Communicating access control information across multiple platforms is simplified with the PSIA's PLAI specification |
The Physical Security Information Alliance (PSIA) is looking to solve the challenges of communicating access control information across multiple platforms with its new Physical-Logical Access Interoperability (PLAI) specification. Historically, integrating multiple access control platforms with human resource (HR) or other systems in a corporation required specialised software or custom programming. However, using the new specification, interoperability among systems can be simple and standardised. In effect, PLAI enables employee identities and roles defined or revoked in an authoritative logical identity system to automatically propagate to one or more PLAI-compliant physical access control systems (PACS). PLAI synchronises physical and logical identities and streamlines and standardises functions that typically have required custom programming to achieve.
When PLAI is realised and implemented, the end user will be able to enter information including all system users’ names, provisioning and permission levels into an HR system such as PeopleSoft or SAP, and the system will automatically and seamlessly distribute that information to the various access control systems throughout an organisation. Operation of the various access control systems is guided by the information provided from an “authoritative source.” All information is synchronised and normalised among the various systems, even those manufactured by different suppliers. PLAI asserts roles defined by an authoritative source so those roles do not have to be redefined in the PACS.
For example, if an employee of a U.S. company were to go to work at that company’s office in the United Kingdom, information from the centralised HR system would ensure the employee’s privileges are current and that his or her access control card can be scanned to open the door at the UK office. PLAI uses existing tools such as Active Directory and LDAP to enable system-wide invoking and revoking of privileges among multiple access control system providers. Centralised cancellation of privileges ensures a higher level of security than requiring that privileges be cancelled multiple times across several access control platforms and/or geographic locations.
The new PLAI specification helps multiple systems work together, enhancing security and lowering costs |
PSIA planned a virtual demonstration (webinar) of the new PLAI specification in mid-November 2014, to illustrate the specification’s ability to enable multiple systems to work together. Although PLAI is still a work-in-progress, tools will be available on the PSIA web site within the next couple of months to guide suppliers to conform to the specification. Several large suppliers, including Tyco, Lenel, Honeywell, Stanley, Assa Abloy, and Allegion, have been involved in developing the specification. Less than a year ago, PSIA’s new chairman, Mohammad Soleimani, executive vice president and CTO of Kastle Systems, proposed the framework for PLAI and led to the formation of the PLAI Working Group.
PSIA hopes that the new specification will become a de facto standard, although, at least for now, the organisation is not pursuing official issuance of the specification by a standards organisation such as ISO or ANSI. “We’re following the same procedures required to create a standard, such as publishing documents and going through a comment and review process,” says David Bunzel, PSIA executive director. Going through the process of making PLAI an official standard is expensive and time-consuming, but PSIA would go that route if “the industry determines it’s necessary,”he adds. The goal is to make the specification open, non-proprietary and supportive of industry needs.“This specification, which allows the convergence of logical and physical systems, could be a game-changer in organizations, resulting in enhanced security and lower costs,” says Soleimani.