Security Business

JUL 2019

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link: https://sdi.epubxp.com/i/1141282

Contents of this Issue

Navigation

Page 84 of 108

S24 ACCESS CONTROL Trends And Technology | JULY/AUGUST 2019 business opportunities along with new technical and ethical challenges while strengthening the traditional modes of security. System architects require an even greater knowledge of information systems on top of a foundation in physical security to deploy trustworthy software and hardware components. Security managers are looking to improve security and increase convenience. They are seeking ways to grow employee satisfaction by transforming the process of entry into a frictionless experience, while asserting stronger authentication which prevents identity misuse. With regulations getting stricter for data centers, bank vaults, and other high value areas, biometrics are becoming a must for two-and three-factor authentication scenarios. In recognition of the low costs and risk of duplication, the traditional card and pin do not hold up for the security requirements needed by today’s customer. Physical security is becoming not only a general facilities concern, but more fundamentally an Information Technology (IT) concern. Protection of company assets is impossible without considering their value in an IT infrastructure, beyond the level network security with firewalls and anti-virus applications. Preventing access to physical machines and networking using biometric credentials is in keeping with a broader industry trend to phase out easily compromised techniques such as passwords and pins. Traditional access control systems permit physical access to premises based on the receipt of a recognized card number and allow logical access to a network or application based on the receipt of a recognized username and password. The person is not identified, but rather the card, username, and password are recognized. Adding biometric identification gives security managers certainty that the individual is physically present and that the credential cannot be shared or cloned. Security no longer involves simply physical access; it now must embrace digital access and the authorization to execute transactions and services using personal devices. Examples include leveraging biometrics built into mobile devices such as a mobile phones and electronic wearables to provide real-time requests for authorization to complete transactions, access systems, or to move data. Electronic objects and networks which may be connected and accessed using personal electronics include: • The onboard computer system in vehicles, such as automobiles and scooters • Medical devices, both external and inside the body • Financial accounts, payment systems, and healthcare systems • Entertainment platforms, such as video games and television • Exercise equipment • Luggage tracking • Home appliances and HVAC Systems • Access control door readers with Bluetooth technology In the world of digital security these are all considered “connected objects.” Biometric solutions play a mission critical role in the new world of “connected objects” to provide verification and trust (certainty) of an individual’s identity for frictionless, secure physical and digital access. Biometrics provides assurance that only an authorized individual can access their “connected objects.” This provides peace of mind, guaranteeing that a bad actor can’t take control of a vehicle’s onboard computer, a loved one’s medical device, or access a secure area or network in the workplace. Biometrics Defined Biometrics is the use of one’s own unique physical or behavioral characteristics for identification and authentication. Where you go, your biometrics goes. Biometric technology includes a capture device whether it be a camera, an optical sensor (contact or contactless), a keyboard or a microphone to acquire an individual’s raw physical characteristic (raw data). This data is then converted into a reference template, a digital representation typically using mathematical algorithms that are patented and proprietary. Biometric characteristics include face, iris, palm, fingerprint, finger vein, voice, gait, and keystroke patterns. Unlike passwords, biometrics are the only method that establishes a definitive link between our physical and digital identities. The biometric identifier, the reference template, may be a string of numbers or a random number. Biometrics verify and identify a person for the access control system to determine the rights or privileges (access, services, etc.) assigned to that individual. Biometrics Used in Advanced Access Control Systems We need our biometric identity to travel with us seamlessly in the physical and digital world; we require our identity protected, secured and available when and where we need it. Critical to the protection and securitization of one’s biometric identity is the assurance that it cannot be stolen, cloned, corrupted and it remains under one’s control. The biometric identity owner determines when, where, and how it may be used. An interesting way to accomplish this is using innovative technology that employs one biometric technology, such as facial recognition on a personal device, to decrypt an electronic container to release a second stored biometric technology such as iris or fingerprint for live matching to the biometric owner. Critical to providing security is a public key infrastructure (PKI). PKI technology provides the mechanisms for mutual authentication between “connected objects,” such as personal Biometrics is the use of one's own unique physical or behavioral characteristics for identification and authentication

Articles in this issue

Archives of this issue

view archives of Security Business - JUL 2019