Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Convergence of Logical and Physical Access Control for LSEC IAM Conference 20091003 Leuven (English)
1. The convergence of
logical and physical access control
Thomas van Vooren <thomas.van.vooren at everett.nl>
www.everett.nl
www.everett.nl
2. Agenda
▶ Necessity of convergence;
▶ Convergence architecture;
▶ Benefits of convergence;
▶ Approach and takeaways.
2
3. We are in our 10th year of business
as middleware specialists in the field
of identity management and application
integration
Experienced
80 consultants, projectmanagers,
Consultancy, architects and engineers
Pan-European Track record.
Systems Integration,
For…
Solution Support
Everett
Technology Platforms
Architecture
Partnering
Delivery Scalability
Blended Shoring
with India
4. Clients
Everett
We’re proud to work for leading
Corporates & institutes!
Offices in the Netherlands, United Kingdom, Italy & India
Projects in all neighbouring countries, all the way
Europe+ to Russia, UAE and South Africa
Everett International servicing all markets outside
NL, UK, Italy & India
5. Why is convergence relevant?
▶ The cost of security keeps rising, across society:
Increasing number of services subject to access control (both logical and physical)
Necessity to grant access to an increasing variety of users (internal and external)
▶ Access control is mission critical in various industries, both logical and
physical:
Aerospace, Finance, Public domain, High-Tech Industry, etcetera.
▶ Means to establish access control are expensive:
Smartcards, readers, access gates, IT-access management systems, administration,
etcetera.
▶ And isolated solutions are insufficient to provide the required level of
security and controlled risk:
Gaps in the process of granting and revocation of authorisations.
Incomplete coverage of risks. 5
6. Traditional seperation of logical and physical domain
HR / CRM
▶ Seperate administration process to
manage identity and credentials;
Card Identity ▶ Various means of authentication;
Management Management
▶ Separate security domains (not
Access
cohesive).
PACS
Management
6
7. Convergence within the enterprise
HR / CRM
Card Identity Consolidation of identity
Management Management and token lifecycle
(preventive control)
Access Context based access
PACS
Management (preventive control)
Monitoring Correlation of security
events, consolidated reporting
(detective control)
7
8. Convergence with an external provider
External
HR / CRM Token
Provider
Card Identity Consolidation of identity
Management Management and token lifecycle
(preventive control)
Access Context based access
PACS
Management (preventive control)
Monitoring Correlation of security
events, consolidated reporting
(detective control)
8
9. Cross domain convergence
3. External External 1. User
user is granted HR / CRM Token HR / CRM is created and
authorisations at the Provider assigned a card.
servicedesk
Identity
Card Identity & Identity Card
Management Management Token Management Management
Broker
2. Identity and card
Access information is Access
PACS PACS
Management exchanged Management
Monitoring Monitoring
9
10. Typical benefits of logical and physical convergence
▶ Lower cost of ownership:
Reduced administration cost
Reduced token costs
▶ Improved security:
(often) stronger authentication (2-factor)
Traceability
Context based access (e.g. logical access only on site)
▶ Improved compliance:
Consolidated auditing and reporting across physical and logical domain.
▶ User friendlyness:
Same token for multiple access domains;
Reduced or single sign on. 10
11. The road to convergence
▶ The key to convergence of logical and
physical access is cohesive identity and
autorisation management.
▶ Determine architecture, solutions fit for
requirements and desired benefits.
▶ Bring together facility management department and IT department.
▶ Attention to both organisation as well as technology;
Touches both policy and work processes across departments;
Interoperability card and infrastructure.
11