Limiting access to relevant resources and protected areas to authorized individuals may be important in many circumstances, such as in the case of access to an airport, military installation, office building, etc. Traditional doors and locks can be used for protection of sensitive areas. However, doors with traditional locks and keys may be cumbersome to manage in a setting with a large number of users. For instance, once an employee is fired, it may be difficult to retrieve the physical keys the former employee was issued while employed. Moreover, there is a possibility that copies of such keys were made and never surrendered.
“Smart” doors provide access control to sensitive areas. A smart door may be equipped with a key pad through which a user enters his/her PIN or password. The key pad may have an attached memory and/or elementary processor in which a list of valid PINs/passwords may be stored. Thus, a door may check whether the currently entered PIN belongs to the currently valid list. If so, the door may open. Otherwise, the door may remain locked. Of course, rather than (solely) relying on traditional keys or simple key pads, a more modern smart door may work with cards or other portable devices with various types of memory. Such cards or devices may be used in addition to or instead of traditional keys or electronic key pads. Such magnetic-strip cards, smart cards or contactless devices may have the capability of storing information that is transmitted to the doors. More advanced cards may also have the ability of computing and communicating. Corresponding devices on the doors may be able to read information from the cards, and perhaps engage in interactive protocols with the cards, communicate with computers, etc.
Smart doors can possess various connectivity levels. A fully networked door is one that is at all times connected with some database (or other computer system). For instance, the database may contain information about the currently valid cards, users, PINs, etc. In some instances, to prevent an enemy from altering the information flowing to the door, such connection is secured (e.g., by running the wire from the door to the database within a steel pipe). On the other hand, a totally non-networked door does not communicate outside of its immediate vicinity. In between these two extremes, there may be doors that have intermittent network-capability (e.g., a wirelessly connected “moving” door that can communicate with the outside only when within range of a ground station, such as the door of an airplane or a truck).
Traditional access control mechanisms suffer from many drawbacks. Fully networked doors may be very expensive. The cost of running a secure pipe to a distant smart door may vastly exceed the cost of the smart door itself. Protecting a wire cryptographically, while possibly cheaper, still has its own costs (e.g., those of protecting and managing cryptographic keys). Moreover, cryptography without steel pipes and security guards cannot prevent a wire from being cut, in which case the no-longer-networked door may be forced to choose between two extreme alternatives: namely, remaining always closed or always open, neither of which may be appropriate or practical. In any case, a fully networked door is often not a viable option.
Non-networked smart doors may be cheaper than connected doors. However, traditional approaches to smart doors have their own problem. Consider, for instance, a non-networked smart door capable of recognizing a PIN. A terminated employee may no longer be authorized to go through that door; yet, if he still remembers his own PIN, he may have no trouble opening such an elementary smart door. Therefore, it would be necessary to “deprogram” the PINs of terminated employees, which is difficult for disconnected doors. Such a procedure may be very cumbersome and costly, e.g., an airport facility may have hundreds of doors and dispatching personnel to reprogram all of such doors can be impractical.