By Cindy Tschanz

Nowadays, the business world is changing constantly and becoming more complex.  A company’s employees, visitors, customers and contractors all require different levels of access to different areas at different times and for different reasons.  With global organisations, staff travelling between locations may need to carry a number of access cards between offices.  Controlling all these cards presents its own problems, but there are additional security issues that arise in situations where sheer size and complexity may result in unauthorised persons obtaining access to resources. 

The increased security risk -- both in terms of physical and logical access -- combined with the demand for increased security in data exchange over networks, growing maintenance costs and the inconvenience for cardholders has led to large corporations looking for a comprehensive, strategic approach to integrate access control and logical access within one new security concept.

To meet such security requirements, the industry developed technologies (such as contact and contactless smart cards) that can consolidate logical and physical access on a single card.

Multiple secure applications for processing personal identification credentials, privileges and access rights that include cryptographic protection of the information have become the key to global corporate ID schemes.

Smart ID cards constitute a cost-effective and flexible solution, one that addresses requirements throughout an organisation.  A single smart ID card can incorporate multiple technologies; incorporate both new and legacy access control systems as part of an overall migration plan to the new access control technology.  Badges for employees can support a range of security profiles depending on the level of access required for the employee.

During the design of a new global corporate security infrastructure it is crucial to consider that local access rights, which include logical and physical access privileges, are the responsibility of the local offices, as only they can judge which employee needs to get into which door or which server.  In a new global security infrastructure the same principle must apply in order to get the internal acceptance of such and even more importantly to maintain the same proven local security policies.

SINGLE-APPLICATION ACCESS CARDS

Traditional single-application access control systems, only link their own access application to one card.  The application and the card share one life-cycle.  Access control system administrators usually control changes to the access rights within their back office systems.  These traditional access control systems are therefore card management systems and access management systems combined in one solution.

For example, ANDiS card management system from Bell ID maintains these two roles but also steps in when a card that was issued by access control system A needs to be used in a different office with a different access control system, B.  In such cases, the system receives enrolment data from system A, enriches it potentially with additional data and sends it to all the other access control systems to which this person should have access.

In this way, organisations with multiple locations can use the automated application management function to ensure the integrity of application data and improve system security, ensuring (for example) that a card issued at one location is valid at all locations, or that a change in application status at one facility is implemented immediately across all locations.

One access card can be used within several access control systems, while all access control systems still maintain the authority to decide which access level will be granted for a particular employee at a particular time.

Furthermore, systems such as ANDiS card and application management system assure that information is consistent among databases, providing a complete audit trail that tracks issuance, updates and expiration, or revocation of cards and card applications.

ANOTHER CRITICAL ROLE

In multi-application card projects (i.e. combining logical and physical access) card management systems play another very important role.  Biometric templates for physical access or digital certificates for logical access will usually need to be updated from time to time on the card.  To avoid the re-issuance of cards, some card management systems enable the use of web-based tools that allow individual users to add, modify or delete applications securely without requiring an administrator to make such changes.

In these cases, the card and application management systems also control and track the status of each application loaded on each card.  Managing the life-cycle of an application is fundamentally different from managing the life-cycle of a card.  The functional area issuing the card (for example, the facility department) can be separated entirely from the functional area managing an application (for example, IT or HR).  Centralised card life-cycle management requires the issuing entity to be responsive to initial card production and for providing an interface to application providers for loading, personalising and updating applications.  Typical card and application management functionality includes:

• Centralised administration of card issuance, with an interface for each application for loading of applications and personalisation.
• Centralised administration of cards and applications, applying decision of authorisation rules for adding, modifying, blocking or locking (and unblocking or unlocking) applications and administrating roles
• Implementation of event-based changes to an application, such as blocking privileges for a lost card or locking an application if card usage is suspicious
• Process for addressing user-based requests to add applications and add or modify privileges and for personalising cards securely after they are issued
• A central audit trail of card application life-cycle state transitions
• User support and access to life-cycle state data

POST-ISSUANCE PERSONALISATION/ SELF-SERVICE

To benefit from the capability of a smart card to load or modify applications after the card has been issued (so-called post-issuance personalisation), a sophisticated card management system must provide a post-issuance personalisation/self-service module, which allows a cardholder to load or update additional applications onto their card, from any PC that is connected through the Internet.  This capability also allows an organisation to add other applications in the future, such as electronic purses, smart card-driven vending applications, etc.

Due to the fact that information on a smart card may change dynamically within smart card-based ID schemes, it is necessary to track the life-cycle of applications on a card as well as the life-cycle of the card itself.

At the simplest level, life-cycle management can be thought of as a database linked to a specific access control application.  The database records information about lifecycle state transitions and data such as the following:

• The card type, such as an employee, contractor or guest card
• Card request and authorisation information
• Card personalisation information including the operation system version and chip data; personalisation data, including visible elements such as a photo, signature or barcode; database links
• Application management information including the status of privileges (issued or updated); card expiration, replacement and re-issuance information; Application activation, suspension and resumption (reversible block and unblock); post-issuance of applications.

Access control card inventory can be tracked and audited to protect against unauthorised card issuance.  Card and application management systems including ANDiS subsequently track all additions or changes to the data stored in each individual card, and simplify the process of card re-issuance, assuring that the new card has the same set of applications and application parameter values included on the initial card.

In conclusion, we evaluated that most corporate organisations want to use a single process to manage their employees’ authorisation, access and privileges.  The main advantage for these corporate organisations, therefore, is to have a centralised card and application management system so that their employees have only one badge to maintain.  This will not only reduce the odds of a badge being lost, forgotten, or damaged but also increase the security level.  Migrating to newer access control technology including a smart card and application management system can be economical and relatively straightforward.

Cindy Tschanz is Marketing Manager of Bell ID B.V (www.bellid.com).