Significant changes are taking place in the communications and access control field. Enterprises across all industries are deploying new products aimed at improving productivity and sales opportunities. I have compiled 10 issues that I believe are essential to understanding how individuals and businesses will use access control products:
The move to mobility.The emergence of near field communications (NFC) and other technologies is fueling the migration of access control technology to mobile platforms. The same basic access control methodology we've used for decades can now be embedded into smartphones and other mobile devices, and we can eliminate keys and cards virtually anywhere we need to unlock a door, gate, or drawer.
This capability is built into next-generation access platforms such as those based on the standards-based, technology-independent Secure Identity Object (SIO) data structure from HID Global Corp. SIOs on the credential side and interpreters on the reader side perform similar functions to traditional cards and readers, but they use a significantly more secure, flexible, and extensible data structure. SIOs can reside on traditional contactless memory cards, microprocessor-based cards like SmartMX, and smartphones with NFC capabilities, and they can be defined to support smart card technology such as iCLASS, MIFARE DESFire, and Indala.
The convergence of physical and logical access. Moving physical and logical access on to a single platform is creating more capable and more unified identity solutions. Convergence improves security by enabling a single smart card to support multiple authentication methods while helping organizations meet regulatory requirements, enforce consistent policies, and drive consolidated audit logs throughout the enterprise.
Convergence also cuts costs by consolidating tasks, including strong authentication on the desktop, and it opens market opportunities for strong logical access by making it easier and therefore more financially feasible for small and midsized companies to deploy. Soon convergence will deliver these benefits not only within the traditional card-and-reader model, but also on new mobile devices such as NFC-enabled phones that use next-generation access-control platforms such as those based on HID Global's standards-based, technology-independent SIO data structure. This data structure will enable an ecosystem of interoperable, multitechnology, mobile access control solutions that are more secure, flexible, and easy to extend with new capabilities over time.
Federal mandates that fuel more robust personal identification security. In a memorandum issued in February 2011, the Department of Homeland Security and the Office of Management and Budget said that, starting next fiscal year, physical and logical access control systems will have to be upgraded to use Personal Identification Verification (PIV) credentials, in accordance with National Institute of Standards and Technology guidelines. Federal agencies must do this before using development and technology refresh funds to complete other activities. These systems must leverage smart card and biometric technology and support identification credentials.
The need for sustainable solutions. Organizations are under growing pressure to reduce costs while improving environmental accountability. The latest access control systems, secure printers, and managed print services (MPS) programs help fulfill these objectives. The choice of card and reader materials plays a big role, and many readers and secure print solutions are designed from the ground up for improved energy efficiency. Energy use is further streamlined by implementing MPS programs, and security professionals can deploy greener projects by specifying flexible access control solutions that support multiple technologies and are compatible with earlier systems to avoid wholesale "rip and replacement" when it is time to upgrade.
The evolution of smarter smart cards. The rapid growth in smart card technology adoption will continue through 2011, as the convenience and cost of single-card solutions provide the underlying drivers for a move to using smart card technology. As they are used for more applications, today's smart cards carry more information that must be protected. They require more privacy protections, and they must be able to validate and secure identities. This has created an increasing demand for multiple layers of card security, including two-factor authentication and biometric templates, in addition to a number of new forms of higher card security in 2011.
The emergence of wireless locksets. Wireless intelligent locksets connected to traditional physical access control systems will become more prevalent as lower-cost, more energy-efficient models are introduced to the market. Additionally, these same locksets may help state and federal agencies meet PIV authentication requirements.
Increased use of outsourcing. We are seeing a continuation of the trend to outsourcing services as more end users look to software-as-a-service (SaaS) and Web-based access control solutions provided by both traditional physical access control and IT channel providers. This trend extends to badging services, which are offered via Web-based portals that provide a simple and secure way for customers to upload and communicate data, photos, and other information while reducing the cost and complexity of maintaining and operating a corporate-wide badging infrastructure.
Growing focus on integrated access systems. As a manufacturer of a large number of the devices used in integrated access control systems, HID Global is increasingly relied upon for products that are standards-based, open, and interoperable. US government mandates are driving standard-based protocols for use in integrated systems, where the integration recommended by FICAM and SP800-116 will shape systems for some time to come.
Rapid growth in vertical markets. The commercial industry was the fastest growing market for these products in 2010, but the government sector is seeing the most rapid growth in 2011. This is because of new mandates and legislation affecting US agencies. Other governments are taking their lead from the US, the UK, France, and potentially the Netherlands.
Introduction of new standards and legislation. SIA OSIPS, PSIA Area Control, Onvif, FIPS 201-2, FICAM Part B, RTCA 230C, and OMB 11-11 will impact the market this year, along with a host of other standards and legislation.
Thank you for the comments, and yes, these trends encompass both physical access to buildings and logical access to data and networks. Both of these types of access control are transitioning beyond traditional cards and readers to also take the form of portable credentials that can be stored on smartphones and other mobile devices. To answer the question about biometrics, as I mentioned in the article, there is the growing need for multiple layers of card security, including two-factor authentication and biometric templates, in addition to a number of new forms of higher card security in 2011. And finally, to answer the question about securing cloud services, there are two key issues – ensuring that portable credentials can be provisioned via cloud-based services, and ensuring the overall security of these and other cloud services and applications. We address the first issue with our Trusted Identity Platform(TIP), which establishes a secure boundary within which all cryptographic keys governing system security can be delivered with end-to-end privacy and integrity. TIP provides the framework and delivery infrastructure for a new secure, open and independent identity data structure what we call Secure Identity Objects, or SIOs, on the credential side, and corresponding SIO interpreters on the reader side. SIOs and SIO interpreters perform similar functions to traditional cards and readers, only using a significantly more secure and flexible data structure and being able to reside on multiple platforms. They enable a new class of portable identity credentials that can be securely provisioned over the aire in a cloud-based service environment and safely embedded into both fixed and mobile devices, all within the secure TIP boundary. We address the second cloud security issue through our ActivIdentity brand. Many organizations are delaying cloud-based applications deployment because they are uncertain how to protect data outside their firewall. To solve this problem, our solutions provide OTP, OOB, and smart card strong authentication in front of SAML V2-enabled cloud applications so that an enterprise to use their preferred strong authentication method wherever their data resides. (Posted for Tam Hulusi, HID Global).
To have a really secure access, in my opinion, something that autheticates the person's physical identity and ensures physical presence at the access point is essential rather than the codes on smart cards or mobile devices. The best way to do this biometric readers who can identify a person by his/her thumb impression which cannot be duplicated , cannot be stolen.
We are well aware of these types of access controls since my husband works for a large chemical company who has serious security controls. I think all too often people take this technology for granted and assume that if something goes wrong with a financial transaction they will be bailed out by their banks.
Access in this case extends from products that control physical access to buildings and other infrastructure to things like access to our electronic gadgets such as smartphones, laptops and tablets. It's a big and growing market because of security concerns but I wonder how many consumers actually pay much attention to issues like this. We just swipe and expect it to work and hope we don't become a victim of fraud.
@Barbara, I believe the "access" referred to here are devices (hardware and software) rather than physical access to a building for instance. The access products include smart cards, door access devices and software and other types of access such as for financial transactions and the ones used to gain secured access to our smartphones, computers, information technology systems, etc. It's an interesting subject but one that is often cloaked in suspense because the new systems being constantly introduced.
EBN Dialogue enables you to participate in live chats with notable leaders and luminaries. Open to the entire EBN community of electronics supply chain experts, these conversations see ideas shared, comments made, and questions asked and answered in real time. Listed below are upcoming and archived chats. Stay tuned and join in!