System for integrating security and access for facilities and information systems
First Claim
1. A security system for integrating security and access for facility protection systems and information systems in which each information system represents a computer system requiring user authorization at connected computers or terminals to access information resources or network environment protected by the information system comprising:
- one or more facility protection systems in which at least one of said facility protection system controls user access to areas of a facility;
at least one information system which controls users'"'"' access to said information system;
a computer server system coupled for communication with said facility protection systems and said information system, in which said computer server system further comprises a database for storing at least security information for users and access privileges of users to said information system and one or more of said facility protection systems;
said facility protection systems and said information system each having means for sending to said computer system one or more events occurring at their respective system; and
said computer system having means, responsive to said one or more events from one or more of said facility protection systems and said information system, for directing one or more of said facility protection systems and said information system to take one or more actions in accordance with said one or more events, and said directing means is capable of directing one or more of said facility protection systems to take one or more actions in accordance with said one or more events when received from said information system.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for integrating security and access for facilities and information systems is provided including a computer server, information systems, and facility protection systems. The information systems and facility protection systems are coupled for communication to the computer server via a network. Facility protection systems represent an access control system for controlling entry/exit to areas of buildings, such as with badges or other ID Credentials and other systems, such as intrusion detection and fire systems, to provide protection in facility environments. Information systems each represent a computer system requiring user authorization, via computers or terminals capable of connecting thereto, to access information resources or network environments protected by the computer system. Information systems may also include information protection systems requiring user authorization for external access to other information systems. The computer server has a central database which stores at least information defining users and their access privileges to the information systems and to areas of facilities controlled by access control system. Each of the information systems and facility protection systems sends event data to the computer server when an event occurs on its respective system, and an event transaction processor in the computer server determines action(s), if any, to take in response to one or more received events and accordingly sends action data to other information systems and facility protection systems to instruct such systems to automatically respond to security risks representing by such events in real-time. Central management of users and their access privileges, and monitoring of events is further provided.
-
Citations
32 Claims
-
1. A security system for integrating security and access for facility protection systems and information systems in which each information system represents a computer system requiring user authorization at connected computers or terminals to access information resources or network environment protected by the information system comprising:
-
one or more facility protection systems in which at least one of said facility protection system controls user access to areas of a facility; at least one information system which controls users'"'"' access to said information system; a computer server system coupled for communication with said facility protection systems and said information system, in which said computer server system further comprises a database for storing at least security information for users and access privileges of users to said information system and one or more of said facility protection systems; said facility protection systems and said information system each having means for sending to said computer system one or more events occurring at their respective system; and said computer system having means, responsive to said one or more events from one or more of said facility protection systems and said information system, for directing one or more of said facility protection systems and said information system to take one or more actions in accordance with said one or more events, and said directing means is capable of directing one or more of said facility protection systems to take one or more actions in accordance with said one or more events when received from said information system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for integrating security and access for at least one facility protection system and at least one information system comprising the steps of:
-
providing a computer system coupled for communication with said facility protection system and said information system having a database for storing at least access privileges of users to said information system and said facility protection system; sending to said computer system one or more events from one or more of said facility protection system and said information system; and sending one or more actions from said computer system to one or more of said facility protection system and said information system, wherein said sending step further comprises the step of sending at least one action from said computer system to said facility protection system in response to one or more events sent from said information system. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. An event transaction processor in a system having an access control system enabling access to a facility environment by users, and information systems, which enable access to network and data environments by said users, said processor comprising:
-
means for receiving events from one of access control system and at least one information system; means for determining when each of said events requires action to protect one of access to said facility environment controlled by said access control system and access to said network and data environment controlled by said information system, in which said determining means is capable of determining an action in accordance with multiple ones said events being received, and sending commands to one of said access control system and information systems to protect said facility environment or network and data environments, respectively, wherein one or more events which occur in said access control system are capable of requiring action in said information system, and one or more events which occur in said information system are capable of requiring action in said access control system.
-
-
26. A method for integrating security and access for facility protection systems and information systems in which each information system represents a computer system requiring user authorization at connected computers or terminals to access information resources or network environment protected by the information system comprising the steps of:
-
providing a computer server system coupled for communication with said facility protection systems and said information systems having a database for storing at least access privileges of users to said information system and one or more of said facility protection systems; sending to said computer server system events from each of said facility protection systems and said information systems when events occur at their respective system; and
sending actions from said computer server system to one or more of said facility protection systems and said information systems to be taken to protect facilities protected by said facility protection systems, or network or information maintained by said information systems, wherein said sending step further comprises the step of sending at least one action from said computer server system to one of said information systems to be taken by said one of said information systems in response to at least one of said events occurring at facilities protected by one or more of said facility protection systems when security of information protected by said one of said information systems is at risk in accordance with said one of said events.
-
-
27. A method for integrating security and access for facility protection systems and information systems in which each information system represents a computer system requiring user authorization at connected computers or terminals to access information resources or network environment protected by the information system comprising the steps of:
-
providing a computer server system coupled for communication with said facility protection systems and said information systems having a database for storing at least access privileges of users to said information system and one or more of said facility protection systems; sending to said computer server system events from each of said facility protection systems and said information systems when events occur at their respective system; and sending actions from said computer server system to one or more of said facility protection systems and said information systems to be taken to protect facilities protected by said facility protection systems, or network or information maintained by said information systems, wherein said sending step further comprises the step of sending at least one action from said computer server system to one of said facility protection systems to be taken by said one of said facility protection systems in response to at least one of said events occurring at one or more of said information systems when security of facilities protected by said one of said facility protection systems is at risk in accordance with said one of said events.
-
-
28. A security system for integrating security and access for facility protection systems and information systems in which each information system represents a computer system requiring user authorization at connected computers or terminals to access information resources or network environment protected by the information system, said security system comprising:
-
a computer system coupled for communication with one or more facility protection systems and one or more information systems, in which said computer system has memory storing at least user data and access privileges of users to said one or more information systems and said one or more facility protection systems, and said access privileges are capable of being assigned or updated when the user data is added, modified, or deleted in said memory; and said computer system being capable of receiving event data from said one or more facility protection systems and said one or more information systems, and being operative to send action data in accordance with one or more of said received events for directing said one or more facility protection systems or said one or more information systems to take one or more actions wherein said one or more facility protection systems are capable of being directed to take one or more actions in accordance with one or more said received events from at least one of said one or more information systems. - View Dependent Claims (29, 30, 31, 32)
-
Specification