Critical Protection

Jul 1, 2008 12:00 PM

SPOTLIGHT - Uniloc NetAnchor CIS

Supervisory Control and Data Acquisition (SCADA) Systems control and monitor many organizations' industrial, infrastructure and facility processes, including manufacturing; water treatment and distribution; wastewater collection; electrical power transmission and distribution; HVAC and access control systems, and facility energy consumption. SCADA systems also manage the country's oil and gas pipelines, railroad transportation systems and chemical plant processes, and often function as the central backbone of long-distance communication networks. Because the systems maintain a direct network link to much of the nation's critical infrastructure, they have become prime targets for cyber attacks - and, according to the National Institute of Standards and Technology (NIST), their vulnerability is growing.

A 2007 NIST report titled “Guide to Industrial Control Systems (ICS) Security” confirms that threats to SCADA control systems can come from a variety of sources such as hostile governments, terrorist groups, industrial spies, malicious intruders, disgruntled employees, human errors and equipment failures due to natural disasters.

Recognizing a need for upgraded SCADA system security, Uniloc USA, an Irvine, Calif.-based provider of physical device recognition and authentication systems, has introduced NetAnchor CIS, an identity and access management appliance that protects SCADA networks using the company's physical device recognition fingerprinting technology. The system restricts access to designated computers and field components by authenticating a device's “digital identity” - made up of a combination of machine characteristics and properties generated through proprietary algorithms - and password-based authentication.

Using NetAnchor CIS, the authorized user must be on the authorized device in order to access a SCADA network. When an unauthorized connection is attempted to the device's secure Virtual Private Network (VPN), the system sends a notification and provides the location of the attempt, thus prohibiting access to the breached access point. The system provides security for any type of network infrastructure, including wireless, Ethernet, public Internet and open standards. It also features cross-platform compatibility and a low impact on network performance. “NetAnchor CIS is a critical component of a defense-in-depth strategy to protect SCADA networks from the threat of attack,” says Jim White, Uniloc's vice president of sales and business development. NetAnchor CIS, Uniloc USA Inc. (redsky.uniloc.com) Circle No. 7 or visit securitysolutions.com/productinfo.

License Plate Recognition System

AVAILABLE IN FIXED AND MOBILE APPLICATIONS

The system automatically reads license plates of parked or moving vehicles traveling at up to 140 mph. The rugged device also reads license plates spanning two lanes of traffic. It is available in fixed and mobile units. The fixed system features IP connectivity for real-time monitoring and automatically identifies vehicle entries and exits with precision, allowing security personnel to assess and respond to irregular occurrences such as an unknown vehicle entering a parking lot. The mobile system reads the license plates of vehicles parked in parallel, 45- and 90-degree angles and includes enhanced GPS-based technology to pinpoint the location of a vehicle for investigative purposes. AutuVu Sharp, Genetec (genetec.com) Circle No. 8 or visit securitysolutions.com/productinfo.

Optical-Zoom Thermal Imager

FOR PERIMETER SURVEILLANCE

The uncooled infrared imager features continuous optical zoom, which enables the user to change fields of vision while keeping the target in focus at all times. The camera features a 30mm to 90mm lens and mirrors the functionality of a traditional CCD zoom. It can see through environmental conditions such as smoke, rain, snow, dust and dense fog. The camera also features the supplier's VisionSense technology, which allows users to overlay the daylight camera image and infrared camera image in real-time. By merging the two visual sources, the imager can penetrate glare and see through windows, glass and water. It is suitable for day and night perimeter security, maritime surveillance and government surveillance applications. DefendIR-CZ, ICx Technologies (icxt.com) Circle No. 9 or visit securitysolutions.com/productinfo.

Video Codec

OPERATES AS EITHER A SINGLE-CHANNEL ENCODER OR DECODER

The single-channel selectable encoder/decoder combination unit is designed to increase the flexibility of surveillance networks. In encoder mode, the codec enables existing and new analog cameras to be added to an IP network, helping to expand and adapt a video surveillance system without the cost of replacing and/or redesigning the installation. Preset MultiMode recording profiles give the user flexibility in adjusting resolution, recording rates and compression settings. In decoder mode, the codec provides the user with increased viewing flexibility by allowing additional monitoring stations to be deployed anywhere within the network footprint. The unit supports full- and multi-camera screen viewing modes from various network video sources. DV-IP Codec, Dedicated Micros (dedicatedmicrosus.com) Circle No. 10 or visit securitysolutions.com/productinfo.

IP-Ready Cameras

AVAILABLE IN PTZ, MINI-DOME AND BOX STYLE

The IP-ready cameras transmit high-quality images over long distances and are capable of delivering video at a rate of 30 frames-per-second at 4 CIF using MPEG-4 compression. The compression gives users better image sharpness and quality and faster video transmission using less network bandwidth. A camera sabotage feature detects a change in the field-of-view or focus and instantly notifies the operator if a camera has been deliberately blinded or otherwise vandalized. The cameras are supported by a variety of video management systems, including the supplier's next-generation video management system. They are designed for applications where object detection is required in general or low light conditions, and where object recognition is an integral part of the site's security and business operation. EQUIP Series, Honeywell Video (honeywellvideo.com) Circle No. 11 or visit securitysolutions.com/productinfo.

Mobile License Plate Recognition System

USES IMAGE PROCESSING SOFTWARE AND ALGORITHMS FOR CHARACTER RECOGNITION

The system identifies vehicles at temporary checkpoints as well as fixed or temporary parking lots at large-scale special events. The system is posted before the checkpoint or the parking lot entrance and automatically captures the license plate number of any vehicle going into or out of the compound. The system checks the plate numbers against law enforcement, Homeland security and intelligence databases. When the database identifies a car as being suspicious or defines its owner as a potential threat, an immediate alert is transferred to the police and/or other forces at the checkpoint or parking lot gate. In restricted areas, where only authorized cars are permitted, the system can automatically open a barrier to authorized vehicles. The system can also be installed on the side of a street to automatically check the license plate numbers of each car entering a street. SeeCar Mobile, Hi-Tech Solutions Ltd. (htsol.com) Circle No. 12 or visit securitysolutions.com/productinfo.

Hard Disk Drive

DESIGNED FOR VIDEO SURVEILLANCE APPLICATIONS

The 3.5-in. SATA hard drive features 1-TB capacity and offers a mean time between failure (MTBF) of up to 1.2 million hours. Its three-platter structure provides a higher storage density per platter, resulting in faster data processing speeds. The hard drive is suitable for video surveillance applications and similar environments with critical needs, such as high reliability in heavy-duty, round-the-clock operations; low power-consumption; high capacity and an A/V streaming firmware command set. The hard drive also features a command completion time limit, vibration tolerance with RV (rotational vibration) controller, a 16- or 32-Mb cache and a 175 Mb/second maximum media transfer rate. The unit ensures low heat generation and power consumption, high durability and stability in extreme environments, stable performance for prolonged operation periods and a large storage capacity for extended recording time. Spinpoint F1R, Samsung Electronics Co. (samsung.com) Circle No. 15 or visit securitysolutions.com/productinfo.

Network Video Recorder

SUPPORTS MPEG-4 AND M-JPEG COMPRESSION

The network video recorder provides a robust, scalable and open IP-based platform. It can support as many as 128 cameras per server including megapixel IP cameras, standard IP cameras and analog cameras with IP encoders. The unit features the supplier's Active Content Compression (ACC) technology and support for MPEG-4 and M-JPEG compression. An embedded Linux operating system offers high security and strong virus protection. The system also features built-in redundancy for high availability, fault tolerance and disaster recovery without the need for third-party software. VideoEdge NVR, American Dynamics (americandynamics.net) Circle No. 16 or visit securitysolutions.com/productinfo.

Contactless Electronic Lock

SUITABLE FOR HOTEL AND RESORT APPLICATIONS

The lock can read and write information to a variety of RFID credentials such as keycards, wristbands and key fobs. It features an ergonomically designed contactless reader. To gain access, guests and staff members simply present their keycards at the reader. An audit trail that specifies the date and time that each lock was accessed can be recorded on employee keycards. The lock also features multiple locking options including mortise, cylindrical latch, European mortise, panic bar and remote access controllers. The system can work in conjunction with the supplier's Next Generation Front Desk Unit (FDU) and the Web-based ATLAS (Advanced Technology Lodging Access Solution) System. Contactless 790 Electronic Lock, Kaba Ilco Inc. (ilcolodging.com) Circle No. 17 or visit securitysolutions.com/productinfo.

Access Control Keypads

FEATURE TOUCH-SENSITIVE ACTIVATION

The keypads, available in both 12- and 16-key configurations, employ the supplier's ActiveMetal rugged touch-through metal switch technology that eliminates the need for moving parts. The keypads feature weather, water and dust resistance; raised sculpted keys with permanent markings; vandalproof construction; real-time feedback and washable/submersible performance. Three output options are available, including matrix, serial RS232 and Wiegand. In addition, the keypads feature auxiliary outputs for camera and lighting activation and two customer-controlled LEDs. They are rated to operate from -40 degrees C to 85 degrees C and have undergone drop, shock, impact and vibration testing. ActiveMetal Keypads, ITW Switches (itwswitches.com) Circle No. 18 or visit securitysolutions.com/productinfo.

Video Forensic Software

FOR VIDEO IMAGE ENHANCEMENT

The system employs the supplier's software algorithms to combine information from neighboring video frames to reveal detail from previously “impossible” scenes, such as those with moving objects or other complex motion. In seconds, the system extracts information from poor-quality digital video and automatically brightens dark scenes, removes noise, compresses artifacts and increases video resolution by a factor of up to 4x. The system features a simple user interface, runs on standard Windows PCs and accepts a variety of video formats, including interlaced video. Ikena Reveal, MotionDSP (motiondsp.com) Circle No. 19 or visit securitysolutions.com/productinfo.

Color LCD Flat Panel Monitors

RANGE IN SIZE FROM 15-IN. TO 42-IN. MODELS

The high-performance and general-purpose color liquid crystal display (LCD) flat panel monitors collectively feature VGA and UXGA resolution, picture-in-picture and split screen viewing and digital HDMI output. The monitor series includes two high-performance and two general-purpose monitors. The high-performance monitors include a color thin film transistor (TFT) active matrix LCD panel for high-resolution imaging (500 TVL, 1,600 × 1,200 or 1,280 × 1,024 pixels), two looping composite video inputs, two looping audio inputs and one looping Y/C input. They accept NTSC and PAL signal formats automatically as well as power supply voltages from 90 to 256vAC. The general-purpose monitors provide crisp image quality and automatically adapt to the input resolution of the incoming video signal at 400 TVL up to 1,280 × 1,024 pixels or 1.3 megapixels. The monitors refresh every five milliseconds so that users will see crisp, clear images with less smearing and ghosting. All monitors include wall-, rack- and pole-mounting options. UML-172-90, UML-192-90, UML-150-90, UML-170-90; Bosch Security Systems (boschsecurity.us) Circle No. 20 or visit securitysolutions.com/productinfo.

RFID Locking System

AVAILABLE IN STANDALONE, PROGRAMMED OR NETWORKED CONFIGURATIONS

The locking system features a small transponder key that functions as an RFID read/write credential and more than a trillion possible code combinations. Flexible system programming is based on wireless data transfer protocol. In office environments, the system can integrate with other applications such as time recording/punch clocks, temporary worker access, parking area security and cafeteria point-of-sale. The system also features a long service life without batteries or mechanical wear. Dialock Locking System, Häfele America Co. (hafele.com/us) Circle No. 21 or visit securitysolutions.com/productinfo.

Fault-Tolerant Door Controller

MAINTAINS ACCESS CONTROL FUNCTIONS WHEN THE NETWORK FAILS

When access control or alarm monitoring functions are threatened by a disabled common controller or network segment failure, the Ethernet-to-485 converter/switch controller automatically maintains connections between the system's third-tier intelligent door controllers and second-tier building controller. The system's fail-over capability reroutes all communication to an alternate controller and allows the system to maintain higher-level access functions, regardless of a key component failure. In addition, it enables users to shut down building controllers in a hot-swap mode for routine maintenance without affecting the access control system. A fault-tolerance option is also now available with the supplier's Frontier 5.7.5 access control software. Matrix System Gateway (MSG), Matrix Systems (matrixsys.com) Circle No. 22 or visit securitysolutions.com/productinfo.

IP Camera/Dome Positioning System

ENABLES USERS TO CONTROL AND MONITOR NETWORK VIDEO/AUDIO

The advanced camera positioning system is designed for use as an edge appliance. It delivers three simultaneous high-quality, real-time scalable IP video streams and bi-directional audio. Users can control and monitor network video and audio over IP virtually from anywhere in the world. A hybrid functionality enables simultaneous IP and analog control. Multi-level password protection, simultaneous RS422 telemetry control via the supplier's P or D protocols, seven alarms and two relays are also provided. Five auto-focus, high-resolution integrated camera/optics packages, eight back-box options, six lower domes and 15 mounting options are available. The system is based on open architecture, and third-party manufacturers can integrate it into their network-based applications through an API. The system seamlessly integrates the supplier's Digital Sentry product line and is Endura-enabled to record, manage and view multiple live streams. Spectra IV IP Camera/Dome Positioning System, Pelco (pelco.com) Circle No. 23 or visit securitysolutions.com/productinfo.

