SIST EN IEC 60839-11-33:2021

SLOVENSKI STANDARD
01-december-2021
Alarmni in elektronski varnostni sistemi - 11-33. del: Elektronski sistemi nadzora
dostopa - Konfiguracija nadzora dostopa na podlagi spletnih storitev
Alarm and electronic security systems - Part 11-33: Electronic access control systems -
Access control configuration based on web services
Ta slovenski standard je istoveten z: EN IEC 60839-11-33:2021
ICS:
13.320 Alarmni in opozorilni sistemi Alarm and warning systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN IEC 60839-11-33

NORME EUROPÉENNE
EUROPÄISCHE NORM
October 2021
ICS 13.320
English Version
Alarm and electronic security systems - Part 11-33: Electronic
access control systems - Access control configuration based on
Web services
(IEC 60839-11-33:2021)
Systèmes d'alarme et de sécurité électroniques - Partie 11- Alarmanlagen - Teil 11-33: Elektronische
33: Systèmes de contrôle d'accès électronique - Zutrittskontrollanlagen - Parametrierung der Zutrittskontrolle
Configuration du contrôle d'accès en fonction des services basierend auf Web Services
Web (IEC 60839-11-33:2021)
(IEC 60839-11-33:2021)
This European Standard was approved by CENELEC on 2021-09-29. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 60839-11-33:2021 E

European foreword
The text of document 79/646/FDIS, future edition 1 of IEC 60839-11-33, prepared by IEC/TC 79
“Alarm and electronic security systems” was submitted to the IEC-CENELEC parallel vote and
approved by CENELEC as EN IEC 60839-11-33:2021.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2022–06–29
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2024–09–29
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national committee. A
complete listing of these bodies can be found on the CENELEC website.
Endorsement notice
The text of the International Standard IEC 60839-11-33:2021 was approved by CENELEC as a
European Standard without any modification.
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod), the
relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 60839-11-1 2013 Alarm and electronic security systems - EN 60839-11-1 2013
Part 11–1: Electronic access control
systems - System and components
requirements
- - + AC 2015
IEC 60839-11-2 2014 Alarm and electronic security systems - EN 60839-11-2 2015
Part 11–2: Electronic access control
systems - Application guidelines
- - + AC 2015
IEC 60839-11-31 2016 Alarm and electronic security systems - EN 60839-11-31 2017
Part 11–31: Electronic access control
systems - Core interoperability protocol
based on Web services
IEC 60839-11-32 2016 Alarm and electronic security systems - EN 60839-11-32 2017
Part 11–32: Electronic access control
systems - Access control monitoring based
on Web services
ISO 16484-5 2017 Building automation and control systems EN ISO 16484-5 2017
(BACS) - Part 5: Data communication
protocol
RFC 5545 - Internet Calendaring and Scheduling Core - -
Object Specification (iCalendar)
RFC 5234 - Augmented BNF for Syntax Specifications: - -
ABNF
IEC 60839-11-33 ®
Edition 1.0 2021-08
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Alarm and electronic security systems –

Part 11-33: Electronic access control systems – Access control configuration

based on Web services
Systèmes d'alarme et de sécurité électroniques –

Partie 11-33: Systèmes de contrôle d'accès électronique – Configuration du

contrôle d'accès en fonction des services Web

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 13.320 ISBN 978-2-8322-1011-4

– 2 – IEC 60839 11-33:2021  IEC 2021
CONTENTS
FOREWORD . 8
INTRODUCTION . 10
1 Scope . 11
2 Normative references . 11
3 Terms and definitions . 12
4 Overview . 15
4.1 General . 15
4.2 Namespaces . 16
4.3 Error handling . 17
5 Credential service . 17
5.1 General . 17
5.2 Service capabilities . 18
5.2.1 General . 18
5.2.2 ServiceCapabilities data structure. 18
5.2.3 GetServiceCapabilities command . 19
5.3 Credential information . 20
5.3.1 General . 20
5.3.2 Data structures . 20
5.3.3 GetCredentialInfoList command . 23
5.3.4 GetCredentials command . 24
5.3.5 GetCredentialList command . 25
5.3.6 CreateCredential command . 26
5.3.7 SetCredential command . 28
5.3.8 ModifyCredential command . 30
5.3.9 DeleteCredential command . 31
5.3.10 GetCredentialState command . 32
5.3.11 EnableCredential command . 32
5.3.12 DisableCredential command . 33
5.3.13 ResetAntipassbackViolation command . 33
5.3.14 GetSupportedFormatTypes command . 34
5.3.15 GetCredentialIdentifiers command . 34
5.3.16 SetCredentialIdentifier command . 35
5.3.17 DeleteCredentialIdentifier command . 36
5.3.18 GetCredentialAccessProfiles command . 36
5.3.19 SetCredentialAccessProfiles command . 37
5.3.20 DeleteCredentialAccessProfiles command . 37
5.4 Notification topics . 38
5.4.1 General . 38
5.4.2 Event overview (informative) . 38
5.4.3 Status changes . 38
5.4.4 Configuration changes . 39
6 Access rules service . 40
6.1 General . 40
6.2 Service capabilities . 41
6.2.1 General . 41
6.2.2 ServiceCapabilities data structure. 41

IEC 60839 11-33:2021  IEC 2021 – 3 –
6.2.3 GetServiceCapabilities command . 41
6.3 Access profile information . 41
6.3.1 General . 41
6.3.2 Data structures . 42
6.3.3 GetAccessProfileInfo command . 42
6.3.4 GetAccessProfileInfoList command . 43
6.3.5 GetAccessProfiles command . 44
6.3.6 GetAccessProfileList command . 45
6.3.7 CreateAccessProfile command . 46
6.3.8 SetAccessProfile command . 47
6.3.9 ModifyAccessProfile command . 48
6.3.10 DeleteAccessProfile command. 49
6.4 Notification topics . 50
6.4.1 General . 50
6.4.2 Event overview (informative) . 50
6.4.3 Configuration changes . 50
7 Authentication behaviour service . 51
7.1 General . 51
7.2 Example. 51
7.3 Service capabilities . 52
7.3.1 General . 52
7.3.2 ServiceCapabilities data structure. 52
7.3.3 GetServiceCapabilities command . 53
7.4 Authentication profile information . 53
7.4.1 General . 53
7.4.2 Data structures . 54
7.4.3 GetAuthenticationProfileInfo command . 55
7.4.4 GetAuthenticationProfileInfoList command . 56
7.4.5 GetAuthenticationProfiles command . 57
7.4.6 GetAuthenticationProfileList command . 58
7.4.7 CreateAuthenticationProfile command . 59
7.4.8 SetAuthenticationProfile command . 60
7.4.9 ModifyAuthenticationProfile command . 61
7.4.10 DeleteAuthenticationProfile command. 62
7.5 Security level information . 63
7.5.1 General . 63
7.5.2 Data structures . 64
7.5.3 GetSecurityLevelInfo command . 66
7.5.4 GetSecurityLevelInfoList command . 66
7.5.5 GetSecurityLevels command . 67
7.5.6 GetSecurityLevelList command . 68
7.5.7 CreateSecurityLevel command . 69
7.5.8 SetSecurityLevel command . 70
7.5.9 ModifySecurityLevel command. 71
7.5.10 DeleteSecurityLevel command . 72
7.6 Notification topics . 73
7.6.1 General . 73
7.6.2 Event overview (informative) . 73
7.6.3 Configuration changes . 73

– 4 – IEC 60839 11-33:2021  IEC 2021
8 Schedule service . 74
8.1 General . 74
8.2 Recurrence . 76
8.2.1 General . 76
8.2.2 Weekly recurrence . 76
8.2.3 Extended recurrence . 77
8.2.4 Standard schedule recurrence . 77
8.2.5 Special day recurrence . 77
8.3 Service capabilities . 78
8.3.1 General . 78
8.3.2 ServiceCapabilities data structure. 78
8.3.3 GetServiceCapabilities command . 79
8.4 Schedule information . 79
8.4.1 General . 79
8.4.2 Data structures . 79
8.4.3 GetScheduleInfo command . 82
8.4.4 GetScheduleInfoList command . 83
8.4.5 GetSchedules command . 84
8.4.6 GetScheduleList command . 85
8.4.7 CreateSchedule command . 86
8.4.8 SetSchedule command . 87
8.4.9 ModifySchedule command . 88
8.4.10 DeleteSchedule command . 89
8.5 Special day group information . 90
8.5.1 General . 90
8.5.2 Data structures . 90
8.5.3 GetSpecialDayGroupInfo command . 90
8.5.4 GetSpecialDayGroupInfoList command . 91
8.5.5 GetSpecialDayGroups command . 92
8.5.6 GetSpecialDayGroupList command . 93
8.5.7 CreateSpecialDayGroup command . 94
8.5.8 SetSpecialDayGroup command . 95
8.5.9 ModifySpecialDayGroup command . 96
8.5.10 DeleteSpecialDayGroup command . 97
8.6 Schedule status . 97
8.6.1 ScheduleState data structure . 97
8.6.2 GetScheduleState command . 98
8.7 Notification topics . 99
8.7.1 General . 99
8.7.2 Event overview (informative) . 99
8.7.3 Status changes . 99
8.7.4 Configuration changes . 100
8.8 Examples . 101
8.8.1 General . 101
8.8.2 Access 24 × 7 for admin staff. 101
8.8.3 Access on Monday and Wednesday from 06:00 to 20:00 for cleaning
staff . 101
8.8.4 Access from Friday 18:00 to 07:00 for maintenance staff . 101
8.8.5 Access on weekdays from 08:00 to 17:00 for employees . 102

IEC 60839 11-33:2021  IEC 2021 – 5 –
8.8.6 Access from January 15, 2014, to January 14, 2015, from 09:00 to
18:00 . 103
8.8.7 Special days example 1 . 103
8.8.8 Special days example 2 . 104
8.8.9 Special days example 3 . 106
Annex A (normative) Access control interface XML schemata . 107
A.1 Credential service WSDL . 107
A.2 Access rules service WSDL . 127
A.3 Authentication behaviour service WSDL . 137
A.4 Schedule service WSDL . 155
Annex B (informative) Mapping of mandatory functions in IEC 60839-11-1 . 174
Bibliography . 182

Figure 1 – Overview of service dependencies . 16
Figure 2 – Main data structures in the credential service . 18
Figure 3 – Main data structures in the access rules service . 40
Figure 4 – Multiple schedules per access point . 46
Figure 5 – Result of schedule union . 47
Figure 6 – Authentication behaviour example . 52
Figure 7 – Related objects of an authentication profile . 54
Figure 8 – Related objects of a security level . 63
Figure 9 – Security level examples . 65
Figure 10 – Main data structures in the schedule service . 74
Figure 11 – Recurrence support matrix . 76
Figure 12 – Recurring events with an exception . 77
Figure 13 – Recurring events with a special day . 78
Figure 14 – SpecialDaysSchedule example. 81
Figure 15 – Example of special day with time part . 81
Figure 16 – Schedule states . 98

Table 1 – Defined namespaces in this document . 16
Table 2 – Referenced namespaces (with prefix) . 16
Table 3 – GetServiceCapabilities command . 19
Table 4 – GetCredentialInfo command . 23
Table 5 – GetCredentialInfoList command . 24
Table 6 – GetCredentials command . 25
Table 7 – GetCredentialList command . 26
Table 8 – CreateCredential command . 27
Table 9 – SetCredential command . 29
Table 10 – ModifyCredential command . 31
Table 11 – DeleteCredential command . 32
Table 12 – GetCredentialState command . 32
Table 13 – EnableCredential command . 33
Table 14 – DisableCredential command . 33

– 6 – IEC 60839 11-33:2021  IEC 2021
Table 15 – ResetAntipassbackViolation command . 34
Table 16 – GetSupportedFormatTypes command . 34
Table 17 – GetCredentialIdentifiers command . 35
Table 18 – SetCredentialIdentifier command . 35
Table 19 – DeleteCredentialIdentifier command . 36
Table 20 – GetCredentialAccessProfiles command . 36
Table 21 – SetCredentialAccessProfiles command . 37
Table 22 – DeleteCredentialAccessProfiles command . 38
Table 23 – GetServiceCapabilities command . 41
Table 24 – GetAccessProfileInfo command . 43
Table 25 – GetAccessProfileInfoList command . 44
Table 26 – GetAccessProfiles command . 45
Table 27 – GetAccessProfileList command . 46
Table 28 – CreateAccessProfile command . 47
Table 29 – SetAccessProfile command . 48
Table 30 – ModifyAccessProfile command . 49
Table 31 – DeleteAccessProfile command . 50
Table 32 – Example of schedule state to security level mapping . 51
Table 33 – GetServiceCapabilities command . 53
Table 34 – GetAuthenticationProfileInfo command . 56
Table 35 – GetAuthenticationProfileInfoList command . 57
Table 36 – GetAuthenticationProfiles command . 58
Table 37 – GetAuthenticationProfileList command . 59
Table 38 – CreateAuthenticationProfile command . 60
Table 39 – SetAuthenticationProfile command . 61
Table 40 – ModifyAuthenticationProfile command . 62
Table 41 – DeleteAuthenticationProfile command . 63
Table 42 – GetSecurityLevelInfo command . 66
Table 43 – GetSecurityLevelInfoList command . 67
Table 44 – GetSecurityLevels command . 68
Table 45 – GetSecurityLevelList command . 69
Table 46 – CreateSecurityLevel command . 70
Table 47 – SetSecurityLevel command . 71
Table 48 – ModifySecurityLevel command . 72
Table 49 – DeleteSecurityLevel command . 72
Table 50 – GetServiceCapabilities command . 79
Table 51 – GetScheduleInfo command . 83
Table 52 – GetScheduleInfoList command . 84
Table 53 – GetSchedules command . 85
Table 54 – GetScheduleList command . 86
Table 55 – CreateSchedule command . 87
Table 56 – SetSchedule command . 88
Table 57 – ModifySchedule command . 89

IEC 60839 11-33:2021  IEC 2021 – 7 –
Table 58 – DeleteSchedule command . 89
Table 59 – GetSpecialDayGroupInfo command . 91
Table 60 – GetSpecialDayGroupInfoList command . 92
Table 61 – GetSpecialDayGroups command . 93
Table 62 – GetSpecialDayGroupList command . 94
Table 63 – CreateSpecialDayGroup command . 95
Table 64 – SetSpecialDayGroup command . 96
Table 65 – ModifySpecialDayGroup command . 97
Table 66 – DeleteSpecialDayGroup command . 97
Table 67 – GetScheduleState command . 99
Table B.1 – Access point interface requirements . 175
Table B.2 – Indication and annunciation requirements . 176
Table B.3 – Recognition requirements . 179
Table B.4 – Duress signalling requirements . 180
Table B.5 – Overriding requirements . 181
Table B.6 – System self protection requirements . 181

– 8 – IEC 60839 11-33:2021  IEC 2021
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
ALARM AND ELECTRONIC SECURITY SYSTEMS –

Part 11-33: Electronic access control systems –
Access control configuration based on Web services

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent
rights. IEC shall not be held responsible for identifying any or all such patent rights.
IEC 60839-11-33 has been prepared by IEC technical committee 79: Alarm and electronic
security systems. It is an International Standard.
The text of this International Standard is based on the following documents:
FDIS Report on voting
79/646/FDIS 79/648/RVD
Full information on the voting for its approval can be found in the report on voting indicated in
the above table.
The language used for the development of this International Standard is English.

IEC 60839 11-33:2021  IEC 2021 – 9 –
This document was drafted in accordance with ISO/IEC Directives, Part 2, and developed in
accordance with ISO/IEC Directives, Part 1 and ISO/IEC Directives, IEC Supplement, available
at www.iec.ch/members_experts/refdocs. The main document types developed by IEC are
described in greater detail at www.iec.ch/standardsdev/publications.
A list of all parts in the IEC 60839 series, published under the general title Alarm and electronic
security systems, can be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under webstore.iec.ch in the data related to the
specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The "colour inside" logo on the cover page of this document indicates
that it contains colours which are considered to be useful for the correct understanding
of its contents. Users should therefore print this document using a colour printer.

– 10 – IEC 60839 11-33:2021  IEC 2021
INTRODUCTION
This document makes it possible to build an alarm and electronic security system with clients,
typically a monitoring console, and devices, typically an access control unit, from different
manufacturers using common and well defined interfaces.
The document specifies only the data and control flow between a client and the services without
reference to any physical device as the services required to implement a compliant electronic
access control system (EACS) are not necessarily implemented on a single device, i.e. all
services can be run on a control panel, event aggregator software on PC, etc.
This document does not define internal communication between an access control unit and its
components if they are implemented on a single device.
This document is based upon work done by the ONVIF open industry forum. The ONVIF
Credential specification, ONVIF Access Rules specification, ONVIF Authentication Behaviour
specification and ONVIF Schedule specification are compatible with this document.
This document is accompanied by a set of computer readable interface definitions (see
Annex A):
• credential service WSDL, see Clause A.1;
• access rules service WSDL, see Clause A.2;
• authentication behaviour service WSDL, see Clause A.3;
• schedule service WSDL, see Clause A.4.
Due to the differences in terminology used in IEC 60839-11-1:2013 and IEC 60839-11-2:2014
and the ONVIF specification that this part of IEC 60839 is based on, a reader should take
special notice of the terms and definitions clause.
Additional services needed for monitoring of doors and access points (portal sides) are outside
the scope of this document. These services are covered by IEC 60839-11-32.

IEC 60839 11-33:2021  IEC 2021 – 11 –
ALARM AND ELECTRONIC SECURITY SYSTEMS –

Part 11-33: Electronic access control systems –
Access control configuration based on Web services

1 Scope
This part of IEC 60839 defines the Web services interface for electronic access control systems.
This includes listing electronic access control system components, their logical composition,
monitoring their states and controlling them. It also includes a mapping of mandatory and
optional requirements in accordance with IEC 60839-11-1:2013, as covered by Annex B.
This document applies to physical security only. Physical security prevents unauthorized
personnel, attackers or accidental intruders from physically accessing a building, room, etc.
Web services usage and device management functionality are outside the scope of this
document. Refer to IEC 60839-11-31:2016 for more information.
This document does not in any way limit a manufacturer to add other protocols or extend the
protocol defined here. For rules on how to accomplish this, refer to IEC 60839-11-31:2016.
2 Normative referen
...