The Game Changer

The Game Changer

How Artificial Intelligence changes the access control game

  • By John Carter
  • Jun 01, 2019

Most access control systems are focused on improving security and protecting the business, ensuring that only the right people have the right access to the right areas. It keeps the bad guys out and the good guys in. But what happens when the environment changes and becomes a potential danger to the individuals inside or when a crisis strikes?

Modern access control technology is now able to leverage innovations in artificial intelligence (AI) and open standards to adapt to environmental changes. It can move from a gatekeeper to a life saver enabling safe passage for those who need to enter and assist, or to route people inside to a safer area of the building. With new levels of intelligent insights, risk adaptability and interoperability, physical access control systems are now able to significantly improve life safety, while also minimizing risk to the organization.

AI and Access Control— Sensory-based Security

The first important innovation we need to discuss is artificial intelligence. AI is based on an Artificial Neural Network, which works like the human brain—just as humans have senses to see, hear, smell, taste and feel. Humans can make decisions based on the combination of activity our senses report to our brains. We can identify a wide variety of safety risks based on our senses.

In the case of an AI-equipped access control system, like the human brain, it too has a wide array of inputs that it constantly evaluates. The more connections and integrations it has with security systems and non-security applications and data, the more informed it is. Leveraging AI, the modern access control system can characterize activity and incoming data to identify patterns and recognize certain conditions that increase the threat to a facility and to the people inside the facility.

It can recommend or automate higher levels of control to avoid life safety consequences. Compared to a human security guard, an AI-based system can monitor more data, faster and more accurately without bias or distraction. It can leverage that intelligence to become risk-adaptive—adjusting access permissions based on risk levels.

A Shift from Role-Based to Risk-Adaptive Access Control

Risk comes in many forms. Dynamic by nature, it can increase exponentially in severity in a just matter of moments. Unfortunately, traditional access control systems are static by nature and cannot independently adapt to a changing environment. That inability can be detrimental to life safety and security.

Most traditional physical access control systems are role-based. Access is assigned based on a person’s role within an organization, assigning access to an access group representing a collection of doors that role can access at specific times. While this meets a very fundamental need, it controls access strictly by those static roles and does not adapt as the situation dynamically changes. If an incident occurs that could affect life safety, it requires a human, i.e., a security officer, to react to an alarm or situation and make changes to the access control system in order to protect someone who could unknowingly enter a bad situation or dangerous environment.

Today, we see the emergence of riskadaptive technology based on AI and new levels of interoperability. When applied to access, risk can be based on multiple criteria and access permissions can be adjusted as situations or individuals change. A riskadaptive system can monitor key data points, activity and risk levels for an individual or facility. Let’s look at some examples.

Environmental Risks: Mitigating danger

An employee may have authorized access to a specific location, but there may be a reason at that particular moment that the employee should not enter. There might be a safety threat and the risk-adaptive access control system would recognize this and prevent him or her from entering.

Consider some of the high-risk situations and what could occur if an unsuspecting person entered an area of risk. In critical infrastructure facilities, for example, there is always higher than average risk. Chemical spills, radioactivity, fire and other incidents are the dangerous examples to name a few. Those are relatively obvious risks and even legacy access control systems can provide some rudimentary measures to seal off areas of concern. However, without added intelligence and insight capabilities such as risk scoring and artificial intelligence (AI) to identify these risks, the current access control systems cannot adjust based on rising or sudden threats.

Beyond the facility, external threats such as weather events or potential riots in a particular area of the city, can impact the risk of entering a building or create a need for access to a safer area within the building. In those cases, the system would need to recognize the external threat and adjust access permissions while directing the employees to find safe shelter.

Emergency Response: Changing Access Permissions on the Fly

Conversely, I may normally not be authorized to access a certain area, but because of a high-threat condition and who I am, I can now enter. The combination of these two factors provided an exception to the access permissions. An intelligent access control system can analyze that data and adjust permissions on the fly.

A perfect example of this scenario would be in an emergency lockdown situation at a school. Upon arrival, with a smart device and the proof of identity, the first responder could quickly gain access to a school door or even be allowed to access the video surveillance system to see inside the school before entering. Today, with legacy access control systems, the first responder would be locked out and unable to quickly get eyes on the situation. Further, once the approved first responder has entered the school, the access-controlled door can secure behind him and a teacher or someone who may normally have authorized access would not be allowed to enter because of the elevated risk identified by the risk-aware access control system.

Going Beyond Forensic, Alarm-based to Reactive, Risk-Aware Controls

Like traditional systems, as incidents occur involving a policy breach or alarm trip, intelligent systems can immediately provide alert notifications and a plan of action for the security team to follow. An intelligent access control system can take this a step further. For example, imagine a chemical spill occurs and no one reports the incident, trips an alarm or initiates a fire pull. Without a human notification, the incident may go unnoticed.

However, with an intelligent access control system that leverages AI and integrates with other systems, it can monitor a wide array of sensor technology, data inputs, cameras, access activity and even external data sources. The system can identify anomalies that raise the threat level automatically at a facility. Leak detection, radioactivity, chemical spills and other incidents can be identified with traditional and IoT sensors and other data systems to predict what has occurred or what could occur. Further, integration with building controls systems can provide additional insight into a rising threat.

When a risk-adaptive access control system identifies threat conditions such as those mentioned above that could harm an individual, it can dynamically adjust the access permissions overriding any pre-defined rules or role profiles. Intelligent systems are predictive, proactive and can increase life safety. While a human remains in the loop and can override intelligent systems, the system can be set up to protect safety first.

It may deny access to an individual who normally has access, but is untrained or designated as a responder for the type of situation detected. Similarly, system operators, such as lobby guards, who may have the ability to temporarily open doors for visitors, but are unaware of the elevated threats around them, can be immediately denied that system-level ability to avoid further risk.

Endless Possibilities for Improved Life Safety

In today’s world, threats are increasing in sophistication and number. Our users are dynamic, our environments are always changing, and we have a wide range of systems and sensors providing important security-related data. We are overloading our security teams with information to the point where they cannot process it. Now, more than ever, is the time to provide them with AI assistance and risk-adaptive access control. Once you move to an environment that provides insights to your security team, the possibilities are endless.

This article originally appeared in the May/June 2019 issue of Security Today.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3