UFC 4-021-02NF
27 September 2006
change 1, 23 October 2006
3-2.3
operate on the principle that a person has been issued a code or PIN to enter into the
device that will verify the authenticity of the code entered. Any person entering a correct
code is authorized to enter the controlled area.
3-2.3.1 Advantages and disadvantages of using coded devices are shown in Figure
3-3. For information about the different types of coded devices see the section Keypads
and PIN Codes, later in this chapter.
Figure 3-3. Advantages and Disadvantages of Using Coded Devices
Advantages
Keypads are compact and easily understood.
Different codes may be used to give access to different points and
doors.
Maintenance is easy.
Keypads are not expensive. They are reliable and easily replaced or
repaired. Little complex hardware is needed.
No cards or tokens need be carried so there is nothing to lose.
A duress code, known only to the user, can be input covertly if a
legitimate person is forced to enter under duress.
Disadvantages
Codes are easily passed on to other unintended or unwelcome
visitors.
The code can possibly be viewed by others and thus used for
unapproved entry.
Hands-free operation is not an option.
The number of allowable unique codes can be limited. For example, a
four-digit PIN only provides 10,000 different possible codes.
3-2.4
Biometric devices.
Biometric devices rely on
measurements of
biological
characteristics of an individual, such as a fingerprint, hand geometry, handwriting, voice,
or iris patterns. Selected individual characteristics are stored in a device's memory or on
a card, from which stored reference data can be analyzed and compared with the
presented template.
3-2.4.1 A one-to-many or a one-to-one comparison of the presented template with the
stored template can be made, and access granted if a match is found (depending on the
authorized security level). There are two important acceptance results of which to be
aware. They are false reject and false accept. False reject is denying entry to authorized
personnel. This is inconvenient, but does not compromise security. False accept is
granting access to non-authorized personnel. This is the most critical result, as highly-
secure facilities cannot afford the error of a false accept. All ACS have some
percentage of false positive (accept) alarm signals, ESS system designers should
understand the issues and work to minimize the number of false positive (accept)
events. From a logistics perspective, missions cannot be accomplished if false reject
27