Logical, physical security integration challenges


This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."

Download it now to read this article plus other related content.

For example, the SIM can correlate security events from a UNIX system with the physical access system and detect when a user has left the physical premises but tries to log in to the UNIX system console within the data center. Similarly, the SIM can correlate events from Microsoft Windows and the physical access system to spot when a user has physically entered the Los Angeles campus but authenticated to Active Directory via a workstation in Chicago.

SIM vendors include ArcSight, CA, IBM, Novell and EMC's RSA. Some SIM products are directly aimed at providing physical security event correlation. For example, 3VR's suite of products works by recording events to a digital video recorder (DVR) and indexing the events--which makes them searchable--from the local console or another SIM product.

Contextual Authorization
Let's take the previous example to the next "logical" step: Is it possible to stop the user from authenticating via the workstation in Chicago when we know that he "badged" into the Los Angeles office? That's the goal of PL contextual authorization. For example, Imprivata's OneSign product is capable of denying access to Active Directory and other IT platforms based upon whether the user has badged into the building.

What's Against This Union?
One major impediment to the success of PL convergence is the typical separation of the two departments responsible for physical and IT security. It's not an easy fix, as physical

    Requires Free Membership to View

and IT security teams have separate reporting structures and haven't culturally mixed well. Essentially, there's been a distinct division between the security guards and the geeks.

In addition to organizational challenges, there are physical problems to overcome.

Due to acquisitions and other factors, most large organizations have a patchwork of physical access systems at varying stages of maturity. For instance, an organization with thousands of locations may have physical access technology from centuries-old lock-and-key systems to swipe-style (think credit card) to contactless systems. There are two dimensions to this patchwork problem. First, some of these physical systems lack the required interface to connect to IT systems, which precludes them from participating in PL convergence. Second, the multiplicity of different physical access systems generally prevents the use of a single authenticator for users who move between locations.

This was first published in September 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: