Networked Badging Boosts Security
The Fairfax County, Va., Office of the Sheriff recently consolidated three standalone badging systems into a single networked system provided by the IRIS Companies of Fleetwood, Pa. IRIS will implement the new system, which includes IWS EPI Suite Photo ID software from ImageWare Systems Inc., San Diego.
The system will produce about 700 secure identification cards for authorized personnel including sworn and civilian officers, court employees, reserve deputies, jail volunteers and other authorized county officials.
“The new system enables us to get rid of our three standalone systems and consolidate our badging system into a networked environment,” says Dinese Drake, branch chief for information technology in the Sheriff’s department.
More important, the new system will upgrade security by enabling more stringent validation procedures. At the secured entrance and exit doors to the county jail, for example, two workstations equipped with cameras will verify credentials against the online database. A person seeking admittance will present his or her photo-ID at the window, Drake says. A camera will pan-tilt-zoom until the image on the badge comes into focus. The system operator will enter the information manually and search for the matching credentials in the database. When the file is found, the operator will compare photos and other printed information in the system with the credential and make sure that the credential being presented was issued by the sheriff’s office. “It’s a manual validation made possible by a networked application,” Drake says.
The need for validation or authentication motivated the Sheriff’s Office to undertake the upgrade. “Standalone systems are virtually useless for security purposes today,” Drake says. “Badging systems are ubiquitous. Employees everywhere have badges as well as potential access to badging workstations. What I mean is that the bad guys have access to badging software, too. The important feature of our application is that the networked system enables us to make sure that credentials are valid.”
Doesn’t a networked system make it easier to create a fake badge? No, says Karl Ziegler, a vice president with the IRIS Companies. Ziegler points to security measures that prevent improper network access to the badging system.
The system supplied by the IRIS Companies, for example, requires a special software key at badging workstations. The software key is a device that plugs into a port on the back of the desktop computer. Workstations without a key cannot operate the badging software, Ziegler says Second, to operate an authorized badging workstation, a user must log-in with a valid username and password.
Finally, the system administrator must authenticate any username and password that will access a badging station.
While authorized users can still share their usernames and passwords with others, Ziegler says that the three precautions usually provide enough security. “If you want to go beyond this level, a smart card reader or biometric fingerprint reader can be added as additional levels of hardware and software security,” he says.
Networked badging systems can also extend the validation process throughout a facility or across a campus. Suppose, for example, that an individual works in several different secure offices on a campus or around town. Not every office or facility will have a specially keyed badging station to validate credentials. But a networked system can authorize officials at various locations throughout a building or campus to access the keyed stations with a browser. “An individual using a browser to access the badging database must still go through the keyed workstation and log in with a username and unique password set up by the system administrator,” Ziegler says.
Browser access by a limited number of users in a facility also makes it easier to deal with lost credentials. Instead of trekking across campus to the keyed workstation, an individual need only check with someone in his or her department who is authorized to deal with credentials.
For government agencies, networked badging systems can also provide public benefits by speeding permit administration. Pennsylvania, for example, manages its gun permits through local sheriffs’ offices. “When someone comes in for a replacement permit, a browser-based credentialing system can look that person up in the database, make sure the permit exists, cancel the lost permit, and issue a replacement,” Ziegler says.
