Eric Schmeidl & Mike Spindel: Strengths and Weaknesses of Access Control Systems

Summary: Access control systems are widely used in security, from restricting entry to a single room to locking down an entire enterprise. The many different systems available?card readers, biometrics, or even posting a guard to check IDs?each have their own strengths and weaknesses that are often not apparent from the materials each vendor supplies. We provide a comprehensive overview of 20 different access control technologies that focuses on weaknesses (particularly little known or not-yet public attacks) and other points that a buyer would not likely get from a vendor. We also present a model for thinking about access control systems in general that will provide a useful framework for evaluating new or obscure technologies.