printer friendly version

Securing access control and ID management

Smartcard identity solutions are converging with biometrics for uncompromised physical and logical security.

The security industry, as with most industries affected by advancements in technology, is constantly being forced to re-evaluate itself and to consider all options when offering a service to its clients. Over the years, there has been a natural progression away from the traditional concept of access control to a more converged approach.

The traditional approach to access control had a clear delineation between physical security and logical security. Premises were secured by lock and key, and computers were secured by password if at all. With the introduction of smartcards, physical security became more robust. However, in organisations where physical access and logical access operate independently of each other, overall security remains compromised.

Security also now plays an instrumental role in compliance with regulations, protection of personal information, and enabling many business processes. Therefore, business managers are looking for ways to have better security while also cutting costs and finding economies of scale. One way that this can be achieved is by converging IT security with overlapping corporate or physical security functions.

According to Dave Crawshay-Hall, CTO for Brand New Technologies, the growing trend towards a convergence of logical and physical security requires a more advanced security solution capable of implementation across the physical access control system and the logical IT infrastructure. “Extending the smartcard access control system to carry IT user identification applications closes the security gaps existing in disparate systems, and offers a more cost effective and reliable method of access control right across an organisation.

“A further benefit of smartcard identification when logging into an IT system is that it provides a forensic audit trail and allows users to digitally sign important documents and agreements. It also allows organisations to comprehensively manage the employee lifecycle from start date, what parts of the building he can access and what systems he is authorised to use,” says Crawshay-Hall.

Benefits of smartcards in access control

* Staff credentials for IT and physical access can be consolidated onto a single card. A smartcard can serve as an ID badge for building access and can also store IT credentials like passwords and digital certificates. This removes the security vulnerabilities inherent in multiple passwords and forgotten passwords.

* Managing building and IT access is simplified. Having one central database where employee credentials are managed allows for quicker activation and deactivation of staff credentials across both logical and physical security infrastructure.

* Correlating security alerts. Security event management systems could be extended to cover logical and physical networks. For example, an alert would trigger if the VPN (virtual private network) signals an employee logging in remotely while the badging system indicates that he has previously physically entered at the company premises.

Future trends

While smartcards add a valuable layer to organisational security, future trends indicate that biometrics are the way forward for access control, whether as part of a smartcard application or as a standalone system. When incorporated into an existing smartcard solution, the biometric adds an extra layer of authentication to access control.

There are many biometric options available, but according to Crawshay-Hall, of all the technologies available fingerprint sensing is one of the most widely deployed and least intrusive means of identity confirmation. “More and more, organisations with access control and identification security requirements are using fingerprint biometric systems to validate the identity of staff members. The fingerprint stored on the smartcard is verified and authenticated against the live finger scanned at time of entry (to premises) or log in (to IT infrastructure).”

However, standard fingerprint biometric devices have many shortcomings, resulting in poor quality images and false or inconclusive readings. To counteract these shortcomings Lumidigm, supported locally by Brand New Technologies has developed a multispectral fingerprint imaging (MSI) biometric device.

“Some of the environmental factors that could influence the quality of fingerprint sensing include dry, wet or damaged fingers, poor contact between the finger and the sensor and bright ambient light,” says Crawshay-Hall. “The MSI fingerprint technology uses multiple wavelengths of light to read both the external and internal fingerprints of a person,” explains Crawshay-Hall. “Unknown to most people, approximately 2 mm below the skin, is a set of capillaries that are in a pattern that is identical to one's external fingerprints. With the multispectral fingerprint readers from Lumidigm, if the external fingerprint is obscured by water, dirt or chafing, the fingerprint sensor uses the information from the internal fingerprint. Thus, the problem with dirty fingers and maintaining performance in all weather conditions is solved.

“With the MSI biometric device, organisations can be certain that their security remains uncompromised physically and logically,” concludes Crawshay-Hall.

Share this article:

Further reading: