In 2004, a significant challenge faced the physical security industry. An important government directive was signed by President George W. Bush requiring all government agencies to comply with a strict identification standard. That mandate, HSPD-12, required the use of smart card technologies that were still under development.
As significant as the challenge was for hardware manufacturers, software designers faced an even greater struggle. They had little upon which to build their solutions, especially considering that such software is usually shaped by the hardware with which it interfaces. The team of engineers and product managers at Lenel Systems International met the challenge head-on, working despite the lack of hardware reference points. Two years later, Lenel released IdentityDefender, an innovative software solution to achieve the government’s HSPD-12 directive.
“The HSPD-12 marketplace created extensive opportunities for the smart card industry to push its standards of security and innovation farther than ever before. With a strong set of very specific security requirements in place, organizations gained concrete development reference points to build upon,” said Randy Vanderhoof, executive director of the Smart Card Alliance.
But these reference points were a work in progress. Most agree that developing software solutions is challenging when all variables are defined, but when key elements (e.g. cards, readers, data formats) remain in flux, it can be daunting. With the IdentityDefender software relying so heavily on the progress of the smart card hardware that HSPD-12 requires, Lenel found itself in an interesting position. As the release timeline was announced, it became clear that the software development would have to press forward in spite of the lag in development of industry technologies.
Lenel relentlessly studied HSPD-12 requirements to create a vision of what a total software and hardware solution would encompass. From the beginning, this vision included four essential components:
- A dedicated identity management database to securely route all data through each product module: the IdCollector enrollment system, the IdProducer production system, and the IdActivator issuance system
- A web-based architecture to ensure total flexibility of the product
- Partnerships with vendors of key system components required for HSPD-12 compliance
- A product designed with strict adherence to HSPD-12 requirements, yet flexible enough for both government and commercial applications
The product architecture gives IdentityDefender the flexibility to adapt to any changes in HSPD-12 requirements. Key partners in the government market quickly recognized Lenel’s achievements in the identity space.
“We have passed the rigorous testing process applied by the General Services Administration to be listed on the GSA Approved Product List,” said Paul Russell, marketing and government program relations for Lenel. As a result, he added, government and commercial entities have already begun pilot programs for the software.
Building on the success of prior solutions
“We introduced several different foundational elements in both the security and infrastructure of IdentityDefender,” said Erik Larsen, Lenel’s product manager of identity solutions. “We created IdentityDefender using the same open architecture development philosophy that has been a hallmark of OnGuard, our physical access control system.” OnGuard was first released by Lenel 12 years ago, and now has an installed base of around 13,000 systems worldwide.
IdentityDefender is the first totally new product line Lenel has developed outside of the OnGuard brand. This not only expands the company’s presence in the physical access control and government markets, it also allows Lenel to enter both the logical access control and “physical/logical convergence” markets with a proven platform.
Modular, flexible design fits both government and commercial demands for converged solutions
“A series of checks and balances is built into each component to ensure that the first and foremost concern is a secure workflow,” said Patrick Rodwell, marketing and government program analyst for Lenel. “A truly intelligent identity solution must create a smart card ID that is fully utilized in both the physical and logical security environments.”
“The workflow is provided through templates that are fully-configurable around FIPS 201 and the requirements of the government agency,” Mr. Rodwell added. “The selected template will dictate the workflow of the other modules.” Because of this modular approach, IdentityDefender is designed to integrate into any existing infrastructure, whether it’s a small, basic configuration or a large-scale enterprise installation.
“IdentityDefender delivers all capabilities required for a turnkey system,” Mr. Rodwell said. Each IdentityDefender module is a self-contained application that meets a very specific need in an identity management implementation. “So whether an organization needs to create a system from the ground up, or requires only a few pieces of the puzzle, IdentityDefender can help the customer achieve a total identity management solution.”
“We’ve had an overwhelmingly positive reaction to IdentityDefender,” concludes Erik Larsen. “Although we developed it as a workflow solution based on FIPS 201, the product has emerged not only as a one-stop HSPD-12 solution, but also as a complete, commercially-viable entity all its own.”
Research and evaluate FIPS 201 Approved Products and get the latest info on compliant credentialing systems at FIPS201.com. Click to visit FIPS201.com.