Our “network architectures” for access control are optimized differently than for HVAC. We are much more database oriented, and that, too, has provided a better synergy with the IT department. We have controllers with databases for “Who goes where, when.” These controller databases are downloaded from a server and operate locally, even if the server halfway around the world is down or otherwise unavailable.

However, we have a separate database in the server that contains lots of text (names, departments, vehicles, phone numbers, etc.), images (photos, signatures, and logos), biometric templates, and video (time-stamped digital video recorder clips). Sure, we download some sophisticated application logic (control sequences) into our controllers for local control, and we absolutely need operators to respond to alarms and manually unlock doors in real time. But most of what we do is about “data,” very secure data.

Cooperation is the name of the game

Another reason that access control systems are enterprise class is that we must interface with other departments outside of facilities. Very often we are asked to import data associated with a new class of students from Administration or Housing, or new employees from Human Resources. Or, we need to capture the data from a competitor’s system when the customer is doing an upgrade.

These situations involve importing data. It can be a one-time batch process, a daily import, or even real-time, as for visitor management. We export data, too. It might be for the facilities department that chooses to use the access control system that counts people entering or leaving a building (or area) as a lower cost alternative to IAQ sensors. Or, perhaps we manage the parking for employees and visitors and send the results to finance as a revenue generating activity.

New paradigms of management occur when data for employee and visitor access activity are analyzed by time of day. In our new mobile society, we might find that our facility resources aren’t really being used by all the employees between 8 and 5, and some operations are more visitor-centric. Perhaps we can redeploy resources. When data spans departments, we just see things differently.

Sharing and securing data

So how do we share data? The IT department struggles with silos of information and how to bring them together to reduce cost or discover ways to increase revenue. Does BACnet provide the solution? What about the SIA (Security Industry Association) or oBIX? They all are moving in the right direction.

BACnet is certainly optimized around HVAC and does an excellent job of real-time control with a system comprised of several manufacturers’ products. They have added fire alarm capability to their scope and are now actively developing constructs for access control and close-captioned television (CCTV).

SIA is cooperating with BACnet but taking an interesting, modern approach. They are now developing their standards in UML (Uniform Modeling Language), which is protocol agnostic. Tools are available to convert UML data models to other languages such as XML, which is ideal for sharing data.

oBIX, which is an entity of the Organization for the Advancement of Structured Information Standards (OASIS), has developed standards directly around XML for interoperability between building systems and business systems. In time, as we realize that we need to be more data centric, as we become more IT-centric, I expect all the standards bodies to draw closer together especially around XML – the lingua franca of data exchange.

But, in this day of privacy concerns, how do we secure the data? Once again, the access control industry has developed a bit more competency in this area. Two key areas are authentication and encryption.

In the HVAC world, as with many other applications, it is not unusual to perform authentication within the application. However, with an access control system on the corporate network, we often have to authenticate to a separate domain server operated by the IT department. Our applications have been written to accommodate Microsoft’s Active Directory for authenticating any security operator logging on to his workstation. Special provisions are also made for separating out our SQL Server database when the IT department provides database management for the enterprise.

Today’s enterprise class system is one that is focused on meeting the business needs of the enterprise. The manufacturers need to be aware that new system architectures will be required to meet those needs competitively. Standards, whether for building control, exchanging data, or securing data, at least bring various departments to the conference table.

As for the access control industry, we are always facing convergence. Now, the IT guys and the facility guys want to use one card to both get in the front door and get on the computer.IBT