PSIA-Compliant Access Control Solution to Debut at ISC West

By David Bunzel
Executive Director, the PSIA

PSIA members Inovonics and Mercury Security will literally demonstrate the business value of a standards-based approach to security solutions at ISC West this year.

The companies recently jointly announced that in compliance with the PSIA’s Area Control specification, Mercury will integrate Inovonics' EN6080 Area Control Gateway (ACG) with  Authentic Mercury™ branded hardware to offer the industry's first integrated access control platform with Enterprise Mobile Duress (EMD) capabilities.

A complete demo of the solution showcasing integrated access control with Enterprise Mobile Duress will be on display at ISC West at the Inovonics booth at ISC West (#16109). The demo will provide a great way to learn more about how Mercury and Inovonics are using the PSIA specifications to quickly bring a powerful integrated solution to market. It will also demonstrate why the industry will benefit from standards-based solutions and how the PSIA can help members deliver them.
 
“It is gratifying to partner with an industry leader like Mercury Security that shares our same passion – taking an open standards-based approach to delivering integrated, best-of-breed solutions," said Michael Slack, vice president of technology and business development at Inovonics, in the companies’ joint news release.

"Together, we have a solution that is the first of its kind, merging access control with Enterprise Mobile Duress – made possible by utilizing open standards and leveraging existing security infrastructures. The end result is a seamlessly integrated, intelligent security system that yields reduced installation time while minimizing incremental costs. Our partners have requested this capability and now, together with Mercury Security, we can deliver it," Slack said.

The new integrated Mercury access control platform with Inovonics' Area Control Gateway (ACG) and duress pendant system allows partners and resellers to leverage their customers' existing security infrastructures while adding the tremendous value of EMD at a minimal incremental cost. Using panic buttons as a "credential," security personnel can track the identities and locations of the persons assigned to each pendant as they enter and move throughout buildings and secure areas. Combining access control together with Inovonics' EN6080 ACG location capabilities in this way ensures greater response time when safety issues arise.

Inovonics (www.inovonics.com) is a leading provider of enterprise life safety and specialized commercial wireless systems, and Mercury Security (www.mercury-security.com) is a global leader in the supply of OEM access control hardware.

# # #

Physical-Logical Access Interoperability (PLAI) Specification Update

By Mohammad Soleimani

Chairman, PLAI Working Group, the PSIA

CTO, Kastle Systems

A standardized means of synchronizing physical and logical identities, privileges and even credentials is close to reality. The PSIA’s Physical-Logical Access Interoperability (PLAI) Working Group, which includes Allegion, Inovonics, Kastle, Mercury Systems, Microsoft Global Security, Stanley Security and UTC, is very close to releasing a draft proposal for the PLAI specification.

    The PLAI specification ensures the logical and physical access privileges associated with an employee’s role are always synchronized. Further, the PSIA’s PLAI will enable automated inter-PACS interoperability in the market for the first time. End users and integrators have been requesting all of this functionality but until we developed the PLAI specification, the only “solutions” have been highly manual; error-prone; time consuming to implement; and expensive.

     The PLAI specification builds on standards already used in the logical identity and access management world, including Role-Based Access Control (RBAC-RPE) and Lightweight Directory Access Protocol (LDAP). These will enable vendors and users to more easily map logical identities and their role-based privileges to physical identities. In turn, that enables enterprises to cost effectively:   

• Ensure persons are physically present before allowing them to log into applications and databases to shore up cyber-security defense.
• Streamline privilege management and reduce security administrative costs.
• Reduce multiple access cards because PLAI’s inter-PACS interoperability automates the process of enabling an access card associated in one vendor’s PACS to be used at entry points associated with a different PACS system as long as the card readers are the same. 

     These capabilities and more could change how the industry manages physical and logical identities. We’re very excited about our work on the PLAI specification and look forward to sharing more about it soon.
            ###

Catching Up with the PSIA

from David Bunzel, Executive Director, the PSIA
 
Even as we count down Punxsutawney Phil's six more weeks of winter, the PSIA is gearing up for the spring ISC West show and building on our many accomplishments last year. 

Here are just a few items on our to-do list: 

• ISC West planning is under way. Watch for developments with the new Physical-Logical Access Interoperability (PLAI) specification and other exciting announcements. 
• The PLAI Working Group is making great progress. If you haven't, do check out the white paper explaining more about this specification-in-progress.
• Our Recording and Content Management (RaCM) specification is being enhanced with the addition of a software profile. RaCM-compliant systems can easily integrate digital video data into their functions.  
• We'll also be communicating more frequently through this blog and Twitter, so please follow us at @PSIAlliance.org and use our hashtag #PSIASpecs when tweeting about security specifications and standards.

Our members’ continued support will help us surpass our 2013 achievements, which included well attended events at ISC and ASIS, the launch of the PLAI Working Group and the release of Area Control 2.0. PSIA specifications deliver superior security solutions that cost less to implement, manage and maintain. That's what users want, and the ability to deliver them adds up to a competitive advantage for security vendors compliant with PSIA specifications. That's an excellent reason to put complying with PSIA specs on your roadmap this year.

Big Data Gives Standards-Based Security Big Opportunities

by Larry Lien, chairman, the PSIA; vice president, product management, Proximex

“Big Data,” which is a hot business topic, is made up of vast quantities of “little” data from an amazing array of sources. In the security realm, video images, people counts, door events, sensor readings, card swipes, biometric readings, RFID tags, alarms and alerts—taken together, these and more comprise the Big Data our industry generates.

Sophisticated data analytics can parse physical security data combined with other data to reveal valuable patterns and correlations. A city’s tourism bureau might combine historic weather data, video images and crowd counts from various venues on specific dates to understand tourist behavior patterns better and how to tailor discount offers to send to smart phones. Meanwhile, a security director might use the same data to scale resources more efficiently across different venues based on predictive analytics forecasts of trouble spots.

In short, security systems gather unique data that can be used to generate additional business value beyond securing the enterprise. PSIA members building our specifications into their tools and systems will be well positioned to be part of the data revolution. Standards-based systems integrate faster with enterprise IT infrastructure and its tools; share data and intelligence more easily across many platforms; and eliminate the need for expensive and difficult-to-maintain custom interfaces.

During the upcoming ASIS annual show, the PSIA will again be demonstrating how our Working Groups are anticipating and acting on security, IT and business trends. Members adopting our specifications are positioned to deliver business value alongside better security solutions. You don’t need Big Data analytics to know that’s a winning proposition in today’s markets.

(Please join us at the PSIA's Enterprise User Interoperability Showcase at ASIS on September 23. Register here to reserve space for you and your colleagues.)

Access Control Standards Revolution Now In Progress

We wanted to share our perspective on access control standards adoption after reading a recent news release from IMS Research. This release indicated that “open standards for access control could bring a dramatic change for vendors and alter the face of the access control industry as it is known today.” We agree. Our perception, in fact, is that the industry is much further along toward embracing open access control standards than the release authors appreciate.

First, we see firm support among access control vendors for building open specifications from the PSIA into their product roadmaps. Leading access control companies, including Assa Abloy, HID, Honeywell, Kastle Systems, Stanley, Tyco/Proximex) ,UTC/Lenel and Verint sit on our board of directors and have participated with time, money and talent in our various working groups. They helped develop the PSIA’s Area Control Specification, which includes access control and intrusion detection. (The IEC, an international standards body, and the PSIA are in discussions about a global access control standard, in part because of the robust features of our Area Control Specification.)

All our members also understand standards do not prevent them from being innovative or addressing specific customer needs but rather make it easier for their systems to communicate unique data and intelligence to other systems and devices. Today’s most influential technology developments, including mobility, Big Data analytics, consumerism, the Internet of Things, all call for more interconnected devices and users. Security industry systems and tools must be ready to easily integrate with growing networks of sensors, apps, smart mobile devices and digital tools from other industries. Standards will help the industry accomplish this.

From an economics perspective, widespread use of the PSIA’s Area Control Specification will make it easier for users to get residual value from their closed, proprietary systems. Because all PSIA-compliant tools share the same common event vocabulary, only one “translation” is necessary to connect a closed system to a comprehensive set of security tools. Contrast that to writing (and maintaining) dozens of unique interfaces to link a closed system to modern tools.

Finally, at the spring IFSEC security show in Birmingham, UK, we spoke with many VMS manufacturers who told us they need to build richer access control functionality into their systems and want to investigate the PSIA’s Area Control specification. They underscored the message that integrators, consultants and end users want the ability to share intelligence across and beyond the security ecosystem, such as to building automation and enterprise systems.

IMS Research says open standards will reshape access control; we at the PSIA already see that evolution under way.

Emerging Issues in Access Control

We had some thoughts about a recent post by Kim Kornmaier on the Honeywell Security Channel blog.

One way security integrators and consultants can address the access control issues laid out above is by using products and systems that comply with the Area Control Specification and/or the Access Control Profile (http://psialliance.org/AreaControlOverview.html) from the Physical Security Interoperability Alliance (PSIA).  

PSIA-compliant products all share the same event vocabulary. With the Area Control specification, systems and components from different manufacturers can quickly share data about terminated employees or unauthorized access. Security professionals need only enter the revocation command once; it will then propagate automatically to the other systems. Access privileges across a corporate or campus network are cancelled within minutes, with minimal effort, greatly improving security.

A clear common vocabulary across compliant components also makes it easier to integrate IT security and physical security systems to address potential blended threats. In addition, that commonality means consultants and integrators can add vital new components into legacy security solutions more quickly. That’s because they only need to map the legacy systems’ communication to one PSIA-compliant vocabulary, not many different interfaces.

Finally, because the PSIA specifications are created by leading industry vendors, the specifications reflect industry demand, including support for cloud, wireless and mobile security solutions.

Vendors like HID, Ingersoll Rand (Schlage), Kastle Systems, Honeywell, Mercury, Proximex, and ASSA ABLOY are all actively implementing these specs into products. Inovonics has already introduced a PSIA-compliant access control wireless gateway, and we expect to see more commercially available solutions soon. So the industry is well at work on meeting these emerging issues for end users.  

Notes on ISC West from Dave Bunzel, Executive Director, the PSIA

Though the three days of ISC passed in a blur, one thing was crystal clear: Standards are an increasingly important focus for the industry. Integrators, specifiers, and manufacturers with whom I met are increasingly aware that standards are necessary to help the physical security world to present compelling value propositions and to interoperate effectively with modern, business-changing technologies, from a wide range of mobile platforms to intelligent devices that generate a rich pool of data to increasingly powerful algorithms for analyzing the resulting information.

Look at several of the major products recognized by the Security Industry Association (SIA) in its New Products Showcase.  Honeywell, a PSIA member, won in the Intrusion Detection and Prevention Solutions category for its LYNX Touch L5100, a system released last year that supports the intelligent home concept and is controllable by non-security industry devices, including iPads and smartphones.

Similarly, Stanley Security Solutions took the honors in the Entry/Exit Screening Systems and Asset Tracking category with its AeroScout MobileView Locator for iPad.

Innovative Security Designs (ISD) took “Best New Product” honors in the NPS with what it says is the first Microsoft Windows compatible IP surveillance camera. The camera is built on Microsoft’s Embedded Windows– thus making it compatible with other key Microsoft corporate products, including SharePoint and Active Directory. (For more, see this story at SecurityInfoWatch: http://bit.ly/10bXeEG).

PSIA member Inovonics received an Honorable Mention in the Intrusion Detection and Prevention category with its recent introduction of the Echostream EN6080 Area Control Gateway.  The first PSIA-compliant device to provide IP-based interoperability of leading access control, video and area control systems, the gateway enables integration, configuration and management of thousands of wireless devices; establishes interoperability among multiple physical security systems and creates a common communications platform on which to build custom commercial security solutions. (Find the release here: http://www.inovonics.com/inovonics-launches-en6080-area-conrol-gateway/)

It does take time for standards to take root—and once they do, they spread rapidly. The PSIA’s specifications have been cultivated by a broad range of companies focused on solving industry needs, not just one or two large vendors protecting their turf.  Now we’re poised to help the physical security industry deliver better solutions more cost effectively and enable its participation in a broader IT ecosystem and the “Internet of Things.” Given the sharpened focus on standards I saw at ISC, the PSIA compliance is poised for a year of exciting announcements, accomplishments, and will gain strong traction in the market..