Ingen bildrubrik

Download Report

Transcript Ingen bildrubrik

POC Security System
High security system combining PIN-on-Card, information security,
physical access, control and alarm – all in one system
Balancing securtiy, cost and convenience
Security
•
•
•
Convenience
•
•
•
Easy to use
Contact-less
Mobility
Advanced
encryption
Copying
PIN eavesdropping
X
X = target position
Cost
•
•
•
Card
Reader
System
integration
Securing the PIN
•
A typical PC is not secure
•
PIN/Passwords entered from the computer's
keyboard are easily intercepted by Trojans
•
Information stored as files on a computer’s
hard disc is easily copied by Trojans
•
Keys must be stored outside the computer
•
PINs must be entered on a device outside
the computer
•
Cryptographic operations must be
performed outside the computer
Today - security, cost or convenience
•
Smart Cards
– Security: Need advanced external keypad
reader to secure PIN over the Internet
– Cost: Expensive keypad readers
– Convenience: Sensitive, not for outdoor use
•
RFID / Proximity cards
– Security: Information can be read out remotely
and needs advanced external keypad reader to
secure PIN over the Internet.
– Cost: Expensive readers
– Convenience: Robust, contact-less and
convenient
Combining security, cost and convenience
+ Smart Card
– Intelligent and high
security, can not be read
out remotely
– Large data storage
+ RFID Card
– Contact-less
+ Keypad reader
– Prevents PIN
interception
PIN-on-Card
Introducing the PIN-on-Card (POC)
•
Highest level of security
– Security resides on the card, not reader or system
– 128-bit AES ( RSA, 3DES )
– PIN never leaves the card
– Secure data storage (32 kBytes)
•
Low cost
– Robust cards and readers, no slot, no moving parts
– Low cost for readers
•
High convenience
– One card - multiple systems/functionality
– Contact-less
– High level of automation
POC Security System - for interoperability
PIN-on-Card (POC)
POC
Desktop
reader
Client
PC
COM/ActiveX
TCP/IP
Physical I/O
Ethernet TCP/IP
LonWorks FTT-10
GSM/SMS/GPRS
X10
RS232+485
SNMP
COM/ActiveX
SQL
ODBC
COM/ActiveX
XML
POC
Wall
reader
POC
Controller
POC
Server
software
POC
Management
software
Core features of POC Security System
•
•
•
•
•
•
•
“Virtual” Access Control
– The POC is used to login to programs and services
“Physical” Access Control
– The POC is used to open doors, control alarms etc.
Alarms
– Integration of burglar, fire and duress alarms
Control and system interoperability
– Control and integration to third-party systems
Programmable Logic Control (PLC)
– Very flexible configuration options
Remote system administration
– The system can be securely managed and
monitored remotely
Off line operation
– Full security even when not connected to a PC
Typical system setup
Workstation
POC reader
TCP/IP Network
LAN
Server
application
and
Database
POC Controller
2 POC readers
Workstation
POC reader
GSM
LonWorks Network
POC
Controller
POC reader
LonMark
Nodes
GSM
LonWorks Network
POC Cont.
POC Cont.
X 10 Powerline comm.
POC Cont.
POC reader
X 10
node
X 10
node
POC Controller unit features
•
•
•
•
•
•
•
•
•
•
•
Highly integrated, multi-functional control unit
Functional logic fully programmable
6 Alarm monitoring inputs with fault detection
– for standard alarm sensors
5 Control outputs
– for lock strikes, indicators etc.
Connects to 2 wall mounted POC readers
Integrated Abloy 8164 NetLock interface
Integrated Ethernet interface
Integrated FT/10 LonWorks® field bus
Integrated X10 interface
Integrated GSM/GPRS module for SMS
messaging and host communication
Integrated backup power - up to 60 hours
POC Security System Management Software
•
•
•
•
•
Fully programmable in a
Programmable Logic Control
(PLC) like manner, gives a very
high degree of flexibility
System- and card management is
also secured with a PIN-on-Card
Full system security and integrity,
even when operated over the
Internet
COM Component based, enables
third-party extensions
SNMP extension agent allows
system monitoring within existing
network management tools
Remote system administration
•
•
•
•
System administration rights are verified
with a PIN-on-Card
Strong authentication allows secure system
administration, even over the Internet.
Events and alarms can be received as SMS
Events can be monitored with SNMP without
affecting system security
Programmable Logic Control (PLC)
•
•
•
•
The POC Controller can be viewed as a
large switch matrix
Complex functions and dependencies are
fully programmable and can be finely tuned
Inputs and access control status together
with tools as logic expressions, timers and
flip-flops can control the full behavior of the
system
SMS, LonWorks® SNVTs and X10 can also
used as control terms
System Interoperability
•
•
•
•
•
POC Security System seamlessly integrates
with LonWorks® installations through
Standard Network Variable Types (SNVTs)
Direct interfacing between POC Security
System and components from 100+ thirdparty vendors
The integrity of the security system is
maintained
Information about access control and alarm
status can affect the rules for the Building
Automation (BA) system
Information in the BA system can affect the
rules for the access control and alarm
system
Conclusion
•
•
•
•
•
Strong identity and audit trail
throughout the system
One system/control unit for overall
security needs
One system/control unit provides
cost effective infrastructure and
administration
One card for all needs
Combining high security, low cost
and high convenience
Security
Convenience
X
Cost
X = POC Security System