Video Intelligence Software

FEATURES PAN, TILT AND ZOOM CONTROLS

Using the software in conjunction with standard fixed IP or analog cameras, users can pan, tilt and zoom in on live and recorded images without using traditional PTZ systems. With the system, users can cover greater floor space with fewer cameras and minimize breakdown and maintenance events. The software uses the supplier's video analytics technology to send intelligence alerts, perform computer-aided tracking and conduct advanced image filtering. The system is designed for users in retail and financial sectors. i-PTZ Software, IntelliVid (intellivid.com) Circle No. 24 or visit securitysolutions.com/productinfo.

Analog/IP Video Management Software

BUILT ON OPEN STANDARD ARCHITECTURE

The integrated video management and analytics software platform integrates analog and IP cameras with a minimal learning curve for the user. The software is intuitive and easy to install and deploy, according to the supplier. Offering a customizable user interface, the system supports all analog cameras and camera models from 15 different manufacturers, making it suitable for deployment in hybrid environments. Advanced surveillance features include integrated video analytics for auto-alarming on a range of user-defined policies and smart video search capabilities. With the software, organizations can also use their existing analog and network systems to generate real-time business intelligence information. Aimetis Symphony, Aimetis Corp. (aimetis.com) Circle No. 25 or visit securitysolutions.com/productinfo.

Product Focus

A CLOSER LOOK AT SMART CARDS

Smart Display Card

OFFERS ONE-TIME PASSWORD AUTHENTICATION

With the push of a button, the smart card generates a one-time unique login password based on Open Authentication (OATH) standards. A card reader is not required for authentication and verification, and the card also replaces the use of unchanging passwords for user access. Embedded with a smart chip to support standard PKI capabilities such as e-mail encryption and digital signatures, the card supports multiple user modes, whether through network-connected authentication machines, mobile verification devices or kiosks. When deployed with a server-side PIN, the credential performs two-factor authentication. The cards can be customized to match organization branding or to create a multi-purpose photo ID. DisplayCard, ActivIdentity Corp. (actividentity.com) Circle No. 13 or visit securitysolutions.com/productinfo.

Biometric Smart Card

INCLUDES AN EMBEDDED BIOMETRIC SYSTEM

The ISO 7810/16-format smart card features an embedded biometric system that provides fingerprint imaging, enrollment and authentication. By embedding the system on the card, a cardholder's privacy is protected; an authentication decision is the only data released from the card. The card also eliminates the need to transfer fingerprint templates between the reader and the card, thus reducing interface requirements and increasing the speed of use. Other benefits include fewer interoperability issues associated with implementing various fingerprint sensors and card readers together; and ready migration to biometrics on ISO 14443-compliant smart cards and other wireless protocols without installing fingerprint sensors. In addition, users are not required to replace or modify existing infrastructure or back-end systems for biometric implementation. FSC-3012 Biometrically Authenticated Smart Card, Fidelica Microsystems Inc. (fidelica.com) Circle No. 14 or visit securitysolutions.com/productinfo.

Open Platform Smart Cards

CONTACT, CONTACTLESS AND USB INTERFACES AVAILABLE

The card family is based on the concept of an open operating system for smart cards. Complying with JavaCard and GlobalPlatform specifications, the credentials offer the benefit of an open, secure, interoperable and standard environment for multi-application smart cards. The supplier offers a range of cards from 16 Kb to 128 Kb EEPROM (Electrically Erasable Programmable Read-Only Memory), with contact, contactless and USB interfaces available. On-card applications include digital signature for Public Key Infrastructure (PKI) integration; secure, cryptographic data storage; and fingerprint biometrics with embedded fingerprint matching on the card and fingerprint verification without a PC. A card development kit is available to assist in design, development, testing and debugging of applications running on the cards. FIPS 140-2 level 3- and FIPS 201- certified cards are available. ID-One Cosmo, Oberthur Card Systems (oberthurcs.com) Circle No. 26 or visit securitysolutions.com/productinfo.

PKI Smart Cards

FOR LOGICAL ACCESS CONTROL, SIGNATURE AND TRANSACTION VERIFICATION

Designed for Public Key-based applications, the JavaCard framework-, ISO- and .NET-based cards are available with memory sizes ranging from 32 to 128 Kb and can store private keys and certificates for two-factor user authentication. The cards can be used in secure business-to-business services, such as Web-based signing of documents, transactions and logical access control. They are compatible with the supplier's token-based Classic Client cryptography software, which manages the personal identity authentication and verification process. The cards operate over the supplier's Trusted Open Platform (TOP) to ensure secure applet download and to enable a number of JavaCard applets to reside safely and securely on the same card. The cards also support a variety of security features meant to protect sensitive data, such as PINs, secure messaging, external authentication and role verification. SafesITe Classic TPC, Gemalto (gemalto.com) Circle No. 27 or visit securitysolutions.com/productinfo.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue