Key control

Last updated September 28, 2023

Key control refers to various methods for making sure that certain keys are only used by authorized people. This is especially important for master key systems with many users.^[1] A system of key control includes strategies for keeping track of which keys are carried by which people, as well as strategies to prevent people from giving away copies of the keys to unauthorized users. The former may be as simple as assigning someone the job of keeping an up-to-date list on paper. A more complex system may require signatures and/or a monetary deposit.

Levels

Preventing unauthorized copies typically falls into one of the following five levels.

Level 5 (lowest): ordinary unrestricted keys. This level relies on the honor system. Users are instructed not to make copies or loan keys and trusted to comply. This is common for private residences.
Level 4 (low): unrestricted keys marked "Do Not Duplicate". These keys can theoretically be copied anywhere, but many stores will refuse to copy them. This is a very low-level deterrent which ALOA calls "deceptive because it provides a false sense of security".^[2]
Level 3 (medium): restricted keys. These keys are not generally available at retail outlets and often can only be obtained through a single source. The supplier has their own rules in place to prevent unauthorized duplication.
Level 2 (high): patented keys. By definition, patented keys are restricted. They also have the added feature of being protected by patent law. Anyone who sells such a key without permission of the patent holder could face financial penalties.
Level 1 (highest): factory-only patented keys. These keys cannot be cut locally. In addition to the restrictions above, users must send an authorization request to the factory to have additional keys cut and strict records are kept of each key.

It is worth noting that none of these levels can protect against a user who loans a key to someone else and then falsely claims that the key was lost.^[3] Additional methods of key control include mechanical or electronic means. Electronic key control systems use serialized key assignments housed in a centralized database to allow for better tracking of each key made.^[4]

Related Research Articles

In physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

<span class="mw-page-title-main">Physical security</span> Measures designed to deny unauthorized access

Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment, and resources and to protect personnel and property from damage or harm. Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect persons and property.

Copy protection, also known as content protection, copy prevention and copy restriction, describes measures to enforce copyright by preventing the reproduction of software, films, music, and other media.

Electronic business is any kind of business or commercial transaction that includes sharing information across the internet. Commerce constitutes the exchange of products and services between businesses, groups, and individuals and can be seen as one of the essential activities of any business.

A software protection dongle is an electronic copy protection and content protection device. When connected to a computer or other electronics, they unlock software functionality or decode content. The hardware key is programmed with a product key or other cryptographic protection mechanism and functions via an electrical connector to an external bus of the computer or appliance.

A lock is a mechanical or electronic fastening device that is released by a physical object, by supplying secret information, by a combination thereof, or it may only be able to be opened from one side, such as a door chain.

A keychain is a small ring or chain of metal to which several keys can be attached. The length of a keychain allows an item to be used more easily than if connected directly to a keyring. Some keychains allow one or both ends to rotate, keeping the keychain from becoming twisted, while the item is being used.

Anti-theft systems protect valuables such as vehicles and personal property like wallets, phones, and jewelry. They are also used in retail settings to protect merchandise in the form of security tags and labels. Anti-theft systems include devices such as locks and keys, RFID tags, and GPS locators.

<span class="mw-page-title-main">Key blank</span>

A key blank is a key that has not been cut to a specific bitting. The blank has a specific cross-sectional profile to match the keyway in a corresponding lock cylinder. Key blanks can be stamped with a manufacturer name, end-user logo or with a phrase, the most commonly seen being 'Do not duplicate'. Blanks are typically stocked by locksmiths for duplicating keys. The profile of the key bow, or the large, flat end, is often characteristic of an individual manufacturer.

An information security audit is an audit of the level of information security in an organization. It is an independent review and examination of system records, activities, and related documents. These audits are intended to improve the level of information security, avoid improper information security designs, and optimize the efficiency of the security safeguards and security processes. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc. Most commonly the controls being audited can be categorized as technical, physical and administrative. Auditing information security covers topics from auditing the physical security of data centers to auditing the logical security of databases, and highlights key components to look for and different methods for auditing these areas.

Criticism of Windows XP deals with issues with security, performance and the presence of product activation errors that are specific to the Microsoft operating system Windows XP.

<span class="mw-page-title-main">Tamperproofing</span> Security methodology

Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and time, the term "tamperproof" is a misnomer unless some limitations on the tampering party's resources is explicit or assumed.

Schlage is an American lock manufacturer founded in 1920 by Walter Schlage. Schlage was headquartered in San Francisco from its inception until it relocated to Colorado Springs, Colorado in 1997. Schlage also produces high-security key and cylinder lines Primus, Everest, and Everest Primus XP. Schlage is one of the most popular brands of consumer and commercial locks in the United States.

