ONVIF Releases Profile A for Access

By Brian Rhodes, Published Aug 08, 2017, 10:55am EDT

ONVIF has struggled so far in access control.

In 2014, ONVIF released Profile C for access control, but in the 3 years since, only 2 companies have adopted it.

How does ONVIF A differ from C? Will it be a success where previous efforts have stalled?  Inside we examine Profile A, based on feedback from ONVIF, committee members, Mercury Security, and our analysis of the Profile A specification.

Which of these profiles allows users to control a panel (e.g., HID or Mercury) or a management system (e.g., Lenel or S2)?  We answer that question and more in this note.

Profile * ** **********

******* * ** ****** because ******* * ************* **** ****** **** ****** events **** **** *******, door ****** (**** **. Closed *****), *** *** to ****** ****** ******** when ******* ******* ******, like ***** ** ******* reads, ** ** * door ** ****** ****.

******* * **** *** cover **** **********, *********** they ***, *** ********* they *** ******* ******, and *** **** *********** is ****** ******* ******. This '**************' *** ******* why ******** ** ******* C ** ** *****.  It ***** ** ** incomplete ********, *** ******* A ** ****** ** 'fill-in' **** ******* ******* once ****** ******* *** integrated ********.

ONVIF * *********

********** * ******************* *** ****** ******* handle **** ******* *******, credential *********** (*.*. ), access ****** *** *********, *** ****** ********** software ******** **** ******* configuration/data *******, *** ****** discovery:

** ** *******, **** is ** ******* **** the '***********' ********* ******* of *** ********.  *** ***** * ***********, ** ******, ***** how **** ****** ******* must ** ************ ******* conformant *********** *** ********** software:

***** ********* ******* *, ******** ** ******* *, to **:

"******* * ******* ****** interoperability ******* **** *** VMS ******* *** *******. Profile * ******* *** functionality **** *** **** and ******** **** **** credentialing *** **** **** the **** ** ********** ********, true *** *** ********* interoperability, **** ** *** interaction **** ******** **********, ****, ******** and ***** ***** ******** functions."

** ***** **** ******* in *** ********, ********* ONVIF **-******* *** ******* Axis, ***** *** ******* A ***** ******* ********. Axis ******** *** *** benefit ** ******* * is

"*** ******* ******* *** end ***** *** ****** owners **** ***** ** *** *********** ** get ********** ** ********* brands ** ******** **** one ******* ******* * ************ ***. *** ******* controllers, */* ******* *** so **."

** * ******* ******, adoption ** **** ******** could **** '****** *** matching' ******** ******* **** controller *** ********** ********. 

Both ******** ****** *** *********

** *** *******, **** ONVIF * *** ******* C **** **** ** be ********* **** ** management ******** *** **** controllers ** ******* *** fully ******* ******** *****, credentials, ***********, *** *******.

*** **** ****, ***** conformant ****** ******* ********** ******** *** ***** ***** **** aspects ** ****** ****** or ***********.  

Missing Access ******** **** ***** ****** *******

*** **** ******* ***** both ***** * *** Profile * **** **** additional ************ ********* ** support ********* ****** *********. For *******, ********** ******** may ******* ****** ***** ****** not ********* ** *** chosen **** ********.  

******** **** '*** *** Access' ***** *** ***** created **** ******** *********** in ****, *** '************', reporting ******* ** ********** intrusion/fire *******, ********* ******** commands, *** ******** ****** are ***** *********** ************.  System ******** *********, **** credential '****** **** ****** lock/unlock' ** '****** ************' are *** ******* ** ONVIF's *****, *** *** critical ***** ** **** access *******.

Early ********

***** ******** ** **** us *** ** ******* specifically ** ******* * conformant *******, *** ******* sources **** ** *********, Axis, *** **** (***) are ******** ** ******* conformant ********, *** *******, Hymatom, *** **** *** planning ******** *******.

**** **** ***** ** the ***** *** ******** 'Entry *******' ****** **** be ***** * **********.

** ****, **** ***** of ******** **** ************* exceed *** ******* ********** of ******* *, ***** after ***** ***** ***** only ***** **** *** Hymatom ** **********, *********** presenting *** '*************** ********' as **** **** ** two ****** ***** ****** control ******* ** ***** of **********.

Mercury *** **********

******* ********, *** *************** ** ****** ******* panels ** ******** *************, *** ** ***** ** support * *** *:

"** * ******* ****, ** ****** as **** ********* ** possible ** *** ******* based ** ****** ****** and ******-********. **** **** said,we *** *** ******* ******** **** *** ********* *** *** ****-**** **** **** ********** ******** ** ********* ** ****. We have many other initiatives that are currently * ****** ******** - ********* enhanced *****-******** ********, *** further *********** ** *** “app ** *****” *********.  It ** * ****** *********** **** *** AoB ********* **** * *** ***** **** ** able ** ******* ***** *******, ** **** **, many ***** ************. **** is ** **** ** are ********** ** *******."

***** * *** * somewhat compete **** *** ** the **** ****** ** Mercury's *** ***** - while ***-***** (******* ********** or ******** ***** *******'* OEM ******** ********), *** swayed ** *** ***** that ********** *********** **** *******'* 'stardard ********' **** ******* in ******* ************* **** a ***** ** ******** devices *** ********* ****-**** compatibility ** ** - 20 ***** ******* *********** is *** ** *** same ****** ** ***** A *** *.

Benefits *** ********, **** **** ********* ****

*** ****** ******* ****** is ********* ** ***** incumbent ******, *** **** legions of **********, *********** ********. And ***** *** ******* handful ** ****** ** the ***, ***** *** a **** ***** ** smaller ********* *** **** structured ***** *** ******** models ***** *** ******* companies. ******* ** **** heavy **** ******* '***-**-***' systems, ***** *** ***** to **** *** **** from ***** *** ****** are *** *** *******, and ***** ********* *** have *** ** ********* the ******* ******.

*** ******** ******* **** us:

"*** ***** *************, ****** to ***** **** *** access ******, **** ******* Profile * *** * ** ***** to *** **** **** vendors ** ******* ****."

*******, **** ******* ******** may **** ** ***** provider **** ******, ** order ** ******* ***** businesses, ******* ** * fundamental ******** ****** ** the ****** ******:

******* [**** *******] ****** control, ** *** ***** to *** *** ********, but ********* **** **** of ** ***** **** hardware *******.  ** ****** panel **** ** ********* **** *** ***-** will *** ****** ********, because ** *** ******** difficulty ** ******* ** the ***** ** ***** your ***** *****.

** ***** **** ****, as *** ********** **** access ******* ** * fundamentally ********* ****** **** others, ***** *************** ********* like ***** **** **** successful, ** * ******** point. 

Access **** *** **** ************** **** *****

*** ******* ******* ***** A ******** **** ** a **** ** ******* from ***** ****** *********, who ********* ***** ******** model ****** ***-**-*** *****, nor ** **** **** support **** ******* ********, who **** ** * large ******* ** *** market.  **** **** ******** is *** ** ***** manufacturers *** ****** ******* significant *** ******** ** they ***** '*** *** match' ******* ** ********** systems. ******, ********** *** rather **** ****** ****** ** new, ******* ********* *** poach *********** ** ********* aided ** **** **************** of **********.

***** **** **** ** its ******* ** ***** due ** ************ ******* of ******* ***** ****** companies, *** ***** **** not **** *** **** contributions **** *** ****** side. ***** ** ****** ONVIF ******* *** ***** of ***** *******, *****'* attempts ** *********** ****** will **** ***** ******* ** many *********.

Comments (10)

Interesting that Genetec hasn't taken up ONVIF Profile A with Security  Centre even though it used"open standards" based controllers from Axis & HID & of course it's own "CloudLink" controllers.

They would have to have an economic reason for doing so.  I suspect they would not re-write their working interfaces just to put an ONVIF A label on it.

We asked Genetec about the potential for ONVIF support, and they responded that customer interest is low and support is not imminent. Their response:

Re: ONVIF Profile A: We're monitoring its adoption but requests have been few, and far between. Our focus is to support a growing number of industry standard hardware at the moment.

Let us know if you have additional questions!

Benefits New Entrants, Lost Cost Providers Most

I think ONVIF A would really benefit the small/medium business market. Half of our businesses is with large enterprises and the other is with these smaller businesses. Our SMB account base is growing the fastest right now and they want all systems to work together but they're not interested in paying the premium price for the hardware/software they are however OK with paying higher monthly fees for a lower upfront cost. If a handful of smaller VMS providers and access control manufacturers grab hold of this I think they'll find a place in the SMB market. 

 

Interesting developments.  I've heard consultants and customers talk about this but the assumption from them is that ONVIF compliance would free them from proprietary hardware which is not true unless those customers are going to replace the legacy systems. 

Looking at this from other non security markets, this is when the security controllers become even more of a commodity as their will be less opportunities for manufacturers to differentiate.  I would closely relate this to the Building Automation markets move to BACnet and LON where everyone worked to play together. 

"which is not true unless those customers are going to replace the legacy systems."

Pragmatically, this is likely true.  Although, it may be possible for manufacturers to make firmware/software updates to be ONVIF A conformant.

For example, Axis A1001 was released well before Profile A, but they have already released a firmware update supporting it for controllers in place.

Profile A is needed because Profile C specification only covers some access events like door locking, door status...

Profile C does not cover user management, credentials they use, the schedules they are allowed access...

To easily remember the profile names and purposes you wouldn't be too far off the mark to think:

Profiles A/C, A is for Access, C for Control

 

Update: I just checked ONVIF's official directory for A conformance and there are only 3 manufacturers 2 years after release: Axis, Came Urbaco and TDSI.

This came up in this discussion

Absolute shocker!

The issue with trying to apply ONVIF to access control, is that the "Camera / Access Controller" analogy is fundamentally flawed:  The Access Controller is more like a VMS. ( A reader is more like a Camera, and OSDP is doing quite well in that area.)

While ONVIF is common in the communication between camera and VMS, you don't see it much in connecting "up" from the VMS. The VMS is where most of the "value add" is placed.  Consuming VMS features is generally done through the manufacturer's SDK or API because they neither want to change the ONVIF spec every time they add something new, nor willfully commoditize their differentiating features.

Similarly, the access controller is where access manufacturers put differentiating features like escort, occupancy, anti-passback, 2-man rule, etc.  If ONVIF A/C is the only method to connect an access controller into a PACS or other system, then a new feature may need new messages in ONVIF, or some allowance for manufacturer-specific messages, which defeats the purpose of a standard.

My prediction is that in another 2 years, those that support this still will be only Axis, and a few more small manufacturers who erroneously believe ONVIF A/C to be a credentialing requirement for the North American market.

Read this IPVM report for free.

This article is part of IPVM's 6,743 reports, 909 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports