“We’re excited to once again be extending our specifications throughout the security ecosystem,” said David Bunzel, executive director of the PSIA. “PSIA specifications range from video and video analytics to every aspect of area control, now including physical-logical access interoperability. We make standards-based plug-and-play interoperability a reality for the security industry.”
Kastle Systems initially brought the concept of an access interoperability specification to the PSIA board of directors earlier in 2013. The company then informally approached industry consultants and large end users to conceptually and technologically validate the concept before recommending the formation of a PSIA working group. The initial members of the new PSIA Physical-Logical Access Interoperability group consist of Honeywell, Ingersoll Rand, Inovonics, Kastle, Mercury Systems, Microsoft Global Security, Stanley Security and UTC. The group’s initial task is to frame the scope of the specification.
Logical and physical identities typically reside in separate and different systems. Employee roles in a company determine their access privileges, or policies, which typically are created and stored in the enterprise network directory. Synchronizing these access privileges between logical directory and physical access control systems involves proprietary, error-prone, time-consuming and expensive manual processes.
The new PSIA specification will build on standards already used in the logical identity and access management world, including Role-Based Access Control (RBAC-RPE) and Lightweight Directory Access Protocol (LDAP) to enable vendors and users to more easily map logical identities and their role-based privileges to physical identities, said Soleimani.
“Clients are interested in linking physical and logical identities, but don’t want to build and maintain custom interfaces between physical security and logical systems,” said Eric Yunag, president and CEO, Dakota Security Systems Inc. “The PSIA specification will enable us to unify identities and deliver the functionality our clients want cost effectively and without requiring them to restructure their physical or logical security ecosystems.”