Many known access control systems can include an anti-pass back (APB) feature that prevents unauthorized users from tailgating an authorized user to gain access to a secured region. For example, when a user presents a valid access card to a card reader to gain access to a secured region, an APB feature prevents an unauthorized second user from using the same card to gain access to the region. Such an APB feature can include dividing a secured region or facility into AREAs, designating different card readers as an IN reader or an OUT reader, and controlling access to the secured region in accordance with three rules: (1) a user presenting a valid card to an IN reader must present the same card to an OUT reader before again presenting the card to an IN reader, (2) after presenting a valid card to an IN reader, a user presenting the same card to the same or another IN reader, without presenting the card to an OUT reader, will be disallowed access, and (3) after presenting a valid card to an OUT reader, a user presenting the same card to the same or another OUT reader, without presenting the card to an IN reader, will be disallowed access.
Known access control systems can include a host system, one or more SITEs, and one or more AREAs. For example, a host system can include any system that is capable of communicating with an access controller and sending an APB status message to an access controller. A SITE can include a logical group or cluster of access controllers based on proximity, region, or location, and an AREA can include a group of IN readers and OUT readers that are associated with one or more access controllers and that adhere to the above-identified rules. For example, an AREA can include access controllers from a single SITE and typically does not include access controllers from multiple SITEs.
In known access control systems, a host system that processes APB status update messages can be designated as a GLOBAL, SITE based, or AREA based system. For example, when a GLOBAL APB feature is employed, a valid card transaction that occurs at one card reader communicating with one access controller can lead to an APB status update message being broadcast to all other controllers in the facility that are participating in the APB feature. When a SITE based APB feature is employed, an APB status update message can be limited to being broadcast to controllers in a particular SITE and located in referencing AREAs. When an AREA based APB feature is employed, an APB status update message can be limited to being broadcast to controllers located in referencing AREAs. It is to be understood that a valid card transaction as used herein can include a transaction that allows a user to gain access via a secured entryway by presenting or swiping a valid access card to or on a card reader.
FIG. 1 is a block diagram of a known access control system 100 that includes a single APB host system 110 supporting and communicating with a plurality of access controllers 120, APB enabled access controllers 120′ and APB disabled access controllers 120″. It is to be understood that an access controller 120 can be either APB enabled or APB disabled. As seen in FIG. 1, the host system 110 can support a plurality of SITEs 112, each of which can include a plurality of access controllers 120, 120′, 120″. Furthermore, each of the controllers 120 can support and communicate with a plurality of IN or OUT readers 130 that are in a respective SITE. For example, the host system 110 can support and communicate with APB enabled controller 120′-1, APB disabled controller 120″-1, and controller 120-1, each of which is in the logical grouping of SITE 1 112-1. Similarly, the host system 110 can support and communicate with APB enabled controller 120′-N, APB disabled controller 120″-N, and controller 120-N, each of which is in the logical grouping of SITE N 112-N.
FIG. 2 is a block diagram of a known access control system 200 that includes an APB host system 210 that supports a plurality of SITEs and AREAs. As seen in FIG. 2, the host system 210 can support a plurality of SITEs 212, each of which can include a plurality of access controllers 220. For example, the host system 210 can support and communicate with controllers S1C1, S1C2 that are in the logical grouping of SITE 1 212-1, the host system 210 can support and communicate with controllers S2C1, S2C2, S2C3 that are in the logical grouping of SITE 2 212-2, the host system 210 can support and communicate with controllers S3C1, S3C2 that are in the logical grouping of SITE 3 212-3, and the host system 210 can support and communicate with controller S4C1 that is in the logical grouping of SITE 4 212-4.
As further seen in FIG. 2, each of the controllers 220 can support and communicate with a plurality of IN or OUT card readers 230 located in referencing AREAs. For example, controller S1C1 in the logical grouping of SITE 1 212-1 can support and communicate with a plurality of readers 230-1 located in AREA 1, controller S1C2 in the logical grouping of SITE 1 212-1 can support and communicate with a plurality of readers 230-1′ located in AREA 1, controller S2C1 in the logical grouping of SITE 2 212-2 can support and communicate with a plurality of readers 230-2 located in AREA 2, controller S2C2 in the logical grouping of SITE 2 212-2 can support and communicate with a plurality of readers 230-2′ located in AREA 2, controller S2C3 in the logical grouping of SITE 2 212-2 can support and communicate with a plurality of readers 230-3 located in AREA 3, controller S3C1 in the logical grouping of SITE 3 212-3 can support and communicate with a plurality of readers 230-4 located in AREA 4, controller S3C2 in the logical grouping of SITE 3 212-3 can support and communicate with a plurality of readers 230-4′ located in AREA 4, and controller S4C1 in the logical grouping of SITE 4 212-4 can support and communicate with a plurality of readers 230-5 located in AREA 5.
