EXPERT RESPONSE
Using HID card readers and proximity cards sounds like the cards control both logical and physical security access: the physical controls for access to the facilities themselves, and the logical controls for access to computer systems and networks.
These card readers are contactless, meaning the card is brushed by the reader, rather than inserted or swiped.
Merging logical and physical security is becoming increasingly common because it provides a single point of control for all types of access. An employee's access can be changed globally by making one change to his or her profile in the system. It can also save an enterprise money, since one badge or card is used for all purposes, rather than having separate systems for access to computer networks and facilities.
With that in mind, the software should be compatible with both physical and logical infrastructure. It should mesh with existing identity and authentication management systems, but especially with directory stores, such as Active Directory and LDAP. With an Active Directory shop, for example, it's important not to rip out the plumbing for a system more compatible with LDAP.
The software should also provide for encryption of the authentication data on the cards, both at rest in data stores and during transmission from the HID card readers back to the IAM systems. Depending on the type of system used, make sure the software is compatible with ISO 14443A, the leading standard for contactless cards. This standard defines common protocols for transmitting the data between the card and readers, making it easier to integrate with existing IAM systems. .
The software should also come with a development kit, so it can be customized to meet specific needs and be compatible with the different type of readers.
More information:
|
