Locks without keys
Multi-tiered: Oakland believes a layer system is best when it comes to security. Credit: Melystu
Security systems need to take a blended approach, finds Martin Rushmere
If you rely on just one or even two types of security methods at your port, the risk of being hacked or of failure crippling systems is high. Today, a blend of systems and approaches is needed to keep assets under your control.
As Troy Hosmer, port facilities security officer at the Port of Oakland, puts it “a layered system is the best, with a combination of guards at entry points along with digital, electronic and card reading systems.”
Adding to this is a combination of mechanical devices - the old fashioned lock and key - that also use digital sophistication.
Scanning and biometrics continue to be central to all forms of access, through fingerprinting, iris scanning and facial recognition. Jim Strey, chief executive of idSoftware, based in Jacksonville, Florida, says iris identification is the most advanced biometric feature, using 250 points of reference, while fingerprints used 50 points and facial scanning uses 25. “Facial recognition needs the subject to be close up to the camera – 100 centimetres - and truck drivers going through entry points will not put up with that.”
The company develops biometric software that complies with and supports the US Department of Homeland Security’s stricter port security regulations, following the passing of a new rule last August mandating that incoming port personnel scan identification cards through an electronic reader.
Stephen Thompson, export sales manager for ievo, a Newcastle-based company in the UK specialising in biometric recognition systems, says there are different levels of reliability depending on the use. “Mobile application of biometrics has become highly popular over the past few years with the leading manufacturers incorporating the technology into their device – mainly fingerprint and iris scanning.
“Biometric technology can be highly reliable while more traditional access control measures, ID cards, fobs, PIN numbers can all be shared, lost, stolen or forgotten, each incident leading to potential breaches in a secured facility or incurring a repeated cost to replace/reprint such credentials.
“Biometric credentials remove these liabilities,” says Mr Thompson. “The data refers to just one person which cannot be lost or forgotten, meaning it is more convenient for the user. Most biometric systems also integrate into wider security systems, to provide accurate time records which can be used for time and attendance systems, improving both security and health and safety measures of a site or facility.”
Generally, a combination of different methods usually proves the most effective and for ports the most important aspect will be reliability and the ability to confidently use a system that can work in such environments without hampering or slowing down an employee’s access.
Traditional access control equipment such as swipe cards, numeric key pads and fobs etc are not only inherently less secure but often more expensive once replacement costs are factored in.
Another UK company, Locken, has developed an electronic key and cylinder (“mechatronic”) that uses magnetic induction and incorporates Bluetooth connectivity, allowing the mechatronic key to communicate with Smartphone technology -- enabling the user to receive up-to-the-minute information about all events relating to access.
“While fingerprint, facial and iris recognition add an extra layer to the security process they are of high cost and are independent to the existing mechanical systems,” says Nick Dooley, managing director of LOCKEN UK.
idSoftware's Mr Strey says that costs of biometric installation can range from as little as $20,000 to more than $500,000. “Port security is an expense with no financial return on investment. The result is that they don’t do it unless they have to.” For the US, a deadline date of August 2018 is looming under a DHS Electronic Reading rule that specifies the system that has to be in place for Class A facilities that handle Centre for Disease Control materials (which includes cruise ship terminals transferring more than 1,000 passengers).
“Overall, the main emphasis in port security is surveillance and parameter security – combining CCTV and monitoring systems with access and visitor control regulated via ID card certification as a primary resource, and biometrics as an advanced system,” says ievo’s Mr Thompson. ‘However, different countries, indeed different ports, have different systems and certainly in two of our main export markets, UAE and the Benelux countries, they have adopted biometrics and other security innovations. Both countries use Licence Plate Recognition Systems and the UAE has under-vehicle scanning as standard so they do seem to be trying to keep up with technological advances.”
The market also has to cope with the requirements and regulations of different countries. The Transport Workers' Identification Card (TWIC) continues to be the central focus of security in the US and incorporates biometric features. idSoftware has developed a programme that marries the card with a general visitor identification system, something that very few companies have come up with.
Ievo also has to deal with government concerns over the use of personal data. Says Mr Thompson: “For example, French legislation now dictates the user must be fully notified of exactly how the data will be used and stored to allow freedom of choice and information.
"In addition, there’s the usual certification of goods – such as Factory Acceptance Tests, ‘G marked’ products for Gulf States, IP ratings for sealed electrical enclosures, electrical safety certifications etc.”
And the technology itself is marching on. Voice recognition is becoming more widespread (but needs more work) while vein recognition is a new field. But “the unions in the US have filed lawsuits against its use because of concerns over invasion of privacy", points out Mr Strey.
For ievo, the future lies in integrating systems “to provide security measures with zero room for error, and in making a system more convenient and accessible to the user without reducing security measures".
"We have already seen the integration of access control systems with smart phones, but this still carries the fundamental flaw of phones being lost/stolen,” says Mr Thompson. “As technology grows and improves in the wider world, access control will continually adapt and improve its integration. On a more focused level of fingerprint biometrics, the future really lies with the technological improvements of sensors - as sensor technology improves so will the systems that use them, and how this data is used will guide the future use of access control.”
PUTTING SECURITY TO THE TEST
Locken's electronic key and cylinder allows for communication and energy transfer between the two, based on tight inductive coupling. An alternating magnetic field, which is generated by the key, transfers energy to the cylinder, following the principle of a transformer. Data is transferred by modulation of the magnetic field.
The system is made by two coils. One coil (primary winding) which generates the alternating magnetic field is inside the key, the second coil (secondary winding) in which the magnetic field is induced resides inside the cylinder. The metal parts of the key and the cylinder are designed in order to close the magnetic circuit to avoid any magnetic flux leakage.
To permit good alignment of the two coils a mechanism that activates the magnetic field generation in the primary coil is implemented. A Hall Effect sensor, mounted close to the primary coils, senses a permanent magnet inside the cylinder and the magnetic field generation is activated only when perfect alignment of the two coils is achieved. Energy and data transfer is only possible when the key is inserted into the cylinder and the horizontal alignment of primary and secondary coil is within few hundredths of a millimetre.
idSoftware's basic systems, SecureGate and VisCheck, can be run on dedicated servers or virtual servers. Operating in the cloud can also be done assuming the agency or company has no problem with storing their data off site. A single server/virtual server can be used with basic configuration of Windows Server as the operating system.
Typically its installation is complete within one month from time of purchase order or contract. Scalability is not an issue and a port can add to the existing system by ordering more devices.