Police to trial integrated authentication

A scheme that restricts physical access to buildings and digital access to software applications will be trialled in the Midlands

West Midlands Police is to trial an identity authentication system that will allow both physical and digital access to police systems, with the projected replacement of warrant cards with chip-and-pin smart-cards.

Police officers and civilian staff will be granted access to buildings and computer systems using a single sign-on card. An initial pilot scheme will start at the end of September and run for three months.

"It's all about restricting access to a door or an application in an efficient way," said Fred Tracey, user support manager for West Midlands Police.

The technology behind the scheme is being provided by two companies. Access management company Imprivata won the tender to provide the data-management hardware and software, while AC Controls will provide the physical access systems.

Access data will be managed through a box that co-ordinates the police databases and Web services, and contains the data-management operating system.

"It allows the administration of Web-based information through a GUI," said Geoff Hogan, business development manager for Imprivata. "Information is encrypted on the databases and over the [police intranet]."

The West Midlands Police network is connected to the Internet through a hosted site with five firewalls, according to Tracey. Fingerprint biometrics on keyboards and a biometric fingerprint reader on the West Midlands Police computer room will be implemented.

Once a person is registered as being in the building, anyone attempting to use their identity to access information from a different location can be restricted.

The police decided to implement the access scheme because the amount of crime data being accessed is increasing.

"Data storage is becoming more critical to the management of crime, with a large amount of intelligence restricted to the right people," said Tracey.

The highest level of access allows senior management into restricted areas, such as through the "door within a door" to a "strategic location" at West Midlands Serious Crime building, where major issues such as terrorist attacks are managed.

The pilot scheme will be tested with 320 police officers and 80 IT staff in two West Midlands Police buildings, to control access to 140 applications. If successful, the system will be used to control access to the applications and 180 buildings for 1500 staff. The pilot scheme will cost £140,000.

No other supplier that competed for the tender could integrate physical and digital security into one system, according to Tracey. Imprivata beat off Siemens, Logica and Oracle to provide the technology for the scheme.

"The other solutions had APIs [application program interfaces] to integrate the two different systems, with high integration and consultancy costs," said Tracey.

"The single sign-on to applications doesn't need an API," said Hogan. Data transferral will be Web-based.

Currently authentication and access management eats up approximately 10,000 hours a year, West Midlands Police estimates, as most is done manually. By implementing the scheme, the police anticipate reducing the administration time by two thirds.

"At the moment bobbies get a warrant card, and request access to applications, all updated manually by human resources. There are around 2000 changes to access privilege per year due to people moving, and getting promoted. We want to make the whole of the process as automatic as possible, to free up staff and put more officers out on the beat," Tracey told ZDNet UK.