SMART CARD

The use of Smart card with Integrated Biometric-Secured RFID Technology for Physical Access control in a manufacturing company

Literature Review

Introduction

Managing access to resources is assuming increasing importance for organizations everywhere, from small entrepreneurial companies to large corporate enterprises and government bodies of all sizes. Even the most neutral organization now recognizes the danger of a security breach. (Finkenzeller 1999)

Administering access to resources means controlling both physical access and logical access, either as independent efforts or through an integrated approach. Physical access control protects both tangible and intellectual assets from theft or compromise. Logical access control enables enterprises and organizations to limit access to data, networks, and workstations to those authorized to have such access. (Hancke 2008)

Coordinating people and privileges has traditionally relied on the use of an identity card such as a driver's license, library card, credit card, membership card, or employee identification card. (Kasper 2006) Such cards verify to a person (such as a guard) or a device (such as an electronic reader) that the holder has particular rights and privileges. In response to the need for increased security, industry developed technologies (such as magnetic stripe, bar codes and proximity chips) that can be included on a card. (Drimer 2007) The card can then be passed through a magnetic stripe reader, scanned by a bar code reader, or presented to an electronic reader with an RF antenna for automatic access authorization. A personal identification number (PIN) can be entered via a keypad to add another authentication factor to help verify that the cardholder is indeed the owner of the card. (Nohl et al., 2008) However, while these technologies reduce cost and increase convenience, they do not guarantee that the user is in fact the authorized person. (Kasper 2006)

Changes to the work force compound the problem of identifying and authenticating individuals. The days of a stable and recognizable workforce are essentially over. (Roberts 2006) Currently, many corporations experience growing employee turnover or have difficulty filling specific assignments and frequently use outside contractors. This environment results in the presence of new or unrecognized personnel with access to corporate assets and information. (Hancke 2008) While employee turnover generally is not as great an issue for government organizations, the rotation of personnel and the sheer size and complexity of such organizations creates a similar situation with potential for unauthorized people to obtain access to resources. (Rotter 2008)

The stage is thus set for the introduction of access identification systems based on an identity card or other credential that includes integrated intelligence. Such a credential could support multiple secure applications for processing personal identification information, privileges, and access rights and include cryptographic protection of the information. (Borisov 2001) The emergence of an intelligent credential was the genesis for an entirely new access control model that achieves fast processing, personal authentication, and risk mitigation. This model represents a blueprint for a secure identification system that solves the fundamental access control problem - how to accurately associate individuals with their rights and privileges at the location where ...