Access control system working principle

Updated: Jul 11

An access control system (ACS) is a type of security that manages and controls who or what is allowed entrance to a system, environment or facility.


It identifies entities that have access to a controlled device or facility based on the validity of their credentials.


An ACS is primarily a physical operation implemented within high security areas, such as data centers, government/military institutes and similar facilities.


Typically, an ACS manages, monitors and controls human access to the protected equipment or facility. Most ACSs are designed to take a user provided credential as input, verify/authenticate privileges using the access control list (ACL) and grant/deny access based on the findings.




For example, using biometric security, an ACS can be used to authorize only legitimate access to a data center facility. The individual must provide his or her thumb print, focal or vocal credentials to an ACS, which is then verified through comparison with its database, and grants access only with valid permission.


There are two types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access control limits connections to computer networks, system files and data.


To secure a facility, organizations use electronic access control systems that rely on user credentials, access card readers, auditing and reports to track employee access to restricted business locations and proprietary areas, such as data centers. Some of these systems incorporate access control panels to restrict entry to rooms and buildings as well as alarms and lockdown capabilities to prevent unauthorized access or operations.


Access control systems perform identification authentication and authorization of users and entities by evaluating required login credentials that can include passwords, personal identification numbers (PINs), biometric scans, security tokens or other authentication factors. Multifactor authentication, which requires two or more authentication factors, is often an important part of layered defense to protect access control systems.


These security controls work by identifying an individual or entity, verifying that the person or application is who or what it claims to be, and authorizing the access level and set of actions associated with the username or IP address. Directory services and protocols, including the Local Directory Access Protocol (LDAP) and the Security Assertion Markup Language(SAML), provide access controls for authenticating and authorizing users and entities and enabling them to connect to computer resources, such as distributed applications and web servers.


Organizations use different access control models depending on their compliance requirements and the security levels of information technology they are trying to protect. Read More