Another factor that improves ROI is that many of the components for converged physical and logical access control are now off the shelf. This is especially true in a Microsoft environment. Microsoft has worked closely with its Gold Partner Gemalto and others to create a total solution including Identity Life Cycle Manager (ILM) and Active Directory integration. Gemalto has created mini-drivers that are supported out-of-the-box for Microsoft Vista or ready downloads for Windows XP, removing the client middleware requirement.
The ready availability of off-the-shelf strong authentication solutions has made it possible for any sized organization to implement strong authentication. For example, Virchow Krause, the nation’s 13th largest accounting firm and a Microsoft shop, was able to implement smart card tokens from Gemalto that included one-time password (OTP) capabilities and Microsoft digital certificate authentication. Two years ago, this would have required custom development.
Biometrics for logical access control will also get a boost from out-of the-box support. In April at RSA 2009, Microsoft and Gemalto are demonstrating a new solution that supports biometrics on smart cards in a Microsoft desktop.
“Smart cards are a natural fit with biometrics,” Vanderhoof says. “By storing the biometric template on the smart card, you can do a match-on-card verification of the cardholder’s identity. Like a certificate authentication, the fingerprint template never leaves the card, making the entire system more secure. In addition, the template goes with the badge holder, so you can do the authentication locally without a network connection to a central database for lookup.”
The U.S. federal government remains the leading user of smart cards combined with biometrics technology. The electronic passport, the PIV card and the Transportation Worker Identification Credential (TWIC) being issued by the Transportation Security Administration all combine smart cards and biometrics.
As we look to the future, the level of physical and logical convergence will only increase. Government regulation and an increased awareness of the need for better access controls continue to fuel the movement. Although the convergence of physical and logical access is still faced with challenges, the flexibility of smart cards continues to rapidly adapt to emerging requirements — like biometrics — as enterprises learn how to most efficiently use and manage these devices.
Furthermore, with mainstream IT infrastructure players such as Microsoft providing out-of-the-box solutions for the deployment and management of smart cards, the implementation and use of converged identity credential solutions will only get easier and more cost-effective.
Tom Flynn is Director of Marketing, Identity & Access Management, for Gemalto North America, where he leads the team that is responsible for defining Gemalto’s business strategy and technical solutions for enterprise network security and converged badge solutions. Visit Gemalto at.
The Smart Card Alliance has online resources available in smart cards, convergence, physical and logical access control and smart cards and biometrics at www.smartcardalliance.org.. The Alliance has active industry and technology councils in Identity and Physical Access, and encourages interested parties to learn more at