printer friendly version

Single sign-on includes physical access

The convergence of physical and logical security has taken a step forward with the introduction of Imprivata's single sign-on solutions. A US-based company, Imprivata develops single sign-on solutions that simplify the complexity of managing multiple passwords for numerous applications.

Using a patented recognition engine, the system recognises any application in any interface as it is called up and automatically logs into the system based on the user's authenticated identification.

"It does not matter whether the application is Web-based, Unix, a 32-bit Windows or Java system, or even an old green-screen mainframe program," Wayne Parslow, VP of EMEA operations for Imprivata explains, "the user will be logged in automatically. The recognition algorithm is similar to the ones used in biometric engines (the ones that deliver tight security), allowing secure single sign-on access to any application without having to make any modifications to the system."

The box that makes this all happen is the Imprivata OneSign appliance, an easy-to-use appliance that slots into any standard server rack. Parslow adds that the idea behind the appliance was to make it as simple as possible to implement and maintain single sign-on, reducing the need for expensive administrators and programmers. It includes built-in reporting capabilities to help ensure regulatory compliance and OneSign supports a host of authentication solutions out of the box, including ID tokens, smart cards, finger biometrics, proximity cards and Kerberos.

Logging the door

In an alliance between S2 Security Corporation (S2) and Imprivata, the companies have released a joint solution that will enhance single sign-on logical security by linking virtual access to a user's actual location.

The new product combines the OneSign access and authentication appliance platform with S2's NetBox physical access security solution. The converged solution delivers an integrated physical/logical access system that allows companies to use information about a person's physical location as a factor in their access privileges.

The security features can be expanded even further, assigning different security levels depending on location. If someone logs in from home, they could be allowed access to their e-mail and documents, but they may be prevented from changing any documents. And with wireless networking becoming more popular, an organisation could allow employees to access a wireless network from anywhere within the business premises, but not from outside, like a car park for example. These additional security precautions raise the level of logical security beyond its current capabilities, improving the control companies have over who accesses their systems from where, making it harder for criminals to get into the corporate network.

Share this article:

Further reading: