GOST R 51241 Access control and management tools and systems.
GOST R 51241 «Access control and management tools and systems»
Work on the standard for access control means, as already noted, began in 1996. It involved the Research Center «Security» of the Ministry of Internal Affairs of Russia together with the Research Institute of Information Technologies of the Ministry of Internal Affairs of Russia, the State Unitary Enterprise SNPO «Eleron», military unit 31650 of the Ministry of Defense of Russia and the State Technical Commission of Russia, which are the main co-executors.
Representatives of the Central Bank and Sberbank of Russia, such companies as Ista, Integrator, KiS Elektronika, Sigma, Terna, Formula Bezopasnosti, Algont, and a number of others took an active part in the discussions of the project. Taking into account all the comments and suggestions, the second edition of the standard was prepared in December 1997, which is currently under consideration at VNIIMash of Gosstandart of Russia, Gosstandart of Russia, and the main co-executors. Based on the results of the consideration, the final edition will be adopted.
Contents of the standard
The standard contains the following sections:
• Scope.
• Normative references.
• Classification of access control and management tools (ACM).
• Classification of ACM systems.
• Classification of ACM tools and systems by resistance to unauthorized actions (UAS).
• General technical requirements.
• Requirements for the functional characteristics of ACM tools and systems.
• Requirements for the functional characteristics of systems.
• Requirements for the functional characteristics of barrier devices (BD).
• Requirements for the functional characteristics of identification devices (ID).
• Requirements for the functional characteristics of access control and management devices (ACMD).
• Requirements for resistance to electromagnetic interference.
• Requirements for resistance to unauthorized access.
• Reliability requirements.
• Requirements for resistance to external influencing factors.
• Power supply requirements.
• Safety requirements.
• Design requirements.
• Marking requirements.
• Test methods.
The standard contains the following appendices:
• Appendix A. Terms used in this standard and explanations for them.
• Appendix B. List of basic and possible increased requirements and characteristics of KUD systems.
• Appendix B. Automated systems. Classification of automated systems and requirements for information protection (from the RD of the State Technical Commission of Russia).
• Appendix G. Computer equipment. Indicators of protection against unauthorized access to information by protection classes (from the RD of the State Technical Commission of Russia).
• Appendix D. Bibliography.
• Appendix E. Key words.
Application area
The standard applies to means and systems for access control and management to premises, buildings, structures, people, transport and other objects. The standard establishes the classification, general technical requirements and testing methods for means and systems.
Note. A system here refers to a set of technical means. The standard does not apply to issues of organizational measures for access control and management.
Terminology
The standard's terminology is provided in the appendix, but here we will begin with establishing the basic concepts.
Access control and management— a set of measures aimed at restricting and authorizing the movement of people, vehicles and other objects into premises, buildings, structures and on the territory.
KUD means — mechanical, electromechanical, electrical, electronic structures, devices and software that ensure the implementation of access control and management.
KUD system — a set of control and management tools that have technical, information, software and operational compatibility.
Barriers — devices that provide a physical barrier to unauthorized movement of people, property, and vehicles into premises, buildings, and on the territory (doors, gates, turnstiles, passage cabins, etc. structures). The barriers include actuators that provide for the opening or closing of barriers (electronic, electromechanical, electromagnetic locks, latches, actuators).
Identification devices (identifiers and readers) — devices that establish the rights of people and vehicles to move through barriers.
Access control and management devices — devices and software that establish the access mode and ensure the reception and processing of information from identification devices, control of actuators, display and logging of information.
Identifier— an item into which (onto which) code information is entered using special technology (cards, keys, key fobs and other items).
Reader — an electronic device designed to read code information from an identifier.
Biometric identification — identification based on determining the individual physical characteristics of a person.
Real code — a code recorded on a physical medium (identifier).
Memorized code — a code entered manually using a keyboard, code switches or other similar devices.
Access point — a place where access control is directly carried out (for example, a door, turnstile, passage cabin equipped with a reader, actuator, electromechanical lock and other necessary means).
Access zone— a set of access points associated with a common location or other characteristics (for example, access points located on the same floor).
Access time interval (time window) — a time interval during which movement is permitted at a given access point.
Access level — a set of access time intervals (time windows) and access points assigned to a specific person or group of persons who are allowed to access specified access points during specified time intervals.
Unauthorized actions (UA):
• hacking — actions aimed at unauthorized entry through a barrier device by destroying it;
• opening — actions aimed at unauthorized entry through a barrier device without destroying it;
• manipulation — actions performed on access control devices without their destruction, the purpose of which is to obtain a valid code or to open a barrier device. Access control devices may continue to function correctly during and after manipulation, and traces of such actions will not be visible. Manipulation also includes actions on software;
• surveillance — actions performed on access control and management devices without direct access to them, the purpose of which is to obtain a valid code;
• copying — actions performed with identifiers, the purpose of which is to obtain a copy of the identifier with a valid code;
• coercion — violent actions against a person with access rights, with the purpose of unauthorized entry through a barrier. Access control and management devices may function normally;
• sabotage — intentional deterioration of the system without disrupting its functionality.
Bullet resistance— the ability of a barrier to withstand through penetration by bullets and the absence of secondary damaging elements dangerous to humans.
Explosion resistance — the ability of a structure to withstand the destructive action of explosives of the established power.
Classification of KUD
The standard establishes the classification of means by functional purpose.
Classification by functional purpose:
• barrier devices with actuators;
• identification devices — readers and identifiers;
• access control and management devices.
Classification of individual devices.
Classification of ID:
• with full overlap (doors, airlocks, gates, passage cabins);
• with partial overlap (turnstiles, barriers and other similar structures).
Classification of ID by code type:
• mechanical;
• magnetic;
• optical;
• electronic;
• sound;
• biometric.
Classification of UID by the method of reading the code:
• manual code entry — by pressing keys, turning switches or other similar elements;
• contact — reading occurs through direct contact between the reader and the identifier;
• electrical contact — reading occurs through electrical contact between the reader and the identifier;
• remote (contactless) — reading occurs when the identifier is brought to a certain distance from the reader;
• biometric — reading individual physical characteristics of the person (fingerprints, palm print, voice, etc.);
• combined.
Classification of UKUD:
• technical means;
• software;
• software and hardware.
The standard introduces the concept of means of access control to information, which are software, hardware and software-hardware means designed to prevent or significantly hinder unauthorized access to information.
Access control means also include special protective signs (SPS).
SPS are products created on the basis of physical and chemical technologies and designed to control access to protected objects, as well as to protect personal identification documents from counterfeiting.
Classification of KUD systems
The standard establishes a classification of control and monitoring systems:
• by control method;
• by identification level;
• by the number of controlled access points;
• by functionality;
• by the level of protection of the system from unauthorized access to information;
• by resistance to unauthorized access.
By control method:
• autonomous — for control of one or more access points, without or with one-way data exchange in the system;
• network — for access point management, with continuous two-way data exchange in the system and management from the security post.
By identification level:
• single-level — identification by one feature, for example, by reading a code;
• multi-level — identification by several features, for example, by reading a code and biometric data.
By number of controlled points:
• low-capacity (up to 16 points);
• medium capacity (16 to 64 points);
• high capacity (more than 64 points).
By functionality, there are four classes of functions:
• class 1 — systems with limited functions;
• class 2 — systems with extended functions;
• class 3 — multifunctional systems;
• class 4 — systems with special functions.
Note. Special functions can be introduced into systems of any of classes 1-3.
By the level of protection of the system from unauthorized access to information.
Classification of KUD systems by protection from unauthorized access to information is carried out in accordance with the RD of the State Technical Commission of Russia. At the same time, systems of normal stability must correspond to classes ЗБ and 2Б, systems of increased stability — АЗ, ЗД, systems of high stability — 1Г and 1В.
Classification of KUD means by resistance to unauthorized access to information is carried out only for UKUD according to RD of the State Technical Commission of Russia. In this case, means of normal resistance should be of the 7th or 6th class, increased — 5th class, high — 4th class.
