Upgrading the Door Control System

I've started my first major project as the new evil systems administrator. It seems that it is not too uncommon for our various guards and grunt staff to either get seduced or knocked unconscious and have their keycards stolen, allowing some unwanted element to waltz right into our facility. So, it's time to look at a new access control system.

The old system had a few flaws:

1) A mixture of keycard and handprint scanners were used, which resulted in keycards being stolen and/or staff being knocked out and their hands being placed on the scanners.

2) Shooting the door control terminals resulted in access being denied to those on the opposite side of the door from the terminal, in spite of the opposite side of the door having a working terminal.

3) Keycards open all the doors in the entire facility. Any interloper who gets their hands on a card can go anywhere. This has almost shut things down around here in the past.

4) Some interlopers would bring along geeks who would either crack open the door control panel and short the wires to open the door, or insert a keycard with an attached ribbon cable and PDA to brute-force the system.

I've been looking at a number of options, gauging them for reliability, effectiveness, and evilness. Unlike system at my old job, we not only need to keep doors from opening to unauthorized personnel, we also need to identify interlopers as quickly as possible and possibly even dispatch them in an automated fashion.

So here's the plan so far:

1) No more hand scanners. At first I thought of moving the hand scanners to a height of six feet, making it more difficult to get an unconscious staffer high enough to place their palm on the scanner, but I'm guessing someone would just cut it off instead. Besides, seems some people can defeat the systems with something as simple as a gummy bear anyway.

2) Two-part authentication. Something you have and something you know. We'll add keycards to all doors and require a PIN number in addition to the swiping of the card.

3) Actually, make that three-part authentication. I recently saw this article at Slashdot, discussing the use of injectable RFID tags for access to a company datacenter. Such a system is certainly evil enough for use in our facility, but just to keep things secure, we'll be calling the injections a 'vaccination' or 'antidote' so that the guards and whatnot do not know they are tagged. What they don't know they can't discuss while a hidden intruder listens.

The real benefit of the injected tags is that they introduce a three-part authentication scheme where even swiping a keycard and entering a PIN is ineffective if the unknown RFID tag is not present. We can also use the system to weed out intruders wearing the uniform of a staff member by setting up motion activated RFID readers. If the system detects a person nearby, but no RFID tag is detected, we have an intruder.

4) All door control panels will have tamper sensors to detect the panel being opened to prevent bypassing. All panels are in constant encrypted communication with the central control machine and any loss of communication will trigger a security alert. In addition, shooting a panel enough to damage it will only result in the door being inoperable from the side that was shot. Since the door locks are not routed through the panels but wired directly to the central control machine, authorized personnel could always radio in for the door to be unlocked anyway.

5) The system will have limitations for when a keycard/PIN/RFID combination can be used, where it can be used, and how many failed attempts can be made to gain access. Violations of any of these will result in either a security alert of the automatic termination of the person attempting access.