Springe zum Inhalt
Schlüsseldienst für Mülheim

Schlüsseldienst für Mülheim

Fairer und schneller Service

  • Startseite
  • Blog
  • Impressum und Datenschutz

Stay In Control Of Access Security With MTSC

Januar 28, 2022
Von In Uncategorized

Stay In Control Of Access Security With MTSC

With the Master Token System Control (MTSC), organizations gain independence and control over access security. This is ensured by key and authorization management. For buildings, schools, offices and airports, access control is becoming more and more important to protect against theft, crime and physical access to practical data. In hospitals or nursing homes, effective and contactless access control ensures that pathogens (e.g. Covid-19) contained.

Beyond the automated authentication of individuals and qualifications using IT technology is now extremely secure. Access control systems often use symmetric encryption, such as that based on AES („military-grade encryption“). Thus, access to infrastructures with smart cards (badges) is largely secure, but only after the technology has been implemented.

Access security is only as plain as its weakest link

We use smart card based access control on a daily basis An ID card opens the door to our workplace, for example.No one is allowed to have access to the encryption code („password“), which is securely stored in the lock. With AES it is one 192-, 200- or 256 bit number. Modern „Secure Component“ technology prevents physical/electrical access to the code once the emergency room is stored in electronic locks, even for the most sophisticated cyberpunk. However, one shortcoming remains.

How are encryption keys installed?

For the question: „Who has access and how can this be managed?“ the most vulnerable point of attack is neither the access control system nor the encryption or physical media (ID cards). The problem is how the cryptographic key gets into the locks in the first place. A breach at this level can leave the entire access control vulnerable.

Disadvantages of factory programming

„Factory programming“ allows cryptographic keys to be securely installed in locks. However, there are three problems with this:

If security is not entirely in your own hands, it can be at risk: E.g. if electronic locks are from an external provider How many „strangers“ (third parties, in IT and logistics) had access to the codes before the lock was installed? You don’t know!
Logistics: As long as the locks are delivered as „blanks“, the logistics remain simple. With factory-programmed locks, a versatile product becomes a customer-specific product. This makes the lock more expensive and causes over/underproduction or errors to risk.
Change of Ownership: Businesses close, move and are sold. To prevent access by previous owners, locks must be reprogrammed, making factory programming quite ineffective.
Key programming on site

Castle blanks cannot be programmed over a network–encryption is only possible installed code possible. The individual who installs the key on site poses a risk. A visible key can easily be copied, memorized or photographed. To prevent the key from being revealed during initialization, Legic has developed MTSC („Master-Token System-Control“) for key and authorization management. This gives organizations right independence and control over the access security, including cards and readers.

A shared secret is not a secret

The most important thing about MTSC is the conscious avoidance of secrets (keys). through non-human readable, physical symbols ie uncopyable, contactless smart cards.Companies with a security system based on visible passwords often do not realize how easily they can be harmed.MTSC doesn’t use passwords, so there is better control over the security contactless smart car d applications possible.

MTSC is based on a unique, invisible „genetic code“ embedded in a Master Token. Emergency room is transmitted contactless to readers via RFID when the ID card is initialized and when the system is configured. It allows administrators to securely manage their badge population and easily add/remove applications (up to 127 Applications for access control, time and attendance, secure printing, ePayment and others).

Delegation to third parties from the MTSC system

Beyond partial delegation of code implementation to trusted third parties in remote offices or external card reader manufacturers is practical. A „limited initialization card“ is helpful here. Owners of an MTSC system do not have to have a system-wide code, but can give external readers and card manufacturers a physical token that only allows a certain number of feasible configurations. This makes the services strictly controllable, traceable, revocable and verifiable („Hierarchical Delegation of Rights“).

Security through organizational structure and processes

The security is achieved through the physical protection of the master token, because the codes remain hidden, similar to gold bars in a safe. By following basic measures, the reader initialization and the card production is secured by an appropriate level of security and authorized individuals. Master tokens can only be removed via a documented operation with the appropriate approval levels (four-eyes principle). In systems based on visible passwords, the key remains in the memory of at least one individual as soon as the emergency room is removed from the „safe“. With an MTSC master token, passes away does not happen.

Implement verifiable processes

With MTSC, basic, verifiable, organizational measures can be implemented for a high level of security for the master token. Physical objects, such as cash or precious metals, are subject to comparable protection. The process for human-readable data is more complex and entails higher security risks. MTSC thus enables the easy implementation of verifiable processes, as in ISO-27001, „Appendix A. 9 Access Control“.

Photo

Photo: Fraport The largest German commercial airport in Frankfurt employs about 81.000 Employees. To manage the security of access controls for employees and contractors, a multi-level MTSC security concept was introduced for numerous functions, processes and applications.

MTSC Use Case: Frankfurt Airport

The biggest German commercial airport employs about 19. 19 Employees . To manage the security of access controls for employees and contractors, a multi-level MTSC security concept was introduced for numerous functions, processes and applications. Read about the implementation of „Frankfurt Airport: How do you protect an access control system so that it can easily be audited?“

Source
www.fr-online.de .

Source

NachrichtenJetRead MoreSicherheit, access, control, mtsc, Nachrichten, security, stay, with

access control security
Verfasst von:

Alle Beiträge anzeigen

Schreibe einen Kommentar Antworten abbrechen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Search

Recent Posts

  • [Untersuchung] Welcher Polnische Europaabgeordnete Ging Aka Qua Freier Arbeitskraft Hinaus Aserbaidschan-Studienfahrt
  • [Meinung] Mission Von Seiten Wales An Alte Welt: „Unsereiner Eintrudeln Wiederholt“
  • [Interview] Durchsichtigkeit-Aktivist Verspricht Beule Vonseiten EU-Akten
  • Die EU übergibt Zuvor Dem Migrationsgipfel Boote Welcher Libyschen Küstenwache
  • [Feature] Fußballteam Selbstmorde Pro Tag – Spaniens Keinesfalls Allesamt So Beschaulichkeit weltweite Seuche

Archives

  • Februar 2023
  • Januar 2023
  • Dezember 2022
  • November 2022
  • Oktober 2022
  • September 2022
  • August 2022
  • Juli 2022
  • Juni 2022
  • Mai 2022
  • April 2022
  • März 2022
  • Februar 2022
  • Januar 2022
  • Dezember 2021
  • November 2021
  • Oktober 2021

bundesrepublik dasjenige ddorf-aktuell dessen dieser dänemark: düsseldorf einander erklÄrt: französische förderation gegenseitig grande hauptstadt hinaus internetzeitung italien jener kamp-lintfort krauts königreich moers: nation neuesten neukirchen-vluyn: newspaper ostmark republik russische schweden seiten seitens spanien statt stelle tages: ukraine unter vonseiten welche welcher welches woche [meinung] [ticker]

Logo  

Schlüsseldienst Kontaktdaten

Standort
@Mail
+99 999 999 99

Recent Posts

  • [Untersuchung] Welcher Polnische Europaabgeordnete Ging Aka Qua Freier Arbeitskraft Hinaus Aserbaidschan-Studienfahrt
  • [Meinung] Mission Von Seiten Wales An Alte Welt: „Unsereiner Eintrudeln Wiederholt“
  • [Interview] Durchsichtigkeit-Aktivist Verspricht Beule Vonseiten EU-Akten
  • Die EU übergibt Zuvor Dem Migrationsgipfel Boote Welcher Libyschen Küstenwache
  • [Feature] Fußballteam Selbstmorde Pro Tag – Spaniens Keinesfalls Allesamt So Beschaulichkeit weltweite Seuche

Categories

  • Uncategorized

Stolz präsentiert von WordPress | Theme: BusiCare Dark von SpiceThemes

Generated by Feedzy
Cookie-Zustimmung verwalten
Um dir ein optimales Erlebnis zu bieten, verwenden wir Technologien wie Cookies, um Geräteinformationen zu speichern und/oder darauf zuzugreifen. Wenn du diesen Technologien zustimmst, können wir Daten wie das Surfverhalten oder eindeutige IDs auf dieser Website verarbeiten. Wenn du deine Zustimmung nicht erteilst oder zurückziehst, können bestimmte Merkmale und Funktionen beeinträchtigt werden.
Funktional Immer aktiv
Die technische Speicherung oder der Zugang ist unbedingt erforderlich für den rechtmäßigen Zweck, die Nutzung eines bestimmten Dienstes zu ermöglichen, der vom Teilnehmer oder Nutzer ausdrücklich gewünscht wird, oder für den alleinigen Zweck, die Übertragung einer Nachricht über ein elektronisches Kommunikationsnetz durchzuführen.
Vorlieben
Die technische Speicherung oder der Zugriff ist für den rechtmäßigen Zweck der Speicherung von Präferenzen erforderlich, die nicht vom Abonnenten oder Benutzer angefordert wurden.
Statistiken
Die technische Speicherung oder der Zugriff, der ausschließlich zu statistischen Zwecken erfolgt. Die technische Speicherung oder der Zugriff, der ausschließlich zu anonymen statistischen Zwecken verwendet wird. Ohne eine Vorladung, die freiwillige Zustimmung deines Internetdienstanbieters oder zusätzliche Aufzeichnungen von Dritten können die zu diesem Zweck gespeicherten oder abgerufenen Informationen allein in der Regel nicht dazu verwendet werden, dich zu identifizieren.
Marketing
Die technische Speicherung oder der Zugriff ist erforderlich, um Nutzerprofile zu erstellen, um Werbung zu versenden oder um den Nutzer auf einer Website oder über mehrere Websites hinweg zu ähnlichen Marketingzwecken zu verfolgen.
Optionen verwalten Dienste verwalten Anbieter verwalten Lese mehr über diese Zwecke
Einstellungen ansehen
{title} {title} {title}