Classification of KUD means and systems by resistance to unauthorized access
Classification of KUD means and systems by resistance to unauthorized access is determined by resistance to destructive and non-destructive effects and is established at three levels:
• normal resistance;
• increased resistance;
• high resistance.
In the levels of increased and high resistance, the relevant regulatory documents may establish classes (categories) of resistance to certain types of impacts.
Classification by resistance to destructive impacts is established for UZ and includes:
• resistance to burglary;
• bullet resistance;
• explosion resistance.
Classification by resistance to unauthorized non-destructive impacts can be established for all KUD tools and systems depending on their functional purpose and includes:
• resistance to manipulation;
• resistance to copying (for identifiers);
• resistance to protection of computer equipment from unauthorized access to information.
General technical requirements
KUD tools and systems must be developed, manufactured and supplied in accordance with the requirements of this standard, GOST R 50775, as well as other standards and regulatory documents for specific KUD tools and systems.
Requirements for functional characteristics
KUD tools and systems must ensure the possibility of both round-the-clock and shift work, taking into account maintenance.
KUD tools intended for building systems must function as part of them and have technical, information, software and operational compatibility.
Parameters and requirements determining the compatibility of means must be established depending on the purpose and conditions of use in regulatory documents for specific means and systems.
Requirements for the functional characteristics of systems
The standard establishes the characteristics of the KUD systems, which must be specified in the technical specifications or other regulatory documents for specific systems:
• the number of points, access zones and users;
• the number of time intervals (time windows) and access levels;
• throughput;
• distance from the most remote access point to the control point;
• reader operating range (for contactless readers);
• indicators for functional characteristics for classes of autonomous or network systems;
• indicators for levels and classes of resistance to unauthorized access.
Functional characteristics for systems are given in the text of the standard in tables that contain requirements for the characteristics of systems for each class.
KUD systems must ensure:
• control of the access control system in accordance with the established mode;
• display, registration and storage of information;
• light and/or sound signaling at access points about the access status;
• light and/or sound signaling about attempts at unauthorized access and the occurrence of alarm situations;
• control of the access control system in emergency situations, fire, technical malfunctions;
• protection of the emergency control system of the UZ from the possibility of its use for unauthorized entry. Networked ECS systems must additionally ensure:
• registration of access and logging of current and alarm events;
• selective registration of current events;
• priority display of alarm events;
• setting time intervals of action («time windows») and access levels;
• control of the access mode by commands from the ECS;
• automatic access control in emergency situations and emergencies (fire, earthquake, explosion, etc.);
• blocking access by commands from the control post in the event of an attack;
• the ability to work with data storage in controllers in the event of a failure of network power supply.
Requirements for the functional characteristics of the UZ
The UZ must provide a physical barrier to entry into a room, building, area or territory when closed and the opening of the locking mechanism when a control signal is supplied from the control devices.
The UZ may be in a normally open or normally closed state.
The UZ that partially block the entrance opening may, if necessary, be provided with signaling devices that are triggered when an attempt is made to bypass the barrier.
The parameters of the control signal (voltage, current and duration) must be specified in the standards and/or regulatory documents for specific types of UZ.
If necessary, the UZ may have protection against the passage of two or more people through them at the same time.
The UZ must have the ability to mechanically open in emergency in the event of a power failure, fire or other natural disaster. The emergency opening system must be protected from the possibility of using it for unauthorized entry.
Intentional damage to external electrical connecting circuits must not lead to the opening of the UZ.
For normally closed mechanisms, protection of external electrical circuits from voltage supply through them, leading to opening of the UZ, must be provided.
Requirements for the functional characteristics of the UID
The UID must ensure:
• entering a memorized code;
• reading the code from the identifiers;
• entering biometric information (for readers of biometric information);
• converting the entered information into an electrical signal;
• transmitting information to the UKUD.
UIDs must be protected from manipulation by brute force and code selection. When entering a code that is not permitted for use in the system, the input must be blocked for a period of time, the value of which is specified in standards and/or regulatory documents for specific types of UIDs. The blocking time must be selected in such a way as to ensure the specified throughput while limiting the number of selection attempts to 14 (100 — normal resistance to unauthorized access, 30 — increased, 10 — high).
An alarm signal must be generated after three attempts to enter an unauthorized code. The design, appearance and inscriptions on the identifier and reader must not lead to the code being declassified. The manufacturer of identifiers must guarantee that the code will not be repeated, or specify the conditions for code repeatability and measures to prevent the use of identifiers with identical numbers.
Hacking and opening of readers, as well as breakage or short circuit of the circuits approaching them, should not cause the opening of the UZ. In this case, an audible alarm signal should be issued in autonomous systems, and in network systems — an alarm message and, if necessary, an audible signal should be sent to the security point.
The minimum number of code combinations should be defined in standards and/or regulatory documents for specific types of identifiers. Minimum combination values: 105 — normal resistance to unauthorized access; 107 — increased; 109 — high.
In autonomous systems, the user must be able to change or reset the code as needed, but not less than 100 times. The code must be changed only after entering the current code.
Requirements for the functional characteristics of the UKUD
The technical means of the UKUD must ensure the reception and processing of information from readers and the generation of control signals for the UZ.
In network systems, the technical means of the UKUD must ensure:
• information exchange via communication lines between controllers and network management tools;
• data retention in memory when communication with network management tools is interrupted, power is turned off, and when switching to backup power;
• monitoring of communication lines between controllers and network controllers, network controllers and network management tools.
The information exchange protocols and interfaces of the network and data link layers must be of standard types and ensure the necessary noise immunity, information exchange rate, and, if necessary, information protection.
The types and parameters of protocols and interfaces must be established in standards and/or other regulatory documents for specific means, taking into account the general requirements of GOST 26139.
The software of the UKUD must ensure:
• initialization of identifiers (entering identifier codes into the system memory);
• setting the characteristics of access points;
• setting access time intervals (time windows);
• setting access levels for users;
• logging current events;
• maintaining and supporting databases;
• recording entry, exit and movement in the database protocol;
• saving databases on a backup medium;
• saving data and settings in case of accidents and failures in the system;
• event monitoring;
• priority output of information about violations;
• the ability to manage the UZ in case of emergency;
• backup of databases and system settings.
The software of the UKUD must be resistant to accidental and intentional impacts of the following types:
• power off of the computer;
• software reset of the computer;
• hardware reset of the computer;
• random pressing of keys on the keyboard;
• random selection of program menu items.
After the specified impacts and after restarting the program, the system must remain operational and the data must be preserved. The specified impacts must not lead to opening the UZ or changing the current access codes.
General software reliability indicators must be established according to GOST 28195.
Requirements for resistance to electromagnetic interference
The KUD tools and systems must ensure operability under the influence of the following types of electromagnetic interference:
• electrostatic discharges — according to GOST 29191;
• nanosecond impulse interference in AC power supply circuits and in input-output circuits — according to GOST 29156;
• dynamic voltage changes (interruptions, dips, surges) in the power supply network — according to GOST R 50627;
• high-energy microsecond impulse interference in power supply circuits — according to GOST R 50007.
Depending on their resistance to electromagnetic interference in accordance with GOST R 50009, the control system means and systems must have the following degrees of severity:
• normal stability — first degree of rigidity;
• increased stability — second or third degree of rigidity;
• high stability — fourth or fifth degree of rigidity.
Standards for industrial radio interference generated during operation of control and monitoring systems should be standardized in accordance with the categories of objects of operation according to GOST R 50009.
Note. Requirements for resistance to artificially created electromagnetic interference should relate to the fifth degree of severity and be specified in the relevant regulatory technical documents and/or technical specifications for specific types of equipment and systems.
Requirements for resistance to unauthorized interference
Requirements for resistance to unauthorized interference of a destructive effect on UZ include:
• resistance to breaking by single blows and a set of tools;
• bullet resistance;
• explosion resistance.
