Security lies in biometrics: palm vein authentication.
Data centers currently house the most valuable asset in our digitalized world: data. They determine our modern economic life, whether in product development, sales or service. Commercial data centers that provide storage services for other companies are the treasure troves of our time. No wonder that customers who outsource these services to service providers ask exactly which security measures are taken to ensure that their data and cloud applications are managed with the utmost security. The VdS guidelines from 2007, for example, already recommend the use of two-factor authentication instead of simple RFID access control as a secure access control. The planned KRITIS umbrella law will also define the requirements for physical security. It is therefore high time to look at biometrics as a means of access control.
What is meant by the term “two-factor authentication”?
Just having a card and knowing a PIN are not always enough. Access cards can be lost or forgotten. PINs can be passed on. The only thing that cannot be manipulated is a feature linked to human identity: for this reason, a biometric feature should be requested to verify the identity of the person seeking access beyond doubt. This ensures that only truly authorized persons gain access to a building or site.
How does biometric two-factor authentication work?
Biometric identification is carried out with the help of an infrared sensor that scans the palm of a person’s hand in less than a second. The venous blood absorbs the radiation. This process is contactless and is carried out by simply positioning the hand in front of the scanner. The fine network of veins is absolutely unique to each person. Not even identical twins have the same palm vein pattern. A software stores the pattern as a template and can use it to identify a person beyond doubt. The FAR (False Acceptance Rate) for palm vein recognition is 0.00008 %. The infrared radiation used for palm vein recognition is harmless to health.
If someone wants to open a door, for example to access the server room of the data center, they must first log in with the card at the palm vein reader and then confirm their identity with their hand. The current template is compared with the stored one. If the match is positive, the door is opened by an access control manager operating in the background. By storing the template on the card, the user retains control over their biometric data, which is desirable in terms of data protection. The system is suitable for everyone. In recent years, the palm vein recognition process has been further improved: it now also recognizes vein patterns that are only held in front of the sensor briefly or with shaky movements. The recognition process is completed in a short time.
To further increase security in the data center, a four-eyes principle is recommended for each server room: first, a palm vein reader secures this area, then two authorized persons must be present before the door opens.
Highly secure access systems combining biometrics, RFID and video.
In the PCS access system, palm vein authentication can be used in combination with other RFID access readers. Various models are available for different installation conditions, such as for integration into intercom systems, for use on metal or for outdoor applications. A higher-level access control manager administers the access readers and provides emergency buffers for fail-safe operation even in the event of a power outage.
Video surveillance is a useful addition to the access system. The latest cameras and video software offer impressive analysis options for monitoring and evaluating events. Video surveillance cameras actively support security personnel in the data center, for example, in tracking individuals across multiple cameras or automatically activating cameras when certain triggers are detected. Filter options for metadata, such as searching for specific clothing features of a suspicious person, are already available. In this way, the system optimally complements the human eye and its ability to concentrate.
These building blocks of a physical security system are bundled in the professional access control software. The software takes on the role of a solution platform for building security. It manages access profiles of persons, but also physical components such as access readers. Intelligent functions such as door open time monitoring minimize security risks that arise from the human factor.
Site plans with display of the current door status also support risk management. Another security feature is the software’s alerting and active notification of the security service in the event of abnormalities. A key prerequisite for the highly secure physical protection of data centers is therefore a powerful software such as DEXICON from PCS Systemtechnik, in order to be prepared for the implementation of physical protection in accordance with the new KRITIS umbrella regulation.
