Abstract: A system and a method for providing managed services are provided. The system provides a first access control platform and a second access control platform. The first access control platform is configured to receive at least one of a hardware event, an access request event, and a management request event from at least one gateway (e.g., located at a premises). The first access control platform may include at least one of a permissions database (e.g., storing authorized access credentials), a hardware event database (e.g., storing hardware events), and a management database (e.g., storing management request events). The first access control platform may compare received access credentials to the authorized access credentials in the permissions database. The second access control platform may be configured to update at least one of the permissions database (e.g., adding/removing authorized access credentials) and the hardware event database (e.g., adding/removing security devices).

Abstract: A method of operating an access control system containing one or more hierarchies, each of the one or more hierarchies includes one or more access levels is provided. The method including: computing one or more hierarchies; and assigning a primary access level of the one or more access levels within a primary hierarchy of the one or more hierarchies to a first credential; and determining that access levels vertically below the primary access level in the primary hierarchy are implicitly assigned to the first credential when assigning the primary access level of the one or more access levels within the primary hierarchy of the one or more hierarchies to the first credential.

Abstract: A tool for supporting mustering in a facility is provided. The tool includes a mobile computing device comprising a display unit, a memory and a processor. The memory has executable instructions of an application stored thereon, which, when executed, cause the processor to communicate with monitoring and control systems of the facility, to conduct a registration of the user of the mobile computing device and to display on the display unit an interface. The interface includes a first interface element by which the user indicates his/her safety level, a second interface element by which the user self-identifies as a mayor and a map. The map includes first information received from the monitoring and control systems, second information relating to predefined static muster points and third information relating to dynamic muster points of users self-identifying as mayors.

Abstract: A physical access control system (PACS) for protecting a resource. The PACS includes a credential including information regarding a user stored thereon, the credential presented to request access to a resource protected by an access point. A reader is in operative communication with the credential and configured to read the user information from the credential. The user information includes at least one attribute. A controller executes a set of access control rules, the rules based on policies extracted from a database of static permissions for the user, the policies defining requirements for permitting access of the user to the resource based on the at least one attribute, the controller configured to permit access to the resource.

Abstract: A system includes a configuration management server operable to interface with a plurality of client devices via a network. The configuration management server includes a processor that is configured to track a change history of modifications to one or more records of a plurality of system data and credential data. An authorization status of a user of an access client of one of the client devices is determined. An authorized view of a selected record of the one or more records is output to the access client. One or more fields of the selected record are displayed based on the authorization status. An output of the change history of modifications to the one or more fields of the selected record to the access client is limited based on the authorization status.

Abstract: A system and a method for providing managed services are provided. The system provides a first access control platform and a second access control platform. The first access control platform is configured to receive at least one of a hardware event, an access request event, and a management request event from at least one gateway (e.g., located at a premises). The first access control platform may include at least one of a permissions database (e.g., storing authorized access credentials), a hardware event database (e.g., storing hardware events), and a management database (e.g., storing management request events). The first access control platform may compare received access credentials to the authorized access credentials in the permissions database. The second access control platform may be configured to update at least one of the permissions database (e.g., adding/removing authorized access credentials) and the hardware event database (e.g., adding/removing security devices).

Abstract: A method of operating an access control system containing one or more hierarchies, each of the one or more hierarchies includes one or more access levels is provided. The method including: computing one or more hierarchies; and assigning a primary access level of the one or more access levels within a primary hierarchy of the one or more hierarchies to a first credential; and determining that access levels vertically below the primary access level in the primary hierarchy are implicitly assigned to the first credential when assigning the primary access level of the one or more access levels within the primary hierarchy of the one or more hierarchies to the first credential.

Abstract: A method of controlling access to at least one access point along a path is provided. The method comprising: receiving a current position of a user of a user device; checking a schedule of the user of the user device; determining a next event in the schedule; determining an event destination of a next event in the schedule; determining a path from the current position to the event destination; determining an access device list of one or more access devices located on the path; transmitting a command to each access device when the user of the user device is located within a position boundary of the access device; and adjusting the access device when the command is received.

Abstract: A security system network comprises a cloud computing security system operable in a cloud computing network and a local security hardware system in signal communication with the cloud computing security system. The security system network further comprises a BCP module that includes a first input/output (I/O) terminal in first signal communication with the cloud computing network and a second I/O terminal in second signal communication with the local security hardware. The BCP module selectively establishes a third signal communication between at least one local client application and the local security hardware system so as to exchange data between the local security hardware system and the at least one local client application independently from an operational status of the first signal communication.

Abstract: A method of controlling access to at least one access point along a path is provided. The method comprising: receiving a current position of a user of a user device; checking a schedule of the user of the user device; determining a next event in the schedule; determining an event destination of a next event in the schedule; determining a path from the current position to the event destination; determining an access device list of one or more access devices located on the path; transmitting a command to each access device when the user of the user device is located within a position boundary of the access device; and adjusting the access device when the command is received.

Abstract: A tool for supporting mustering in a facility is provided. The tool includes a mobile computing device comprising a display unit, a memory and a processor. The memory has executable instructions of an application stored thereon, which, when executed, cause the processor to communicate with monitoring and control systems of the facility, to conduct a registration of the user of the mobile computing device and to display on the display unit an interface. The interface includes a first interface element by which the user indicates his/her safety level, a second interface element by which the user self-identifies as a mayor and a map. The map includes first information received from the monitoring and control systems, second information relating to predefined static muster points and third information relating to dynamic muster points of users self-identifying as mayors.

Abstract: A framework for access provisioning in a physical access control system (PACS). The framework includes a permissions request interface, the permissions request interface configured to permit a user or an administrator to request for a permission to access/revoke access to a resource, a permissions recommendation module communicating with the permissions request interface to receive the request and recommending a permission to be assigned to, or removed from, the user. The framework also includes a permissions validation module operable to ensure that the permission to be assigned to or to be removed does not violate an existing access control policy, that the permission to be assigned permits access to all permitted resources, or that the permission to be removed from the user denies access to all revoked resources and an approval workflow identification module identifying an approval required to assign or remove the permission.

Abstract: A method of managing access control permissions groups. The method includes acquiring a permissions database having user access control permissions groups and links between a user and at least one permission of a plurality of permissions and the groups. The method may also include revising the access control permissions groups based on at least one of an importance of a permission and an administrator input.

Abstract: A physical access control system (PACS) for protecting a resource The PACS including a credential including information regarding a user stored thereon, the credential presented to request access to a resource protected by an access point, a reader in operative communication with the credential and configured to read the user information from the credential, wherein the user information includes at least one attribute, and a controller executing a set of access control rules, the rules based on policies extracted from a database of static permissions for the user, the policies defining requirements for permitting access of the user to the resource based on the at least one attribute, the controller configured to permit access to the resource.

Abstract: A system includes a configuration management server operable to interface with a plurality of client devices via a network. The configuration management server includes a processor that is configured to track a change history of modifications to one or more records of a plurality of system data and credential data. An authorization status of a user of an access client of one of the client devices is determined. An authorized view of a selected record of the one or more records is output to the access client. One or more fields of the selected record are displayed based on the authorization status. An output of the change history of modifications to the one or more fields of the selected record to the access client is limited based on the authorization status.

Abstract: A security system network comprises a cloud computing security system operable in a cloud computing network and a local security hardware system in signal communication with the cloud computing security system. The security system network further comprises a BCP module that includes a first input/output (I/O) terminal in first signal communication with the cloud computing network and a second I/O terminal in second signal communication with the local security hardware. The BCP module selectively establishes a third signal communication between at least one local client application and the local security hardware system so as to exchange data between the local security hardware system and the at least one local client application independently from an operational status of the first signal communication.