Bangalore, India, April 14, 2014: HID Global, a player in secure identity solutions, has released a white paper describing an emerging security environment in which users will have a seamless experience when using cloud-based applications and services, accessing data, and opening doors. This environment will move the industry beyond traditional strong authentication approaches, cards, and readers to simplify and improve how we create, manage and use identities across many different applications on both smart cards and smartphones. It will also enable improved efficiency through the centralization of credential management for multiple logical and physical access control identities across IT resources and facilities.
Tim Phipps, vice president of Product Marketing, Identity Assurance with HID Global, said, “This is an important time in the evolution of securing online identities and managing physical access control technologies. As organizations become more mobile and new technologies deliver greater security, efficiency and user convenience, there is growing demand for provisioning and managing IT and PACS credentials on a single card or smartphone –using a single set of processes. Our goal is to help our customers realize this vision and the benefits that a unified secure identity strategy can deliver.”
In the white paper, titled “The Convergence of IT and Physical Access Control,” HID Global identified key developments that are driving the industry toward tighter integration of credential management and a more seamless user experience for both logical and physical access control. These developments include:
Moving beyond cards: not only are organizations consolidating applications onto a single credential that can be used to control access to IT resources and facilities, they are also moving these multi-application credentials onto smartphones for improved convenience. This will make it possible for smartphones to grant access to everything from the door, to data, to the cloud.
Moving beyond readers: As users move to a model where they simply tap their smart card or smartphone to a personal tablet or laptop for authenticating to a network, there will be no need for a separate card reader. Users will be able to use their phone or smart card to “tap in” to VPNs, wireless networks, corporate intranets, cloud- and web-based applications, single-sign-on (SSO) clients and other IT resources.
Moving beyond costly and complex PKI solutions: The advent of Commercial Identity Verification (CIV) cards enables organizations to implement strong authentication for accessing data and opening doors, without having to purchase certificates from a trust anchor or pay annual maintenance fees as they do with PKI-based government Personal Identity Verification (PIV) cards.
Moving to true converged access control: Converged access control cards today are typically either dual-chip cards (where one chip is utilized for PACS and the other logical access), or dual-interface chip cards (carrying a single PKI-capable chip with both a contact and contactless interface to support both physical and logical access control). In the future, users will have the third option of credentials using a data model that can represent any type of identity information, on a card or inside a smartphone. This includes PACS credentials as well as OTPs for strong authentication, all of which can be used seamlessly across multiple system architectures. There will be one set of converged security policies that span both physical and logical domains, one credential, and one audit log.
In addition to the trends towards new technologies that enable convenient and highly secure strong authentication, these technologies will also make it possible for organizations to leverage the existing credential management infrastructure for achieving true convergence through a single device that can be used for many security applications. This will eliminate the need for separate processes for provisioning and enrolling IT and PACS identities. Instead, it will be possible to apply a unified set of workflows to a single set of managed identities for organizational convergence.