However, this situation can soon change by using the interface for metadata access point protocol (IF-MAP) developed by the Trusted Computing Group (TCG). While this group may be new to the physical security industry, many of the 100+ member companies will be familiar, as they include: HP, IBM, Dell, Juniper Networks, Samsung, Microsoft, Intel, Symantec and McAfee, as well as a few physical security companies such as HID and Hirsch Electronics. TCG’s goal is to develop, define, and promote open, vendor-neutral, industry standards for trusted computing interfaces across multiple platforms.
The IF-MAP protocol is actually a suite of existing, easy to implement standards that enable the secure (encrypted) exchange of events (metadata) in a pre-defined format between mutually-authenticated systems and devices. This protocol, along with the vendor-neutral system architecture, referred to as the Trusted Network Connect (TNC) architecture, fosters trust between various networked systems and their respective owners. This is achieved by ensuring that each device only reports events to specific “trusted” devices (such as network security or a SCADA system) and that these devices only respond to those events through the policies that their owners, such as the physical security department, deem to be important and relevant. At a very high level of abstraction, one can think of IF-MAP as “Twitter” for networked devices.
By using IF-MAP-enabled products, physical security and facilities management can communicate certain events to other trusted groups (including marketing, manufacturing and operations) who can use this information to implement and enforce new policies that improve compliance and security and in some cases, productivity, when the information provides for greater situational awareness. For example, physical security can provide information on the physical presence of a given individual in a specific room or building, the status of a facility or campus (safe, breached, on fire, etc.) as well as seemingly more esoteric things like the status of lighting, heating, ventilation and air conditioning (HVAC) or an elevator. Conversely, other networked systems and devices can report events and status (such as a user’s network activity, location through wireless LAN triangulation, unauthorized data downloads, and process control system activity) that could trigger a new physical security or facilities policy-based response.
While some of these capabilities may have been offered by various companies in the past, most have been achieved through non-standard, proprietary communications. They tend to be limited in scope and thus, not as flexible to new applications. Due to the proprietary nature, they are not interoperable with multiple vendors’ products. Finally, if a single product that straddles two groups’ responsibilities is used, it can create political problems as to ownership of the device and who dictates a given policy.
The beauty of IF-MAP is that it has support from more than 100+ companies and their products may already be in use by your own or your customer’s organization! Furthermore, the fear over compromising the integrity of a given system and the political issues that commonly surround joint system operation, are eliminated or significantly reduced. There is a clear demarcation between respective groups’ systems. Each group determines what information is shared and what conditions merit a response.
By championing the sharing of formerly disparate systems information, Security can be seen as complementary to the goals of the organization and its peer groups. Facilities and Security personnel can help their peer groups execute on their respective goals and responsibilities (and vice-versa). As a result, the use of IF-MAP-capable devices and systems within an organization enables it to implement new policies that will add value to multiple groups. Hence, the physical security group may finally achieve or enhance its “place at the table”, alongside IT and other non-security-oriented functional group peers.