The standard establishes 3 levels of resistance:
• normal — ensured by the mechanical strength of the structure without assessment by resistance indicators;
• increased — determined by indicators of resistance to burglary by single blows and/or a set of tools;
• high — determined by indicators of resistance to burglary, bullet resistance and/or explosion.
For increased and high resistance, 5 additional classes are established.
Requirements for resistance to NSD non-destructive impactare established for the means and systems of the control system depending on the functional purpose and include:
• resistance to manipulation;
• resistance to copying of identifiers;
• resistance to unauthorized access to software.
Requirements for protecting software from unauthorized access are established according to GOST R 50739. Software must be protected from:
• deliberate influences with the aim of changing the settings in the system;
• unauthorized copying;
• unauthorized access using passwords.
Recommended access levels by user type:
• first («administration») — access to all functions;
• second («operator») — access only to current control functions;
• third («system specialist») — access to software configuration functions without access to functions that provide UZ management.
Passwords after entering into the system must be protected from viewing by means of computer operating systems.
Requirements for the security of systems from unauthorized access to information are established by classes in accordance with the RD of the State Technical Commission of Russia.
Requirements for the stability of means of protection from unauthorized access to information are established only for UKUD by classes also in accordance with the RD of the State Technical Commission of Russia.
Reliability requirements
The following reliability indicators must be established in the regulatory documents for specific KUD means and systems in accordance with GOST 27002 and GOST 27003:
• mean time between failures, h;
• mean time to restore working condition, h;
• average service life, years.
Requirements for resistance to external influencing factors
Requirements for resistance to the impact of climatic factors are established in standards and/or regulatory documents for specific types of KUD facilities and systems in accordance with the required climatic performance and product category according to GOST 15150.
Requirements for resistance to the impact of mechanical factors are established in standards and/or regulatory documents for specific types of KUD facilities and systems in accordance with the required group of operating conditions according to GOST 17516 and the degree of rigidity of products according to GOST 16962.
Power supply requirements
The main power supply of the KUD facilities and systems must be carried out from an alternating current network with a nominal voltage of 220 V and a frequency of 50 Hz with permissible deviations in network voltage from minus 15 to plus 10 ° and a frequency of up to 1 Hz from the nominal value.
The KUD facilities and systems must have a backup power supply, which can be a backup AC network or DC sources. The nominal voltage of the backup DC power source is selected from the range: 12, 24 V.
Power supply of individual KUD facilities is permitted from other sources with other parameters of output voltages, the requirements for which are established in regulatory documents for specific types of facilities.
The transition to backup power supply and back must occur automatically without disrupting the established modes and functional state of the KUD facilities and systems.
The backup power source must ensure the operation of the system in the event of a power failure in the network for at least 4 hours for systems that, according to their functional characteristics, belong to the first class, and at least 8 hours for other systems.
Safety requirements
The KUD means and systems must meet the general safety requirements in accordance with the design and operating conditions according to GOST 12.2.007.0, GOST 12997, GOST 12.2.006, GOST 12.2.003, GOST 12.1.004.
Design requirements
The design of the control system means must meet the requirements of this section and GOST 16325. They must be built on a modular and/or block-aggregate principle, take into account the requirements of GOST 21552 and ensure:
• interchangeability of replaceable identical components;
• ease of operation and maintainability;
• exclusion of the possibility of unauthorized access to the control elements of parameters;
• information content about the access status and purpose of controls, regulation and connecting elements;
• compliance with technical aesthetics and ergonomics requirements.
Test Methods
General Provisions
Tests of control system devices and systems are carried out using the methods adopted in this standard, as well as using the test methods of current standards, regulatory documents and specifications for specific devices and systems.
Test methods developed for testing control system devices and systems for resistance to unauthorized access must be agreed upon with organizations that have the appropriate license.
Tests of control system devices and systems for compliance with general technical requirements are carried out using the current test methods and procedures of the relevant standards and other regulatory documents or using specially developed test methods that are agreed upon with the customer.
Control system devices and systems that are mounted at the operating site and cannot be tested under other conditions, as well as those already installed and in operation, may be tested under operating conditions by agreement with the customer.