Examining the Impact of PLAI

April 7, 2015
An exclusive Q&A with PSIA’s Dave Bunzel on the new access control specification and ISC West event

At ISC West, the Physical Security Interoperability Alliance (PSIA) will demonstrate the capabilities of its new Physical-Logical Access Interoperability (PLAI) specification (April 16 at 9:30 a.m. in Venetian Veronese Room 2403).

SD&I caught up with PSIA Executive Director David Bunzel for this exclusive Q&A on PLAI and what to expect at the Las Vegas event.

SD&I: What is the PLAI Specification, and what does it enable?

Bunzel: PLAI is a specification that allows for dynamic identity management in enterprise environments. One of the dilemmas in the enterprise is finding a way to secure the identity part of the physical security environment. Unless a company has integrated its HR system and physical security system through custom software coding, the process is manual and can easily compromise the overall security plan. The PSIA has developed PLAI to address this issue. We have relied on commonly used protocols (e.g. LDAPv3) to have a standard way to connect the trusted source — the HR system for example — to the Physical Access Control System (PACS).

Most of the significant PACS vendors are actively involved in the PLAI initiative. If they integrate PLAI into their platforms, it will further enhance the value to their customers, because even with disparate PACS systems in an organization, the individual employee’s identity will be recognized. Being able to dynamically invoke and revoke privileges for employees has been a challenge only overcome through expensive and proprietary software integration. This issue is amplified with many companies relying on large pools of contract employees that have limited periods of time on a job. Terminating their access when a contract is completed is a logistical problem.

Another benefit of PLAI comes when a company has different PACS systems in its organization. This is often the case for international companies, where decisions on PACS vendors may have been made independently in different regions. It can also be an issue when companies make acquisitions, where the PACS systems can different and integration a challenge. Employees should be able to have access privileges to any company facility, but for many companies where there are multiple PACS, this is only accomplished through an expensive software solution or a manual and inefficient process. Alternatively a company would have to totally change the PACS in the acquired company to match the primary PACS used by the organization — a classic “rip and replace” scenario.

Which vendors have participated in the creation of this specification?

Tyco, Lenel, Honeywell, Kastle Systems, Stanley Security and Gallagher have been active in the development of PLAI.

How will PLAI impact integrators/installers?

PLAI has a couple of benefits. One of the most important is the ability to offer integrators an additional area to support. It will expand their opportunities and help them engage in a discussion on the logical security side of their customers. A second benefit is the PLAI standard will make it easier for integrators to address identity management. Making sure this aspect of the security plan is supported makes for a more robust system — a clear benefit to customers.

How will PLAI change the way vendors sell and market products to dealers, integrators and end-users?

We expect the leading PACS platform vendors to include PLAI in their systems. This will not only allow easy integration to a customer’s HR system, but also support the access control products downstream.

What can attendees of the ISC West demo expect?

The companies participating in the PLAI demo at ISC West have expanded the features they are demonstrating to include roles. Role-based identity management is another valuable enhancement that will streamline the process of changing privileges and more effectively support the dynamic nature of companies. This leverages on the previous PLAI demonstrations where the trusted or authoritative source was able to create, communicate and synchronize employee identity (First Name, Last Name, email) and credentials throughout disparate PACS systems in an organization.  

Paul Rothman is Editor-In-Chief of Security Dealer & Integrator (SD&) magazine (www.secdealer.com).

About the Author

Paul Rothman | Editor-in-Chief/Security Business

Paul Rothman is Editor-in-Chief of Security Business magazine. Email him your comments and questions at [email protected]. Access the current issue, full archives and apply for a free subscription at www.securitybusinessmag.com.