DOCSLIB.ORG

P2000 Security Management System Web Access Manual

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
P2000 Security Management System Web Access Manual P2000 Security Management System Web Access Manual Version 3.11 and higher, December, 2011 24-10618-163 Revision – P2000 Security Management System Web Access Manual Version 3.11 and higher, December, 2011 24-10618-163 Revision – Security Solutions (805) 522-5555 www.johnsoncontrols.com Copyright 2011 Johnson Controls, Inc. All Rights Reserved No part of this document may be reproduced without the prior permission of Johnson Controls, Inc. Acknowledgment Cardkey P2000, BadgeMaster, and Metasys are trademarks of Johnson Controls, Inc. All other company and product names are trademarks or registered trademarks of their respective owners. If this document is translated from the original English version by Johnson Controls, Inc., all reasonable endeavors will be used to ensure the accuracy of translation. Johnson Controls, Inc. shall not be liable for any translation errors contained herein or for incidental or consequential damages in connection with the furnishing or use of this translated material. Due to continuous development of our products, the information in this document is subject to change without notice. Johnson Controls, Inc. shall not be liable for errors contained herein or for incidental or consequential damages in connection with furnishing or use of this material. Contents of this publication may be preliminary and/or may be changed at any time without any obligation to notify anyone of such revision or change, and shall not be regarded as a warranty. TABLE OF CONTENTS Chapter 1: Introduction Chapter Summaries................................................................................................................................. 1-1 Manual Conventions ................................................................................................................................ 1-2 Web Access Features.............................................................................................................................. 1-2 Important Note on Applications and Customization................................................................................. 1-3 Getting Started......................................................................................................................................... 1-4 Software Requirements.................................................................................................................... 1-4 PDA Users ....................................................................................................................................... 1-5 Sequence of Steps........................................................................................................................... 1-5 Logging On ...................................................................................................................................... 1-7 The Welcome Page ................................................................................................................................. 1-9 Changing Your Password ................................................................................................................ 1-9 The Web Access Workspace................................................................................................................. 1-10 Request Process Flow Chart ................................................................................................................. 1-11 Process States............................................................................................................................... 1-13 Web Access Scenarios.......................................................................................................................... 1-13 Adding a Cardholder ...................................................................................................................... 1-13 Requesting a Visitor Badge............................................................................................................ 1-15 Using Browser Favorites/Bookmarks in Web Access............................................................................ 1-16 Chapter 2: Web Badging Configuration System Architecture................................................................................................................................. 2-1 Installation and Configuration .................................................................................................................. 2-3 Installing and Running the WebUSB Application ............................................................................. 2-3 Important Web Badging Installation and Configuration Notes ................................................. 2-7 Installing the Webcam...................................................................................................................... 2-7 Installing the Signature Pad ............................................................................................................. 2-8 Installing the Encoder....................................................................................................................... 2-9 Installing the Badge Printer............................................................................................................ 2-10 Web Badging Notes and Limitations...................................................................................................... 2-10 Important ID Server Note ............................................................................................................... 2-10 Bar Code Limitations...................................................................................................................... 2-11 Troubleshooting ..................................................................................................................................... 2-11 Chapter 3: Using Web Access Employee Services .................................................................................................................................. 3-1 Searching Cardholder Records........................................................................................................ 3-1 Search Tools............................................................................................................................ 3-3 Sorting Columns....................................................................................................................... 3-3 Changing the Number of Cardholders Listed Per Page........................................................... 3-4 Viewing Cardholder Information............................................................................................... 3-5 24-10618-163 Rev. – v This document contains confidential and proprietary information of Johnson Controls, Inc. © 2011 Johnson Controls, Inc. Table of Contents P2000 Web Access Manual Viewing Badge Information ...................................................................................................... 3-6 Printing and Encoding Badges................................................................................................. 3-8 Area Search ................................................................................................................................... 3-10 In/Out Status .................................................................................................................................. 3-11 Badge Resync................................................................................................................................ 3-14 Badge Print .................................................................................................................................... 3-15 Guard Services ...................................................................................................................................... 3-16 Alarm Monitoring............................................................................................................................ 3-16 Acknowledging an Alarm........................................................................................................ 3-17 Removing an Alarm................................................................................................................ 3-18 Alarm Monitor Definitions.......................................................................................................3-18 Refreshing the Alarm Monitor Page....................................................................................... 3-19 Activating or Deactivating Output Points........................................................................................3-19 Output Point Definitions ......................................................................................................... 3-19 Sending Door Commands.............................................................................................................. 3-20 Management Services ........................................................................................................................... 3-21 Viewing and Canceling Requests ..................................................................................................3-21 Viewing Requests .................................................................................................................. 3-22 Canceling Requests............................................................................................................... 3-23 Approving or Rejecting Requests..................................................................................................
Load more

Recommended publications
  • Biometriebasierte Authentifizierung Mit Webauthn
    Humboldt-Universität zu Berlin Mathematisch-Naturwissenschaftliche Fakultät Institut für Informatik Biometriebasierte Authentifizierung mit WebAuthn Masterarbeit zur Erlangung des akademischen Grades Master of Science (M. Sc.) eingereicht von: Malte Kruse geboren am: geboren in: Gutachter/innen: Prof. Dr. Jens-Peter Redlich Frank Morgner eingereicht am: verteidigt am: Inhaltsverzeichnis Abbildungsverzeichnis5 Tabellenverzeichnis5 Abkürzungsverzeichnis6 1 Einleitung9 2 Hintergrund 11 2.1 Alternative Lösungsansätze . 12 2.1.1 Multi-Faktor-Authentifizierung . 13 2.1.2 Einmalpasswort . 14 2.1.3 Passwortmanager . 16 2.1.4 Single Sign-On . 17 2.2 Verwandte Arbeiten . 19 2.2.1 Universal 2nd Factor . 21 2.2.2 Universal Authentication Factor . 22 2.2.3 Sicherheitsbetrachtung . 23 2.2.4 Verbreitung . 24 2.2.5 ATKey.card . 27 3 Beitrag der Arbeit 28 4 FIDO2 29 4.1 Web Authentication . 30 4.1.1 Schnittstelle . 31 4.1.2 Authentifikatoren . 34 4.1.3 Vertrauensmodell . 36 4.1.4 Signaturen . 38 4.1.5 Sicherheitsbetrachtungen . 41 4.1.6 Privatsphäre . 43 4.2 Client to Authenticator Protocol . 44 4.2.1 CTAP2 . 45 4.2.2 CTAP1 / U2F . 49 4.2.3 Concise Binary Object Representation . 51 4.2.4 Transportprotokolle . 52 5 Zertifizierung 53 5.1 Zertifizierungsprozess . 54 5.1.1 Funktionale Zertifizierung . 55 5.1.2 Biometrische Zertifizierung . 56 5.1.3 Authentifikatorzertifizierung . 56 5.2 Zertifizierungslevel . 58 3 6 Umsetzung 60 6.1 Smartcards . 60 6.1.1 Betriebssysteme . 61 6.1.2 Kommunikation . 63 6.1.3 Sicherheitsbetrachtung . 64 6.2 Biometrie . 65 6.2.1 Fingerabdruck . 66 6.2.2 Sicherheitsbetrachtung . 67 6.3 Fingerabdruckkarte .
    [Show full text]
  • 4-Port USB 3.0 Hub
    4-Port USB-C Hub - USB-C to 4x USB-A - USB 3.0 Hub - Bus Powered Product ID: HB30C4AB Here’s a must-have accessory if you have a USB-C™ equipped computer but need more USB-A ports. This portable USB 3.0 hub expands your laptop or desktop connectivity by adding four USB Type-A ports through a single USB Type-C™ or Thunderbolt™ 3 port. And, because it’s USB bus-powered, you don’t need to connect an external power adapter, which makes travel more convenient and workstations less cluttered. Keep using your current peripherals and devices If you’re looking to extend the life of your existing USB-A peripheral devices, then this hub is the perfect solution. By converting your computer’s USB-C port into four USB-A ports, you can continue to use all of your existing USB 3.0 devices such as flash drives, external hard drives, and printers (USB 3.0 is also known as USB 3.1 Gen 1). Now you can save money by avoiding the added cost and hassle of purchasing new USB-C equipped peripherals. www.startech.com 1 800 265 1844 Add USB ports, virtually anywhere you go With its compact and lightweight design, this USB hub is tailored for mobility. You can easily tuck it into your laptop bag when traveling, which makes it easy to expand your connectivity almost anywhere you need to. Plus, with a small-footprint design the 4-port hub takes up minimal desk space when connected in your work area.
    [Show full text]
  • USB 3.0 Promoter Group Defines Authentication Protocol for USB Type-C™
    PRESS RELEASE CONTACTS: Brad Saunders Liz Nardozza USB 3.0 Promoter Group USB-IF PR +1 503-264-0817 +1 503-619-5224 [email protected] [email protected] USB 3.0 Promoter Group Defines Authentication Protocol for USB Type-C™ Specification defines policy for product OEMs to mitigate risks from non-compliant devices Shenzhen, China and Beaverton, OR, USA – April 13, 2016 – The USB 3.0 Promoter Group today announced the USB Type-C™ Authentication specification, defining cryptographic-based authentication for USB Type-C™ chargers and devices. Using this protocol, host systems can confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors/capabilities and certification status. All of this happens right at the moment a wired connection is made – before inappropriate power or data can be transferred. USB Type-C™ Authentication empowers host systems to protect against non-compliant USB Chargers and to mitigate risks from maliciously embedded hardware or software in USB devices attempting to exploit a USB connection. For a traveler concerned about charging their phone at a public terminal, their phone can implement a policy only allowing charge from certified USB chargers. A company, tasked with protecting corporate assets, can set a policy in its PCs granting access only to verified USB storage devices. “USB is well-established as the favored choice for connecting and charging devices,” said Brad Saunders, USB 3.0 Promoter Group Chairman. “In support of the growing USB Type-C ecosystem, we anticipated the need for a solution extending the integrity of the USB interface.
    [Show full text]
  • INTEGRIKEY: Integrity Protection of User Input for Remote Configuration of Safety-Critical Devices
    INTEGRIKEY: Integrity Protection of User Input for Remote Configuration of Safety-Critical Devices Aritra Dhar Der-Yeuan Yu Kari Kostiainen ETH Zurich¨ ABB Corporate Research ETH Zurich¨ [email protected] [email protected] [email protected] Srdjan Capkunˇ ETH Zurich¨ [email protected] Abstract Various safety-critical devices, such as industrial control systems, medical devices, and home automation systems, are configured through web interfaces from remote hosts that are standard PCs. The communication link from the host to the safety-critical device is typically easy to protect, but if the host gets compromised, the adversary can manipulate any user-provided configuration settings with severe consequences including safety violations. In this paper, we propose INTEGRIKEY, a novel system for user input integrity protection in compromised host. The user installs a simple plug-and-play device between the input peripheral and the host. This device Figure 1: Example configuration page. Screenshot from the observes user input events and sends a trace of them ControlByWeb x600m [10] I/O server configuration page. to the server that compares the trace to the application payload received from the untrusted host. To prevent programmer device) is easy to protect through standard subtle attacks where the adversary exchanges values means such as a TLS connection [12]. However, if from interchangeable input fields, we propose a labeling the host platform gets compromised—as standard PC scheme where the user annotates input values. We built platforms so often do—the adversary can manipulate any a prototype of INTEGRIKEY, using an embedded USB user-provided configuration settings.
    [Show full text]
  • 4-Port USB-C Hub - 4X USB-A with Individual On/Off Switches
    4-Port USB-C Hub - 4x USB-A with Individual On/Off Switches Product ID: HB30C4AIB This portable USB-C™ hub gives you an easy way to add four USB 3.0 Type-A ports to your USB-C equipped laptop, tablet or smartphone, with individual power switches to conserve power. The USB-C to USB 3.0 hub plugs easily into your laptop’s USB Type-C™ or Thunderbolt™ 3 port. Plus, it’s bus-powered for easy portability. Connect Your Current USB Devices Use your existing USB 3.0 devices such as flash drives, mouse, keyboard and external hard drives. The 4- port USB 3.0 hub converts your computer’s USB-C port into four USB 3.0 (Type-A ports), and it’s backward compatible with your older USB 2.0 devices. (USB 3.0 is also known as USB 3.1 Gen 1.) www.startech.com 1 800 265 1844 Individual On/Off Switches Each USB port on the USB Type-C™ hub has its own power switch so you can turn off devices when they’re not in use. That means you can better manage power consumption for your USB devices, without having to physically disconnect the device or cable. Easy Portability With its compact, lightweight design, this USB hub is designed for portable use. The versatile USB-C to USB hub is bus-powered, which means it draws its power directly from your computer’s USB-C port, with no need for an external power adapter. You can travel lighter with fewer cables to carry with you.
    [Show full text]
  • USB 2.0 4-Port
    RRF-NBSKHBP_NBSKHBG_NBSKHBGR_11-0708_QSG_V3_EN.epsF-NBSKHBP_NBSKHBG_NBSKHBGR_11-0708_QSG_V3_EN.eps 1 77/19/2011/19/2011 110:51:110:51:11 AAMM Package contents System requirements • Rocketfish USB 2.0 4-port hub • One available USB port • A-to-mini-B USB cable • Operating system: Windows 7, • Suction cup Windows Vista, Windows XP, or • Quick Setup Guide Mac OS X v10.2.8 or above Features • Attach up to four USB devices to your computer • One port for connecting to your computer • Four enhanced, high-speed, USB 2.0 480 Mbps ports USB 2.0 4-Port Hub • Compatible with USB 1.1 and USB 2.0 devices Installation Instructions • Data transfer rates of 1.5 Mbps, 12 Mbps, and 480 Mbps • Plug-and-Play installation • Three power status LED indicators • Convenient attachment to any smooth surface with provided suction cup • USB Implementers Forum (USB-IF) certification • Can purchase (not included) AC power adapter 5V 2.1A Power connector Upstream port Downstream port Downstream port Downstream port Downstream port LED indicator lights Using the USB hub 1 Plug the mini-B USB end of the cable into the upstream port, then plug the USB-A end into an available USB port on your computer. Note: If you use a USB 1.1 port on your computer, all devices connected to your USB hub will run at the slower USB 1.1 speed. 2 Plug USB devices into any of the four downstream ports. 3 Plug the AC adapter (optional) into a power outlet, then plug the DC connector into the DC power jack on the USB hub.
    [Show full text]
  • On-The-Go and Embedded Host Supplement to the USB Revision 3.0 Specification Revision 1.1
    On-The-Go and Embedded Host Supplement to the USB Revision 3.0 Specification Revision 1.1 May 10, 2012 On-The-Go and Embedded Host Supplement to the USB Revision 3.0 Specification Revision 1.1 Revision History Revision Issue Date Comment 1.0 July 01, 2011 Revision 1.0 of the Supplement. 1.1 May 10, 2012 Includes following errata: Added a general transition in A3 state machine for disconnects that are detected with a foot note that clarifies the DS port that are relevant. Modified figure and text for transition that happens when u1_u2_exit_fail from a3/b3_ds_resetting to a3/b3_ds_error to instead be from a3/b3_ds_host to a3/b3_ds_error. Modified figure and text to add transition from a3_us_rsp to a3_us_disconnected with condition: a3_b_wreset_detected & !b3_ntf_host_rel with a footnote to clarify behavior. Added transition to figure and text from a3/b3_us_peripheral to a3/b3_us_error when U1/U2 exit fails. Changed mandate to not use LMP Tiebreaker bits into an informative note that OTG devices do not use the bits. Recovery Timeout fixed to exit to *_us_error state in both A3 and B3 State Machines. Fixed figure and text to add transitions to *_us_disconnected if a warm reset is received prior to RSP Step 2. Added missing loopback-related transitions to figure and text. Includes changes related to making RSP optional for SS-OTG devices. Added transition in B3 State Machine related to Disabled Count expiration. Added note that relevant missing LTSSM transitions apply. Fixed recovery timeout transition in the *_us_rsp states. Fixed port configuration timeout in b3 state diagram.
