Embracing and leading change in the access control infrastructure

The ability to embrace the positive aspects of change requires an access-control platform that can meet today’s requirements


Organizations often avoid or delay change due to concerns about budget and the impact on productivity and workflow. This can be especially dangerous, however, in the access-control infrastructure, where a combination of technology obsolescence and escalating security threats can quickly cripple an organization’s ability to protect its people, facilities and data assets. It is far more effective to be proactive, rather than reactive, about change. This requires building an infrastructure that presumes and prepares for ongoing change to support evolving access-control needs, and enables the organization to preserve investments in its current infrastructure as it moves to new technologies and capabilities.

There are many reasons to embark on this path, including upgrading inadequate security and enhancing investment value and user convenience with a platform that supports multiple applications on smartcards or, in the future, Near Field Communications (NFC)-enabled mobile phones. The ability to embrace the positive aspects of change requires an access-control platform that can meet today’s requirements with the highest levels of security, convenience and interoperability while enabling organizations to adopt future capabilities without disrupting ongoing business operations.

Legacy security solutions can’t deliver this future, because they often use proprietary technology that is static. This makes them easy targets for attack and precludes their evolution beyond current abilities and security levels.

 

Interoperability and leveraging standards

Building an architecture that supports change requires careful attention to the “connections” between the architecture’s components. As components evolve — i.e. adding new equipment and systems, revisions and upgrades to existing systems — it can be a challenge to ensure that the components continue to function and deliver the expected security functionality that was originally intended. The evolution of standards within the security industry is a direct result of this challenge, and organizations such as the SIA, The Smart Card Alliance, PSIA and ONVIF are leveraging the industry’s expertise to address these challenges.

A prime example of these efforts is the Open Supervised Device Protocol (OSDP) and associated Secure Channel Protocol (SCP) for reader communications that have been standardized by the Security Industry Association (SIA). These protocols provide bidirectional, multidropped communication over an RS485 link, extending security from the card reader to the access controller. OSDP enables users to re-configure, poll and query readers from a central system, reducing costs and improving reader servicing.

 

Benefits of High-Frequency Contactless Smart Cards

In contrast with legacy solutions, the latest high-frequency contactless smart-card solutions are built for interoperability, as part of a larger identity ecosystem that is significantly more dynamic. These solutions also ensure that security is independent of hardware and media, making it much easier for organizations to evolve their infrastructure to support tomorrow’s needs. Today’s solutions also enable smart cards to be portable to smartphones so that organizations will have the option to use smart cards, mobile devices or both within their PACS.

HID Global’s iCLASS SE platform and iCLASS Seos card technology are the first to deliver these capabilities. The platform uses a new Secure Identity Object (SIO) data model that represents many forms of identity information on any device that has been enabled to work within the secure boundary and central identity-management ecosystem of the company’s Trusted Identity Platform (TIP). Any piece of data can be supported, including data for access control, cashless payments, biometrics, PC logon and many other applications. The combination of TIP and SIOs not only improves security but also delivers the flexibility to adapt to future requirements, such as adding new applications to an ID card. Additionally, iCLASS Seos credentials can be carried inside smartphones in a managed-access environment.

This content continues onto the next page...