Converged logical and physical security
First Claim
1. A converged physical and logical security management system comprising:
- a unique identifier having associated therewith information usable for authentication and authorization to control access decisions for a physical area and logical access to one or more of a computer system, computer network or network resource, the information including at least two configuration options; and
a security management computer including at least one microprocessor, a data store and connectivity modules, the security management computer scalable via one or more connections to one or more additional security management computers, the security management computer determining the access decisions for the physical area and the logical access to the one or more of the computer system, the computer network or the network resource, the security management computer connected to one or more access control readers and capable of communicating with the one or more access control readers in the access control readers'"'"' standard protocol,wherein the security management computer also includes a directory service that is used with the data store and the configuration options to make the access decisions, wherein;
for an access request to the physical area, a first authentication and authorization utilize a first of the at least two configuration options within the data store of the security management computer for a physical access decision, andfor logical access, a second, separate, authentication and authorization utilize a second of the at least two configuration options within the directory service of the security management computer for a logical access decision.
3 Assignments
0 Petitions
Accused Products
Abstract
A security management system that includes a hierarchical security platform, converged IT and physical security management, unified credentialing, credential issuance and incident(s) management. An exemplary aspect of the invention also relates to physical and logical security management and information technology/network security management, with a credential issuance and integrity checking system as well as associated readers and printers of the credential. Still further aspects of the invention relate to obtaining, assembling and analyzing one or more of data, video information, image information, biometric information, sensor information, terrorist information, profile information, and/or other types of information to provide a comprehensive platform for all aspects of security management. A toolkit is also provided that allows complete management, integration, scalability, interoperability and centralized control of all aspects of security including personnel credentialing, personnel management, personnel tracking, task management, security system integration, security information exchange and scalability.
-
Citations
52 Claims
-
1. A converged physical and logical security management system comprising:
-
a unique identifier having associated therewith information usable for authentication and authorization to control access decisions for a physical area and logical access to one or more of a computer system, computer network or network resource, the information including at least two configuration options; and a security management computer including at least one microprocessor, a data store and connectivity modules, the security management computer scalable via one or more connections to one or more additional security management computers, the security management computer determining the access decisions for the physical area and the logical access to the one or more of the computer system, the computer network or the network resource, the security management computer connected to one or more access control readers and capable of communicating with the one or more access control readers in the access control readers'"'"' standard protocol, wherein the security management computer also includes a directory service that is used with the data store and the configuration options to make the access decisions, wherein; for an access request to the physical area, a first authentication and authorization utilize a first of the at least two configuration options within the data store of the security management computer for a physical access decision, and for logical access, a second, separate, authentication and authorization utilize a second of the at least two configuration options within the directory service of the security management computer for a logical access decision. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method for operating a converged physical and logical security management system comprising:
-
providing a unique identifier having associated therewith information usable for authentication and authorization to control access decisions for a physical area and logical access to one or more of a computer system, computer network or network resource, the information including at least two configuration options; and operating a security management computer that includes at least one microprocessor, a data store and connectivity modules, the security management computer scalable via one or more connections to one or more additional security management computers, the security management computer determining the access decisions for the physical area and the logical access to the one or more of the computer system, the computer network or the network resource, the security management computer connected to one or more access control readers and capable of communicating with the one or more access control readers in the access control readers'"'"' standard protocol, wherein the security management computer also includes a directory service that is used with the data store and the configuration options to make the access decisions, wherein; for an access request to the physical area, a first authentication and authorization utilize a first of the at least two configuration options within the data store of the security management computer for a physical access decision, and for logical access, a second, separate, authentication and authorization utilize a second of the at least two configuration options within the directory service of the security management computer for a logical access decision. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A converged physical and logical security management system comprising:
-
circuitry for providing a unique identifier having associated therewith information usable for authentication and authorization to control access decisions for a physical area and logical access to one or more of a computer system, computer network or network resource, the information including at least two configuration options; and means for operating a security management system run on a computer managing a security management computer that includes at least one microprocessor, a data store and connectivity modules, the security management computer scalable via one or more connections to one or more additional security management computers, the security management computer determining the access decisions for the physical area and the logical access to the one or more of the computer system, the computer network or the network resource, the security management computer connected to one or more access control readers and capable of communicating with the one or more access control readers in the access control readers'"'"' standard protocol, wherein the security management computer also includes a directory service that is used with the data store and the configuration options to make the access decisions, wherein; for an access request to the physical area, a first authentication and authorization utilize a first of the at least two configuration options within the data store of the security management computer for a physical access decision, and for logical access, a second, separate, authentication and authorization utilize a second of the at least two configuration options within the directory service of the security management computer for a logical access decision.
-
Specification