    [Show full text]
  • TUSB8041 Four-Port USB 3.0 Hub Datasheet
    Product Order Technical Tools & Support & Folder Now Documents Software Community TUSB8041 SLLSEE4E –JUNE 2014–REVISED JUNE 2016 TUSB8041 Four-Port USB 3.0 Hub 1 Features • Single Clock Input, 24-MHz Crystal or Oscillator 1• Four Port USB 3.0 Hub • No Special Driver Requirements; Works • USB 2.0 Hub Features Seamlessly on any Operating System with USB Stack Support – Multi Transaction Translator (MTT) Hub: Four Transaction Translators • 64-Pin QFN Package (RGC) – Four Asynchronous Endpoint Buffers Per 2 Applications Transaction Translator • Supports Battery Charging • Computer Systems • Docking Stations – CDP Mode (Upstream Port Connected) • Monitors – DCP Mode (Upstream Port Unconnected) • Set-Top Boxes – DCP Mode Complies with Chinese Telecommunications Industry Standard YD/T 3 Description 1591-2009 The TUSB8041 is a four-port USB 3.0 hub. It – D+/D- Divider Mode provides simultaneous SuperSpeed USB and high- • Supports Operation as a USB 3.0 or USB 2.0 speed/full-speed connections on the upstream port Compound Device and provides SuperSpeed USB, high-speed, full- • Per Port or Ganged Power Switching and Over- speed, or low-speed connections on the downstream Current Notification Inputs ports. When the upstream port is connected to an 2 electrical environment that only supports high-speed • OTP ROM, Serial EEPROM or I C/SMBus Slave or full-speed/low-speed connections, SuperSpeed Interface for Custom Configurations: USB connectivity is disabled on the downstream – VID and PID ports. When the upstream port is connected to an – Port Customizations electrical environment that only supports full- speed/low-speed connections, SuperSpeed USB and – Manufacturer and Product Strings (not by OTP high-speed connectivity are disabled on the ROM) downstream ports.
    [Show full text]
  • Mobile Platforms and Middleware Sasu Tarkoma
    Mobile Middleware Course Mobile Platforms and Middleware Sasu Tarkoma Push Services iOS APNS Source: http://www.raywenderlich.com/3443/apple- push-notification-services-tutorial-for-ios-part-12/ push-overview Apple Push Notification Service ■ APNS usage involves the following steps: ◆ Service or application developer connects to the APNS system using a unique SSL certificate. The certificate is obtained from Apple with the developer identifier and application identifier. ◆ Applications obtain deviceTokens that are then given to services ◆ The APNS is used to send one or more messages to mobile devices. The push operation is application and device specific and a unique deviceToken is needed for each destination device. ◆ The service or application disconnects from APNS. Android: Google Cloud Messaging Source: http://blogs.msdn.com/b/hanuk/archive/2013/04/18/introducing-windows-8-for-android-developers-part-2.aspx Windows 8 Push Messaging Source: http://blogs.msdn.com/b/hanuk/archive/2013/04/18/introducing-windows-8-for-android-developers-part-2.aspx Summary of Push Services ■ Very similar in design for Android, iOS and WP 1. Client-initiated connection with push servers: TCP and TLS, fallback to HTTP/HTTPS 2. Registration phase to obtain URI and token rd 3. Delegation of URI and token to 3 party services rd 4. 3 party servers push content to mobiles through push servers (URI and token needed) Discussion ■ The current state is fragmented ■ Difficult to achieve portability ■ Certain patterns are pervasive (MVC and others) ■ Solutions? Web
    [Show full text]
  • Operations Guide for the 4-Port Poweredusb 2.0 Hub
    The IP Endpoint Company Operations Guide for the 4-Port PoweredUSB 2.0 Hub with Serial Ports and External Power Supply Part #010845 Document Part #930105E CyberData Corporation 3 Justin Court Monterey, CA 93940 (831) 373-2601 Operations Guide for the 4-Port PoweredUSB 2.0 Hub 930105E with External Power Supply 010845 COPYRIGHT NOTICE: © 2018, CyberData Corporation, ALL RIGHTS RESERVED. This manual and related materials are the copyrighted property of CyberData Corporation. No part of this manual or related materials may be reproduced or transmitted, in any form or by any means (except for internal use by licensed customers), without prior express written permission of CyberData Corporation. This manual, and the products, software, firmware, and/or hardware described in this manual are the property of CyberData Corporation, provided under the terms of an agreement between CyberData Corporation and recipient of this manual, and their use is subject to that agreement and its terms. DISCLAIMER: Except as expressly and specifically stated in a written agreement executed by CyberData Corporation, CyberData Corporation makes no representation or warranty, express or implied, including any warranty or merchantability or fitness for any purpose, with respect to this manual or the products, software, firmware, and/or hardware described herein, and CyberData Corporation assumes no liability for damages or claims resulting from any use of this manual or such products, software, firmware, and/or hardware. CyberData Corporation reserves the right to make changes, without notice, to this manual and to any such product, software, firmware, and/or hardware. OPEN SOURCE STATEMENT: Certain software components included in CyberData products are subject to the GNU General Public License (GPL) and Lesser GNU General Public License (LGPL) “open source” or “free software” licenses.
    [Show full text]
  • High-Performance Web-Based Visualizations for Streaming Data
    High-performance Web-based Visualizations for Streaming Data Eric Whitmire [email protected] 1 INTRODUCTION library that supports web-based visualization, suitable for Researchers and engineers who design sensor systems of- use with high-speed data. While this is a promising option ten need to visualize real-time signals that update in mi- for Python users, this work targets does not restrict use to a croseconds. Many times, these visualizations tasks support particular language. exploratory signal processing. An engineer might tweak a In the web space, tools like Vega [8] and Vega-lite [7] filter to remove noise in a signal or change a threshold to support declarative specification of visualizations, which is support event detection. In these scenarios, ideal for the "fire-and-forget" type of functionality desired. Developers of such sensing systems often work in C/C++, These tools, while they support dynamic datasets, are not MATLAB, and Python to facilitate signal processing. De- optimized for high-speed data and rendering. Plotly.js [5] veloping real-time visualizations in these platforms is time- is another commonly used web-visualization framework, consuming, tedious, and often results in poorly optimized but it is also struggles with high-speed data. Cubism.js [3] rendering that is tightly coupled to a particular use case. As is a D3 plugin for time series visualization that supports a result, it can be difficult rapidly explore different signals incremental render. Though it uses a similar implementation, and intermediate processing steps. In contrast, web-based it is designed for slowly (several hertz) updating horizon visualization frameworks have seen significant attention and plots and does not scale for high-speed signal processing advancement in recent years.
    [Show full text]
  • X41 D-SEC Gmbh Dennewartstr
    Browser Security White PAPER Final PAPER 2017-09-19 Markus VERVIER, Michele Orrù, Berend-Jan WEVER, Eric Sesterhenn X41 D-SEC GmbH Dennewartstr. 25-27 D-52068 Aachen Amtsgericht Aachen: HRB19989 Browser Security White PAPER Revision History Revision Date Change Editor 1 2017-04-18 Initial Document E. Sesterhenn 2 2017-04-28 Phase 1 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 3 2017-05-19 Phase 2 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 4 2017-05-25 Phase 3 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 5 2017-06-05 First DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 6 2017-06-26 Second DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 7 2017-07-24 Final DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 8 2017-08-25 Final PAPER M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 9 2017-09-19 Public Release M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER X41 D-SEC GmbH PAGE 1 OF 196 Contents 1 ExECUTIVE Summary 7 2 Methodology 10 3 Introduction 12 3.1 Google Chrome . 13 3.2 Microsoft Edge . 14 3.3 Microsoft Internet Explorer (IE) . 16 4 Attack Surface 18 4.1 Supported Standards . 18 4.1.1 WEB TECHNOLOGIES . 18 5 Organizational Security Aspects 21 5.1 Bug Bounties . 21 5.1.1 Google Chrome . 21 5.1.2 Microsoft Edge . 22 5.1.3 Internet Explorer . 22 5.2 Exploit Pricing . 22 5.2.1 ZERODIUM . 23 5.2.2 Pwn2Own .
    [Show full text]