E-locks for Conference Rooms

Thomas Baron - IT

Gregory Godineau - GS

LOGO

• Conference rooms service• Issues with physical keys• Requirements• Solution• Pilot and Deployment• Alternatives

CERN Conference Rooms Service

• Born in Q4 2011• Activities

• Equipment standardisation• Meeting room A/V design• Meeting room A/V installation coordination• Equipment monitoring• Preventive maintenance• Corrective maintenance and Technical support• User support

CERN Conference Rooms Service

• ~250 meeting/conference rooms at CERN • ~50% managed by IT-CIS

Physical Keys• Not secure

• Lots of keys are lost• No individual tracking; responsibility diluted

Physical Keys

• Impractical• Need to fetch the key (sometimes far away)…• …And return it• Huge keyrings!

Requirements

• Practicality• Give access to any CERN registered user• Using the CERN personal card• Allow going out at any time

• Security• Be able to track who has last locked/unlocked a

door

Solution• GS e-locks service – Offline locks solution• Based on the Salto system

• Battery-powered offline e-locks fit on the room doors

• Online validation stations in strategic highly-frequented locations (restaurants)

• Operation• User needs to validate his CERN card every 30

days- Add / Remove access rights- Get logs

• Presents the card to the e-lock to unlock the door

• Advantages• (relatively) cheap• Easy to fit

Solution• Already used in

• 206 Offline e-locks• 16 Validation stations

• Use cases• Burotel (42, 510)

• Ongoing integration with Indico• PH labs and small workshops (bldgs 08,13,14,04,104)• PH/ATLAS/CMS meeting rooms• Clubs (bldgs 216, 566, 567)• Training center (bâtiment 572, 593,6653)• Economat/stockage/archive (bâtiment 5,6,32,169,282)• Cloakrooms (Bâtiment 100)• Main building audio-visual technical rooms

Configuration• Usual procedure

• Each lock is associated with an access zone• EDH “Access Request” document

• User requests access to a pre-defined zone • Standard approval process

• ATLAS and CMS in bldg 42 use tokens available at the secretariats.

• For conference rooms, simplified process• No EDH document• Anyone with a valid CERN card is authorised

LOGO

Opening Mode• Available modes

• Standard (locked at all times).• Toggle (present card to lock, present card to unlock)• Office mode (mix of standard and toggle)

• Preferred: Toggle• Mimics the physical key paradigm

• Free access when the door is unlocked (people easily enter the room even when the meeting has started)

• Keeps the responsibility to the meeting organiser

Limitations• Room may stay open if one forgets to lock it

up (currently studying a timeout option)• Cannot track the room door status (not

100% secure)• Users need to carry their CERN card with

them• User information and training; booking

reminders

Alternatives/evolution

• Online lock• More practical for service operation (accurate

statistics, alarms on door status)• May allow more modes of action• Still very expensive (installation + 230V +

network)

• Interactive screens with RFID reader

Pilot and Deployment• Pilot e-lock on 513-1-024

• IT room, close to the service people

• Validation stations are available in the restaurants• Proposal to install one more in 31 or 513

• If feedback positive, then deploy gradually to all IT rooms, then to other departments.

• If budget available

Additional Information• Conference Rooms Service

• info• http://cern.ch/conference-rooms

• status page• http://avc-dashboard.web.cern.ch/Conference%20rooms

• contact• conferencerooms-support@cern.ch

• Locks and Keys service• https://

cern.service-now.com/service-portal/service-element.do?name=locks-keys

• Salto SX4: • http://

www.saltosystems.com/index.php?option=com_content&task=view&id=182&Itemid=44

Thank you for your attention

Contact me:Thomas Baron (IT-CIS-AVC)Thomas.baron@cern.ch

Backup slides (from GS)

LOGO

Why offline locks ?

• On-line is performent for security purposes but to expensive for low security / locking application• Installation + Cabling 230V + IT Network

• Off-line products are adequate for small, low security and locking application :• They are intended for use in low occupancy areas, high rotation of

users and low passage: ~10 users, rotation > 1x/year- < 50 passages/day.

• Use case Burotel in building 42 (motivation for deployment at CERN)• Expanse to PH small labs / clubs / …

Why SALTO ?• Leader in Off-line Locks• Innovation with the access rights on badge• Very good mechanical quality

How does it works ?• Card has to be activated every 30 days

- Add / Remove access rights- Get logs

• EDH Access request possible• No E-groups / Roles access rights• Access rights given on a daily base (resolution

24H)• Not foreseen for meeting room management : No

reservation feature