solutions Biometrics integration

Transcription

1 Biometrics integration Challenges Demanding access control and identity authentication requirements drive the need for biometrics. Regulations such as Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA) require organisations to monitor and control access to private information. Because biometric solutions rely upon non-transferable data, they are ideally suited for access control applications. Government mandates such as the U.S. HSPD-12 mandate the use of multi-factor authentications for government employees and contractors. Solution in brief There are many types of biometric technologies including hand geometry, iris recognition, vascular pattern recognition, voice recognition, and the most common, fingerprint recognition. As each of these biometric factors is considered unique to a single individual, biometric solutions can be used either independently for single-factor authentication or in combination with an access control card and/or password for multi-factor authentication. There are two types of biometric authentication techniques: verification and identification. Identification is typically used in law enforcement agencies for background checks. It works by comparing a biometric template to templates in databases. Verification is more widely used in the commercial space and is also known as 1:1 authentication. This type of identity verification requires multi-factor authentication. Here is one example: Main products & systems: - Security systems Bioscrypt biometric readers A person is granted access permission to a secure area and enrolled in a biometric database. This is accomplished using whichever biometric authentication technology is to be employed. During this initial enrolment, a template is created based on specific unique identification factors that have been collected. This template is encrypted and stored on an access card. As the enrolled person accesses doors requiring biometric authentication, an access card reader establishes the identity of the individual attempting access. The biometric element of the access reader then compares the presented biometric (hand, eye, finger, etc.) with the stored template and if a match can be made, access is granted at that door. Today, in the physical security space, the majority of biometric installations use smart cards with templates stored on the card. These are integrated with the access control system. Biometric readers in these installations use the verification technique. In an integrated system, once the reader detects a match, it sends the access card numbers to the access controller. The access control system looks up

2 an access list to search for the card number presented. If the card has access to the door, the access control system unlocks the door. Otherwise, the door will remain locked. Value proposition Biometric attributes are unique. They can't be stolen, misplaced, forgotten or copied. This makes biometric authentication applications more secure and convenient than other authentication methods. Biometric authentication provides the most secure business environment possible because it is unique to the individual and tamperproof. The integration of biometric devices with Schneider Electric's security management solutions eliminates the need for separate biometric management software. All administrative functions and template management are handled by a single user interface. This integration reduces operating costs by decreasing the time required for operator training and reducing the number of administrative staff required to operate the system. The integrated security management platform also streamlines the credential vetting process, thus simplifies security operations. Differentiation factors An open interface between the access controller and any biometric reader supports a Wiegand format output. Tight integration with selected biometric manufacturers provides a single user interface for administration, credential provisioning and access privilege assignment.

3 Architecture

4

5 Powered by TCPDF ( solutions Main characteristics Organizations in regulated industries with the necessity to protect confidential information have been early adopters of biometric technologies. Biometric technologies are seen commonly in healthcare facilities where sensitive information is stored, enterprise data centres, and high security facilities such as airports, ports and nuclear facilities. Biometric authentication is required for access control in many transportation segments, including trucking and freight transport. Biometric readers are mainly network based, supporting the standard Ethernet network. However, they also support many serial communication protocols to support installation in the retrofit market where an existing serial network is already in place. Biometric readers can also operate independently, in a stand-alone environment, without any network connectivity or communication with a central management system. In the stand-alone mode, the reader is using the biometric template stored on a smart card to authenticate with the template from the scanner. In a centrally managed system, the reader uses either the template stored on the smart card or a template that has been downloaded to the reader from the management server. Centrally managed network modes also allow added functionalities, such as reader administration, custom messaging and maintenance. Biometric templates are captured during the enrolment process. Biometric enrolment can be performed by using either the reader's administration application. Or enrolment can be performed via the access control management system when the two systems are integrated. Access control biometric integration is the preferred method, as it provides a single repository for card holder information and a single user interface. Biometric readers are connected to the standard access control reader inputs. Card numbers are transmitted to the access controller in Wiegand format using this connection. The normal sequence of operation is as follows: i. A card holder presents the access card to a biometric reader ii. The biometric reader accesses the template stored in the access card iii. The biometric reader captures the biometric by scanning the user iv. The readers compares the template to the scan v. If the templates match, the reader will transmit a valid attempt signal for that access card to the system controller. If the template and scan do not match, the reader will transmit an invalid attempt message to the system controller. vi. The Access system will validate the user's access privileges and if valid, send an unlock command to the door. In any case where the either the template does not match the scan, or the user does not have permission to access the secured space the door will remain locked and a denied access event will be logged in the access control system database.