 |
| The new system offers Princeton more flexibility and potentially saves money |
Deployment at Princeton’s housing facilities
Using technology from SALTO Systems, the massive deployment includes 53 residence halls and 3,700 individual locks. It impacts about 9,000 undergraduate and graduate students living in Princeton’s housing facilities. Previously students would tap their HID iCLASS 32K card at the main entrance and then use a key for access to their rooms, Tuccillo explains. Starting in the fall, after students are through the main entrance they tap the card on a reader and enter a PIN to access their room.
“The housing department wanted something more robust,” says Trucillo, explaining the choice to require both contactless read and PIN entry. They wanted two-factor authentication so that if a student lost an ID card someone could not gain access to their room, he explains. To meet this need, Princeton chose SALTO’s XS4 lock with keypad.
For added security, the campus is assigning PINs rather than allowing students to self-select their own. “This is to avoid students choosing 1-2-3-4 as their PIN,” Tuccillo says. Students have been notified of their PIN and the changes to the physical access control system through email, physical mail and other print materials.
The data on card concept
“In a SALTO system, all data required to make an access decision is held on the card,” explains Mike Mahon, Senior VP Commercial Sales, SALTO Systems. The lock and card communicate with each other to determine if access should be approved or declined. This eliminates the need for online connectivity to a central database during access transactions.
In addition, Mahon explains that the cards themselves can act as transport, carrying system data throughout the network of readers. Cards pickup data from readers in the normal course of entries and exits and spread this data to other readers in a viral manner during subsequent transactions.
This Data on Card concept is a key part of what SALTO calls the SALTO Virtual Network. Another key component is the series of online readers known as hotspots. At a hotspot, cards can be revalidated, PINs changed and access rights adjusted. Additionally, important system data can be loaded for viral dissemination. Hotspots can be normal online exterior door readers or they can be dedicated stations, conveniently located within a building.
Revalidation of card privileges at hotspots is crucial to the SALTO Virtual Network architecture. In traditional online access control systems, cards and privileges are revoked. Access rights for a terminated employee or student are turned off in the central system and all subsequent access requests are declined during the online transaction. But this presents a challenge in offline environments, as the removal of rights for a terminated cardholder cannot be communicated immediately to the deployed readers.
SALTO solved this challenge by reversing the traditional access control model. “Rather than granting privileges with no expiration or extremely long life spans, we grant short term privileges and use the power of our hotspots to facilitate rapid, seamless revalidation,” explains Mahon.
"Princeton opted to connect the interior XSR locks via Wi-Fi to enable real-time audit tracking for access transactions" |
Imagine a building with two exterior doors and two hundred interior doors controlled with SALTO locks. Cardholder privileges are set to expire every 24 hours and all interior locks operate completely offline. Each time a cardholders enters the building, the students’ privileges are revalidated and rewritten to the card granting access for the next 24-hour period. This enables the student to pass through any approved interior door readers. If the individual is fired or expelled, the card will no longer be revalidated at an exterior door and the current privileges on the card will expire at the end of the 24-hour window.
Furthermore, as other cardholders enter through the exterior doors and are revalidated, the terminated cardholder data is written to the card for viral distribution. As these valid cards are presented to offline door locks through the normal course of operations, the terminated card is added to the lock’s blacklist. If the terminated card is presented to that lock during the few hours it still has remaining on from its prior validation, access is denied and the card rendered inactive.
Benefits from both online and offline functionality
This also reduces the reliance on revalidation of credentials as terminated cardholders can be removed from the deployed readers via online notification. The university chose to revalidate at different intervals based on group, for example staff once per week, students and faculty once per semester and certain staff every 48 hours, explains Mahon.
The new system offers Princeton more flexibility and potentially saves money. In the past, if a key was lost the lock had to be re-keyed. With the new system, however, changes can be made to the physical access control system removing the lost card and issuing a new credential for the student.
It also streamlines the process for granting contractors access to residence hall rooms. Physical master keys were assigned or temporarily issued to contractors. The problem with master key-based systems is that lost keys create extreme vulnerabilities and costs. In traditional environments, a lost master key would entail mass rekeying at significant expense.
In the new environment, the contractor is issued a card with only the appropriate privileges. If lost, the card is simply cancelled and the risk mitigated. The new system also keeps an audit trail of who accessed what locations and when. The new system was two-years in the making, Tuccillo explains. With the start of the Fall semester, students and campus administrators should start reaping the benefits of these efforts to better secure Princeton’s residential facilities.
