Single card access, decentralized control at Georgia Tech

Feb 1, 2001 12:00 PM, ACCESS CONTROL & SECURITY SYSTEMS INTEGRATION STAFF

From its beginnings more than a century ago, the Georgia Institute of Technology has established a tradition of excellence in technological research and education. Founded in 1885, Georgia Tech has long been considered one of the world's premier technology-oriented universities, boasting a highly-respected faculty of teachers, researchers and consultants. It is also home to the Georgia Tech Research Institute (GTRI), a government-sponsored research center. More than 160 buildings comprise this 350-plus-acre urban campus in downtown Atlanta, where 20,000 students, faculty, scientists and staff attend classes, teach and conduct research.

Single card access control As is the case with many research universities, Georgia Tech's facility management is decentralized - operational control and responsibility for each building reside with the department occupying the facility. Access control needs range from low to very-high security requirements. Over the past 20 years, various departments and agencies at Georgia Tech installed several types of keyless entry systems in more than two dozen buildings on campus. There was no integration among these systems - several different access cards were in use, a single database did not exist, and compatibility and maintainability were constant concerns. Also, it was cumbersome to change door schedules, add or delete access privileges, or even to service these systems. Coupled with questions of Y2K system compliance, these concerns were the impetus in 1998 for the administration to form a steering committee - consisting of staff/faculty/student representatives - to identify a single system capable of meeting Georgia Tech's campus-wide access control requirements.

System requirements Early on, the steering committee determined that the new security system should be able to integrate access control, burglar alarms and CCTV, if needed, for the high-security research areas. While the access control system needed to be separate from the system used for campus retail operations (i.e., food service, bookstore, parking, etc.), the university wanted to issue only one card to faculty, staff and students for both security and retail purposes.

There were other priorities in selecting a new system. The system had to accept multiple card technologies, i.e., magnetic stripe and proximity. It had to operate over the campus' existing LAN (Ethernet TCP/IP), be expandable to 120-plus buildings and 100,000-plus cards, incorporate a batch add/delete capability (sometimes as many as 1,500 personnel files at a time) to accommodate the after-hours access needs of various departments, and a time-and-attendance reporting function.

As important as the one card concept, the system also had to allow for distributed network operations. A single agency would provide campus-wide centralized system security and database management and support, but with decentralized operation and control by the individual academic departments. Each department felt strongly that it wanted to retain control of faculty, staff and student access to buildings and high-tech/computer laboratories; monitor the facility's use; and determine associated lock/unlock door scheduling.

Georgia Tech selects a system In search of a card access system with "off-the-shelf technology" to meet the requirements of Georgia Tech and those of GTRI, the steering committee narrowed the field of potential contenders. In the end, they selected an Atlanta firm, Operational Security Systems Inc. (OSS) to design, install and maintain an Andover Controls Continuum Security Management System.

Jim Coleman, president of OSS (and a proud Georgia Tech alumnus!) says the Continuum system is networkable, NT-based, and allows for distributed administration. States Coleman: "Each college within the university can have control over their domain. This is extremely important to the Georgia Tech community."

Police department performs general administration Given how the security card access system was structured and how operational functions were established for the campus, the university designated the Georgia Tech Police Department as proponent and central administrator for the campus Security Card Access System (SCAS). The police department appointed Mike Pearson, its physical security specialist, as the program manager, assisted by Steve Travis, the department's computer support specialist.

The unique security requirements of the Georgia Tech Research Institute (GTRI) necessitated that a separate Continuum system be installed for its facilities. Responsibility for central administration of this system resides with Bob Lang, director of security. System design and implementation is being facilitated by J. Kurt Aikman of GTRI.

Installation of the card access system began in June of 1999. First, Operational Security Systems converted the existing access systems in 19 buildings on campus to Andover Continuum and then expanded Continuum into several new buildings. Pearson coordinates and monitors all security card system requirements - number, type and location of card readers, price quotes and associated funding, as well as timelines for installation and training on the system. At the present time, the Continuum system controls 30 buildings with 360 card readers and continues to expand with the addition of buildings and individual card readers on doors to high-tech areas around the campus. Currently, GTRI is installing 145 card readers in 11 buildings, six of which are located approximately 25 miles north of the campus.

The Buzz Card Georgia Tech's ID card - called the "Buzz Card" after the school's mascot, the yellow-jacket wasp - is used as the access card for the security system. Two versions are issued. The standard campus Buzz Card incorporates both magnetic stripe and barcode technologies; it is used as a library card, meal card and debit card, as well as an access control card. Several facilities on campus opted for the capabilities of proximity technology. A limited number of Buzz Cards have a prox chip in them to allow designated individuals access to sensitive areas on campus that have been outfitted with proximity card readers. To ensure access for all personnel at Georgia Tech and to meet ADA requirements, specific doors have been equipped with proximity card readers, as well. Due to the higher security requirements of classified research areas, GTRI's security access control system uses strictly prox card technology, readers and keypads.

The campus "Buzz Card Center" produces the badges. Requisite data is provided to the center by several offices on campus, including the registrar office, admissions, and housing. Each day, the Buzz Card center transmits cardholder changes to the central Continuum SQL database, located in the Campus Police Department. The Police Department uses a Dual Pentium III arrangement as the main server, with a Microsoft Cluster server for redundancy. Currently, the database contains more than 40,000 records. The GTRI system is comparable, but is not linked to the Buzz Card databank. Additionally, the GTRI system is automatically backed up daily to a secondary server, creating daily history for one month and monthly history for one year.

Decentralized control and monitoring Each department at Georgia Tech administers the security card access system for its facilities via its own dedicated front-end workstation. According to Matt Barnette, eastern regional sales manager for Andover Controls, there are currently 26 Continuum CyberStation Windows NT workstations networked on the campus Ethernet. The arrangement allows the departmental administrators to exercise autonomy in determining access into their respective sections of a building or buildings. Decentralized control is key at Georgia Tech, and an essential requirement that was established at the outset by the steering committee. "What's more," says Barnette, "Georgia Tech can easily deploy additional workstations anywhere on the campus without costly system upgrades."

Each department establishes its own standard and holiday door schedules, adds and deletes personnel records, handles visitors requests, monitors access events, and prints its own reports. To make it easier for departmental administrators to use the Continuum software, Steve Travis designed simple graphic menu screens for many of the common functions. They simply click on bright yellow screen buttons to "Add Access," "Remove Access," "Lock/Unlock Doors," etc. Access into each department's "portion" of the card access system is password-protected. Although the police department programs access for its officers to all exterior doors on campus, each department decides whether to allow the Campus Police access to its interior doors. And for obvious reasons, the police department can suspend universal access for a Buzz Card reported lost or stolen. Other than those two functions, each department exercises complete autonomy over its respective areas.

Another significant advantage has been realized, according to Mike Pearson. By "decentralizing" control of the security card access system to the individual departments and by simplifying operational functions, an individual who is already employed within a department can easily take on system administrative duties. "Using talent that's already onboard eliminates the need for Georgia Tech to hire additional personnel, let alone create additional office space to handle these duties," says Pearson. "Plus, the departments feel more comfortable and in control making their own access decisions."

At the Georgia Tech Research Institute, the Continuum access control system and CCTV feeds are integrated into the GTRI Security Command Center console. Console operators monitor and record access control and CCTV events 24/7.

The card access Web page If faculty, staff, or students have questions about the Georgia Tech card access system, the answer could be a click away. A direct link from the Campus Police home page (http://www.police.gatech.edu) provides an overview of the Georgia Tech card access system, including how the system works (with an easy-to-understand schematic), "Frequently Asked Questions," system specifications and computer requirements, training information, troubleshooting, and "Points of Contacts."

Future projects The Continuum card access system continues to expand at Georgia Tech with additional campus buildings coming online and new security applications implemented every month. Currently, plans are in the works to add 11 academic buildings to the system, with a follow-on goal of integrating all the major facilities on campus into the system. GTRI has comparable plans under review to expand its system to 400 card readers covering off-campus facilities in several states.

Capitalizing on system flexibility, Georgia Tech is considering various initiatives to enhance the security of high-tech/high-value electronic equipment located in many of their facilities. By attaching alarm sensors to these items and linking the sensors to Continuum, any attempt to remove an item will automatically page designated personnel, activate a local annunciation alarm, and simultaneously transmit an alarm to the Security Command Center's Continuum workstation.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue