Ten trends in the development of the access control industry in 2015

China's access control industry started late, but the development speed in recent years is very amazing. In 2014, what are the development trends of the access control industry?

The trend of the top 10 trends in the development of the access control industry 1: The entire industry will develop rapidly, from a static proprietary access control architecture to a safer, open and flexible solution that will provide customers with new products and technologies to promote business development.

As the security industry's situation continues to change and become more complex, organizations and decision-making leaders who are advancing with the times embrace the transformation with a new attitude and see it as an opportunity to achieve improvement and value creation, rather than hinder or contain business development. .

In today's society, proactive change helps ensure that an organization's access control solutions can respond to future threats and take advantage of other development opportunities and application capabilities outside of the access control arena. Future high-value applications may include electronic payments, attendance, secure print management, and secure network logins, and become part of a multi-layered security solution within the company's systems and facilities. By adopting industry-standard solutions such as OSDP two-way communication, as well as dynamic rather than static technologies, security functions can be protected from hardware and media, and the infrastructure can be further developed based on existing functions to adapt And respond to changing threats.

This view has not been recognized by everyone, and the entire industry is still evolving. In a survey of integrators and users, HIDGlobal found that fewer than 50 respondents upgraded their systems last year, and more than half had not upgraded in the past three years. Respondents with top-notch technology in the survey rated 75 as important or important, and half thought they did not implement the technology well or did not implement it at all. Similarly, 93 people agree that a series of best technical practice policies are important or important, but nearly 40 people say that their implementation is not good or not very good. We expect that as the change strategy becomes more popular, as the industry gradually understands how to grasp the opportunities for change, the above ratio will change.

Trends in the 10 major trends in the development of the access control industry 2: Combining access control and IT security functions will change the way companies operate and create new advantages.

Previously, access control systems and IT network login functions within an organization were separated from each other and managed by different groups. However, the boundaries between these two groups are now blurring. Organizations want to implement both the Access Control System (PACS) and IT identity functions on the same card (or smart phone), which can be used to open and log in to the computer, as well as other functions. In this way, users can enjoy a smooth user experience while ensuring access, data and cloud security. Through many different applications, organizations can also improve the way identity information is created, used and managed on smart cards and smartphones.

Users will soon be able to carry multiple access control certificates and one-time (OTP) dynamic passwords on smart cards or smart phones that use a single microprocessor. As a result, many companies are seriously considering adding security access control systems and desktop login capabilities to their devices and IT access policies, including improved efficiency, complete IT resources and devices, multi-tier desktop login and access control. Identity information management can be achieved by centrally managing certificates. Organizations will be able to achieve true convergence applications through a unified solution that they can use to access IT resources while enabling many access control applications. Organizations can use the same procedures to configure and register IT and PACS identity information, and can implement a unified workflow by implementing a unified workflow to a fully managed identity.

The trend of the top 10 trends in the development of the access control industry 3: In the context of rapid changes in the IT security threat environment, strong authentication technology is particularly important – and applied to access management.

Security experts are well aware of the importance of multi-factor authentication (also known as strong authentication), especially for the security of the IT industry. The industry is rapidly transitioning from simple passwords (information that users know) to other verification factors, including user-owned information (such as mobile or network dynamic passwords) and user identity information (biometric or behavioral instructions). However, users are increasingly tired of the inconvenience of hardware OTP, graphics cards, and other physical device two-factor authentication. While the industry is replacing hardware OTP with software dynamic passwords, and users can use it on mobile phones, tablets, and browser-style dynamic password devices, there are still security holes in this solution. A more secure and powerful authentication scheme is multi-application cards, which use a data model that can add any type of identity information and can be carried by a smart card or smart phone. Users can verify access to a VPN, wireless network, intranet, cloud and web applications, single sign-on (Single-sign-on) by carrying an access card (or phone) on a personal tablet or laptop. ) Client and other IT resources. There is no need to use other card readers or other devices for publishing and management, and no need to enter a password on the touch screen device.

