Key elements: deploying a converged physical & logical access solution


HID Global has been continually receiving inquiries regarding the trend towards converged physical and logical access control, but what does it take to make this increasingly important technology a reality for government and enterprise organizations?

While converged access projects can often leader to broader identity management initiatives, a basic converged access solution requires only four key elements to get a project started.

1.The first required element is a credential management system that provides a single platform for issuing and managing devices and credentials over the course of their lifecycle.

2.Second, the credentials themselves are most certainly a necessity. Most organizations initially require multi-technology cards in order to more seamlessly support multiple reader technologies while they move toward a more standardized reader type or the use of PKI at the door.

3.The third vital element is the card reader. Options are available for desktop/laptop, general-use and multi-technology smart card applications. HID's pivCLASS readers are also available to enable U.S. government agencies to support Personal Identification System (PIV) cards as part of the Federal Information Processing Standards Publication 201 (FIPS 201) program, without a wholesale "rip-and-replace" of their existing system.

4.The last required piece of a converged solution is the ability to create customized photo IDs and encode smart cards for physical and logical access control, typically through a choice of high-definition and direct-to-card printer/encoders.

For a full, converged solution with all the 'bells and whistles', there are a few more options which can provide a well-rounded solution that is second-to-none, including an authentication server that eliminates the vulnerabilities associated with static passwords while supporting compliance with industry and government regulations covering multi-factor authentication, authorization and auditing.

Previously a mandatory component in a converged access solution, smart card middleware for handling the secure communications for PKI transactions is also useful as it allows government organizations to easily use smart cards and USB tokens for a variety of desktop, network security and productivity applications. Many operating systems are also now including basic inherent drivers for cards that have a PIV-compliant card edge.

A final consideration is for organizations to future-proof their solutions and investments for deploying converged physical and logical access control on mobile platforms. The ability to put a secure credential on NFC-enabled phones for permission-based access control makes smartphones an ideal platform for carrying multiple types of physical and logical access credentials.

Together, these elements comprise the key ingredients of a forward-thinking and fully comprehensive physical and logical access control solution that is designed to improve user convenience while enhancing security, reducing cost, streamlining management, and simplifying policy compliance and associated auditing requirements.