedded inside an
application, operating system, database, or infrastructure administrative system.

Logical access controls are the features of your system that enable authorized
personnel access to resources. To many folks, distinguishing between logical
access control and I&A is confusing. Logical access controls are those controls that
either prevent or allow access to resources once a user’s identity already has been
established. Once a user is logged in, they should have access only to those
resources required to perform their duties. Different user groups usually have
access to different resources, which ensures a separation of duties.

Simply, Logical access control tools are used to restrict access to data and
software. 

Examples of that include:

 Using a password to sign into a laptop

 Unlocking your phone with a thumbprint scan or a selfie

 Accessing an employer’s internal network remotely via VPN

In such cases, the software is used to grant access to users who need certain digital
information
On the 44th volume of THE COMPUTER JOURNAL it states:

“The effectiveness of an access control mechanism in implementing a security

policy in a centralized operating system is often weakened because of the large
number of possible access rights involved, informal specification of security policy
and a lack of tools for assisting systems administrators. Herein we present a logical
foundation for automated tools that assist in determining which access rights
should be granted by reasoning about the effects of an access control mechanism
on the computations performed by an operating system. We demonstrate the
practicality and utility of our logical approach by showing how it allows us to
construct a deductive database capable of answering questions about the security of
two real-world operating systems. We illustrate the application of our techniques
by presenting the results of an experiment designed to assess how accurately the
configuration of an access control mechanism implements a given security policy.”
Physical Access Control

Physical access control uses a set of policies to control who can enter a physical
area. Physical access control systems play a central role in the protection of critical
infrastructures, where both the provision of timely access and preserving the
security of sensitive areas are paramount. 
Some real-world kinds of physical access control include:

 Subway turnstiles

 Club bouncers

 Badge/card scanners

 Customs agents

In all of the examples mentioned above, a device or a person is using policies to

determine who gains access to a restricted physical area.

Physical access controls, whether they be gates, locked doors, mantraps, turnstiles,
or any of a number of other mechanisms, can potentially cause a great deal of
trouble for the breakers. When such systems are properly maintained and the set of
policies accompanying them that govern their use is followed, they can be very
difficult to defeat.

But this physical access control has many demerits to it.

Mechanical keys are the most rudimentary physical access control method – and
many smaller companies use them. However, mechanical keys have limitations,
especially as an organization grows. Here are the disadvantages that come with
using keys instead of an access control system.

1. You can lose keys. If an employee loses a key, you’ll need to replace the
lock so that the lost key won’t be used by somebody who should haven’t
access to the restricted location. After that, you will have to give new keys to
anybody who does need access.

2. No audit trails. There is no way for you to keep track of who has used a key
to enter an area, or at what time.

3. Difficult to manage. If somebody needs to gain access to lots of different

rooms and buildings, they will need several keys – at a certain point, this can
be very inconvenient.

So let’s compare.

The line is often unclear whether or not an element can be considered a physical or
a logical access control. When physical access is controlled by software, the chip
on an access card and an electric lock grants access through software, which
should be considered a logical access control. That being said, incorporating
biometrics adds another layer to gain entry into a room. This is considered a
physical access control. Identity authentication is based on a person’s physical
characteristics. The most common physical access controls are used at hospitals,
police stations, government offices, data centers, and any area that contains
sensitive equipment and/or data.

There are various shortcomings of existing approaches to the administration of

physical access control in complex environments. At the heart of the problem is the
current dependency on human administrators to reason about the implications of
the provision or the revocation of staff access to an area within these facilities. We
demonstrate how utilizing Building Information Models (BIMs) and the
capabilities they provide, including 3D representation of a facility and path-
finding, may reduce the incidents of errors made by security administrators.

In many cases, a physical access control is merely a front end for a logical system.
If the logical system can be breached, it is easy to attack physical control.

So let us also see the demerits of a logical control system.

Access control systems can be hacked. When a system is hacked, a person has
access to several people's information, depending on where the information is
stored. Wired reported how one hacker created a chip that allowed access into
secure buildings, for example. Not only does hacking an access control system
make it possible for the hacker to take information from one source, but the hacker
can also use that information to get through other control systems legitimately
without being caught. Despite access control systems increasing in security, there
are still instances where they can be tampered with and broken into.
Summary
As we come to a conclusion, as important as physical access controls are, given
that clouds are managed over the network, limiting access controls to the physical
realm would be profoundly silly. No number of sophisticated multifactor physical
locks or high-resolution video cameras will prevent or record operations personnel
as they engage in their work managing network devices, servers, and storage
devices. The use of an identity system to define and manage access by personnel to
specific devices and functions is an effective way to centralize access control data.
But logical controls alone are not ample to limit access to servers and other cloud
infrastructure. The use of network isolation between different realms within the
cloud infrastructure will go a long way toward not only limiting the reach of a
hacker, but isolation will also limit the scope that authorized operations personnel
have. Putting it differently: Security controls form the lowest layer of protection,
and network isolation provides a second protection mechanism. These reinforce
each other and provide a degree of insurance against ham handing configuration in
either realm.
Bibliography

 The Computer Journal, Volume 44, Issue 2, 2001, Pages 137–149

 Lauren Collins, in Cyber Security and IT Infrastructure Protection, 2014
 Articles from https://recfaces.com/articles/access-control#1
 www.sciencedirect.com
 Cyberspace Safety and Security pp 236-250
 Thomas Wilhelm, Jason Andress, in Ninja Hacking, 2011
 Derrick Rountree, Ileana Castrillo, in The Basics of Cloud Computing, 2014
 Thomas Norman, in Electronic Access Control, 2012

THANK YOU! THE END