The use of other verification factors will also gradually increase, including biometrics and gesture command technology. With custom gestures or motion commands, users can control a variety of RFID devices, greatly changing the way we interact with the access control system.

Trends in the 10 major trends in the development of the access control industry 4: Achieve strong authentication through multi-layered strategies.

Today's powerful verification solutions will increasingly protect the security of portals, data, and the cloud. As part of a multi-layered security strategy, they will provide multi-factor authentication for security. In addition to the multi-factor user authentication used in the first layer of security, there are four other levels of application in the firewall and the cloud, including verification of devices, channels, transactions, and applications. The effective application of these five security levels requires a comprehensive, universal verification platform with real-time threat detection capabilities. Threat detection technologies are sometimes used for online banking and e-commerce, and are expected to expand into related enterprise domains, providing additional layers of security for remote access applications such as VPNs or virtual desktops, including providing additional access to network records in the healthcare industry. Security layer. Today's healthcare providers are increasingly using digital and mobile technologies to care for patients – in some cases voluntary, and in some cases under regulatory pressure. With the popularity of these technologies, new challenges arise in terms of security and privacy, requiring a strong verification mechanism using a multi-tiered approach.

The trend of the 10 major trends in the development of the access control industry 5: Mobile access control functions will gradually become popular.

In 2014, the early stages of mobile access deployments are expected to begin, with smartphones having similar functions as card transactions, but limited by technology and business environment. In the subsequent stages, smart devices will take full advantage of on-board computing and multimedia capabilities to overcome constraints and enable more powerful and richer user transactions and experiences. After that, most of the tasks performed by the card reader and the server or the control panel in the current conventional access control system will be realized through the connection function of the smart phone. This includes verifying identity based on relevant rules (authorized access time) and using the GPS function of the phone (authorized access to the location). In this way, the user can be authenticated through the cloud application and the trust message can be passed through secure communication with the portal to allow access.

In this new mode, access decisions are made by mobile devices (rather than mobile control systems), and their identity information is provided by the gate (rather than the card). This role exchange is also known as binary functionality, which changes the way in which access control solutions are provided. Organizations' reliance on the high-cost infrastructure needed to connect servers, control panels, and readers will be reduced – only electronic locks that respond to mobile device encryption “open” commands are required. With this more economical and simplified model, the entire industry can provide security for more assets, internal portals, filing cabinets, storage devices, and other areas that were previously too expensive or complex to protect.

The trend of the 10 major trends in the development of the access control industry 6: We will enter a new era of NFC verification services.

In an emerging model, many items in the public area can be tagged with Near Field Communication (NFC) RFID tags to determine their unique identity so that they can be passed through a contactless reader or any NFC smarter in the future. Phone or tablet for easy verification. This verification model will open the door to a variety of new transactions and services, including verification of items and documents, secure management of the chain of custody, warranty and other transaction data, and access to intelligent digital publishing systems (Digital Outdoor Marketing - DOOH) Network link, access record (Electronic Visitor Verification - EVV), and authorizing a phone to operate in an organization's virtual telecommunications system.

These and other application functions need to be implemented in the NFC tag and the trust mechanism established in the interaction with the application. Without such a trust mechanism, related tags would be reconfigured or replicated, resulting in falsification of authentication information, fraudulent transactions, increased user mobility and network security vulnerabilities, and increased privacy threats. To this end, there is a need to provide trust mechanisms and security mechanisms for NFC tags that are readily available in these applications to ensure they are valid between uses, thereby eliminating the inherent risks associated with using NFC tags. To ensure this trust mechanism, NFC tags are not only required to have encrypted signature data elements, they cannot be copied or modified without detection, but also provide secure cloud authentication services and are supported by a proven service infrastructure. If you have this ecosystem, you can develop a suitable application that enables NFC-enabled smartphones or readers to exchange tag information with a secure cloud server, and verify that the tag is authentic and reliable, proving its existence, Return this analysis to your smartphone or card reader.