Physical information security is the intersection, the common ground between physical security and information security. It primarily concerns the protection of tangible information-related assets such as computer systems and storage media against physical, real-world threats such as unauthorized physical access, theft, fire and flood. It typically involves physical controls such as protective barriers and locks, uninterruptible power supplies, and shredders. Information security controls in the physical domain complement those in the logical domain, and procedural or administrative controls.

In security, piggybacking, similar to tailgating, refers to when a person tags along with another person who is authorized to gain entry into a restricted area, or pass a certain checkpoint. It can be either electronic or physical. The act may be legal or illegal, authorized or unauthorized, depending on the circumstances. However, the term more often has the connotation of being an illegal or unauthorized act.

Proprietary software is software that, according to the free and open-source software community, grants its creator, publisher, or other rightsholder or rightsholder partner a legal monopoly by modern copyright and intellectual property law to exclude the recipient from freely sharing the software or modifying it, and—in some cases, as is the case with some patent-encumbered and EULA-bound software—from making use of the software on their own, thereby restricting their freedoms.

<span class="mw-page-title-main">Multi-factor authentication</span> Method of computer access control

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Key duplication refers to the process of creating a key based on an existing key. Key cutting is the primary method of key duplication: a flat key is fitted into a vise in a machine, with a blank attached to a parallel vise, and the original key is moved along a guide, while the blank is moved against a blade, which cuts it. After cutting, the new key is deburred: scrubbed with a wire brush, either built into the machine, or in a bench grinder, to remove burrs which, were they not removed, would be dangerously sharp and, further, foul locks.

References

↑ "Key Control - SARGENT". Sargentlock.com. Retrieved 2012-08-13.
↑ "The Associated Locksmiths of America Technical Standards Policy" (PDF). Aloa.org. Archived from the original (PDF) on 12 May 2008. Retrieved 2013-10-23.
↑ "Key Access Control Security, Electronic Key Management Systems, Cabinet Keys". Keytracer.com. Archived from the original on 2012-08-30. Retrieved 2012-08-13.
↑ Carter, Ryan (2016). "How Simple Key Control Benefits Retail Store Operations" (PDF). Instakey Security Systems. Retrieved 10 March 2023.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Key Control - SARGENT". Sargentlock.com. Retrieved 2012-08-13.

[2] "The Associated Locksmiths of America Technical Standards Policy" (PDF). Aloa.org. Archived from the original (PDF) on 12 May 2008. Retrieved 2013-10-23.

[3] "Key Access Control Security, Electronic Key Management Systems, Cabinet Keys". Keytracer.com. Archived from the original on 2012-08-30. Retrieved 2012-08-13.

[4] Carter, Ryan (2016). "How Simple Key Control Benefits Retail Store Operations" (PDF). Instakey Security Systems. Retrieved 10 March 2023.

[1]

[2]

[3]

[4]

v t e Locks, locksmithing, lock picking, and security alarms
Fundamental concepts	Access control Authentication Key control Key duplication Key relevance Master keying Password Physical security Rekeying
Components and hardware	Bitting Interchangeable core Key blank Key code Key retainer Lockrod Lockset Bored cylindrical lock Mortise lock Rim lock Single-point locking Three-point locking
Keys	Berlin key Car key Keychain Skeleton key Smart key
Mechanical locks	Warded lock Pin tumbler lock Disc tumbler lock Lever tumbler lock Magnetic keyed lock Padlock Combination lock Rotary combination lock Time-delay combination locks Time lock Tubular pin tumbler lock Wafer tumbler lock
Electronic locks	Electromagnetic lock Electronic lock Electric strike Keycard lock
Other lock types	Bicycle lock Bramah lock Chubb detector lock Child safety lock Crash bar Dead bolt Door chain Kensington Security Slot Knox Box Latch Luggage lock Night latch Power door locks Protector lock Steering-wheel lock The Club
Lock picking	Lock bumping Locksport Slim Jim Snap gun
Security alarms	Alarm device Alarm monitoring center Car alarm Card reader Closed-circuit television Door security Dual loop Fingerprint scanner Glass break detector Heat detector Key switch Keypad Miniature snap-action switch Motion detector Occupancy sensor Passive infrared sensor (PIR) Perimeter intrusion detection Photoelectric sensor Piezo switch Proximity card Reed switch Tripwire Ultrasonic transducer Vandal-resistant switch Water detector Window security
Miscellaneous	Glossary of locksmithing terms Electromagnetic door holder Exit control lock John M. Mossman Lock Museum Key to the City Lock Museum Lock Museum of America Musée de la Serrure Puzzle lock
Category:Locksmithing Keys Locks Book