Physical access control systems today predominantly use access badges with weak cryptography or no cryptography at all despite better building blocks being available. While strong cryptography is a necessary ingredient of a secure system, modern access control also demands continuous key management and intrusion monitoring. These common security principles are virtually unknown where buildings and premises are protected.
We would like for access control to become a prototype for good security reasoning built on open standards and best practice security principles. Towards this goal, the study “Establishing Security Best Practices in Access Control” provides the structure for comprehensive building access control. The design guidelines are provided as requirements such that they are directly usable in a request for proposal.