FIG. 2 also illustrates the steps included in a method of downloading an APB status message in the system 200. For example, in Step 1, a valid card transaction can occur on an IN reader 230-1 located in AREA 1. The reader 230-1 can be supported by and communicate with controller S1C1, which can be in the logical grouping of SITE 1 212-1. The reader 230-1 can send a valid card transaction signal to controller S1C1, which can transmit a corresponding triggering signal to the host system 210. It is to be understood that a triggering signal as used herein can include a signal transmitted from an access controller to a host system responsive to a valid card transaction occurring at a card reader in communication with the access controller.
In Step 2, upon receipt of the triggering signal, the host system 210 can process the valid card transaction and identify the controllers to which a corresponding APB status update needs to be sent. Then, in Step 3, the host system 210 can transmit an APB status update message to some or all of the other controllers S1C2, S2C1, S2C2, S2C3, S3C1, S3C2, S4C1. In known systems and methods, which of the other controllers S1C2, S2C1, S2C2, S2C3, S3C1, S3C2, S4C1 receive the APB status update message depends on the type or form of APB feature (GLOBAL, SITE based, or AREA based) the controllers S1C1, S1C2, S2C1, S2C2, S2C3, S3C1, S3C2, S4C1 supported by the host system 210 support.
However, in the known systems of FIGS. 1 and 2, a single host system can only process homogeneous forms of an APB feature. That is, all access controllers that process a GLOBAL APB feature must be clustered together on a host system that only processes a GLOBAL APB feature. Similarly, all access controllers that process a SITE based APB feature must be clustered together on a host system that only processes a SITE based APB feature, and all access controllers that process an AREA based APB feature must be clustered together on a host system that only processes an AREA based APB feature.
As illustrated in FIGS. 1 and 2, an APB feature can operate in a facility that includes a plurality of card readers communicating with a plurality of different access controllers, each of which can participate in a respective APB feature. Accordingly, for each form of an APB feature, a separate host system will be needed. However, in a multi-region, interconnected system, a large number of host systems may be needed. For example, FIG. 3 is a block diagram of an exemplary known access control system 300 that includes an enterprise host system 310 supporting and communicating with a plurality of host systems 320 to support APB features in Houston, California, Los Angeles, Boston, Washington, and Miami. Indeed, each host system 320 can communicate with local access controllers.
As seen in FIG. 3, in Houston, the system 300 must include a first host system 320-1 that only processes a GLOBAL APB feature, a second host system 320-1′ that only processes a SITE based APB feature, and a third host system 320-1″ that only processes an AREA based APB feature. Similarly, in California, the system 300 must include a first host system 320-2 that only processes a GLOBAL APB feature, a second host system 320-2′ that only processes a SITE based APB feature, and a third host system 320-2″ that only processes an AREA based APB feature, and in Los Angeles, the system 300 must include a first host system 320-3 that only processes a GLOBAL APB feature, a second host system 320-3′ that only processes a SITE based APB feature, and a third host system 320-3″ that only processes an AREA based APB feature. In Boston, the system 300 includes a host system 320-4 that only processes a GLOBAL APB feature, and in Washington, the system 300 includes a host system 320-5 that only processes a GLOBAL APB feature. However, in Miami, the system 300 must also include a first host system 320-6 that only processes a GLOBAL APB feature, a second host system 320-6′ that only processes a SITE based APB feature, and a third host system 320-6″ that only processes an AREA based APB feature.
These types of known access control systems that include a large number of host systems can present several disadvantages to users. For example, such systems can be more expensive and require a higher investment in terms of hardware and software resources, including operating systems, licenses, and support for end users and customers. Such systems can also necessitate a large number of redundant and fail-over host systems in the event of a disaster. Furthermore, upgrading such systems can be a complex, time consuming, and cumbersome process that requires upgrading all host systems with the latest software updates and patches. Finally, such systems can require a large number of personnel for monitoring, IT support, badging, and configuration.
In view of the above, there is a continuing, ongoing need for improved systems and methods.