ID Center – Biometric Authentication - Siemens

licoricebedsSecurity

Feb 22, 2014 (3 years and 6 months ago)

137 views

ID Center – Biometric Authentication
ID Center is a central authentication service which provides the basis for deciding who will get access to mission-critical

SW applications and data. Users can log on comfortably to a Windows network based on their fingerprint or palm vein patterns.
Using ID Center leads to dramatic cuts in the cost for help desk inquiries while at the same time providing the basis for

compliance with legal rules and regulations (i.a. HIPAA, FDA, SOX). No more non-secure or complex passwords through ID Center.
Biometrics. The Original.
www.siemens.com/biometrics
ID Center functions
Central authentication, offline mode for mobile users
Biometric identification based on fingerprint and palm vein patterns
ID Center is a central authentication service
which provides the basis for deciding who will
get access to mission-critical software
applications and data. For this purpose,

ID Center uses biometric characteristics or
identification tokens (smart cards) or a combi
-
nation of the two. ID Center runs on a high-
availability server. Mobile users can continue
to use biometrics or smart card based user
logon procedures even without a direct
connection to the ID Center server.
Users are authenticated only on the basis of a
given biometric characteristic, without any
further information. The biometric methods
available for this purpose are fingerprint or
palm vein patterns (Fujitsu PalmSecure
technology). For fingerprints, the optional
“Fast Identify” component guarantees
response times between 1 and 2 seconds,
even with several thousand users. Where
palm vein pattern detection is concerned, we
recommend smaller user groups or the use of
biometric verification.
Biometric verification based on fingerprints, palm vein structure, and

smart cards of the type ID card or Public Key Infrastructure (PKI) card
signatures. When PKI smart cards are used,

ID Center performs a certificate-based logon
to the Windows network. Alternatively,
ID Center supports the use of more cost-
effective smart cards to provide a secure
authentication in combination with a
biometric characteristic, and optionally a PIN.
Biometric verification implies that users have
to supply additional information (e.g., logon
name, personnel number, smart card) in
addition to a biometric characteristic.
ID Center also permits the use of PKI smart
cards, which may already be in use within an
organization for the purpose of digital
Security guidelines can be specified individu
-
ally for each supported software application.
These guidelines determine which combination
of biometrics, smart cards and passwords is
needed to obtain access to the given applica
-
tion, and can also govern how the software is
to behave when a smart card is inserted or
removed. The ID Center security guidelines
define the criteria for user authentication for
a given application throughout the organiza
-
tion. In addition, the administrator is able to
assign alternative authentication methods to
individual users.
Tailored security guidelines
ID Center
Powerful server-based
biometric identification for
high processing speed and
volume.
User-friendly client user interface with new design and

Windows Vista WOW effect
ID Center comes with a completely new client-
side graphical user interface, which
incorporates feedback and insights gained
from usability studies. The new look&feel
seamlessly integrates with Windows Vista.
Biometric data management for physical access

It is possible to manage the biometric data
needed for controlling access to buildings in
ID Center and synchronize this data with door
readers via a network connection, which
ensures consistent and uniform biometric
data for building and network access.
Easy-to-use administration tools, activity statistics at the user level,
high-granularity auditing
ID Center offers an easy-to-use administration
user interface for the capturing and admini
-
stration of biometric reference data (enroll
-
ment) and the registration of smart cards.
Administrative functions for data migration
from other databases (XML import interface,
import from Microsoft Active Directory) and
for defining security guidelines for applica
-
tions are all available in one place. The
functionality includes activity statistics at the
user level, for instance to identify inactive
user accounts, or the customized compilation
of audits and the generation of tailor-made
input for specific reports.
Easy to integrate in COM+ and Web Services based on server-side interfaces
ID Center makes its authentication service
available for integration via COM+ interfaces
and also in Web Service technology, enabling
every software application in the organization
to use ID Center as its authentication service
and thus ensuring end-to-end biometric
authentication.
ID Center can easily be combined with an SSO
system such as the Citrix Password Manager.
Conventional SSO systems can thus benefit
from the advantages of ID Center‘s biometric
authentication mechanisms without the need
for any additional components. Repeated re-
authentication becomes possible without any
loss of ease and comfort. This is a convenient
way to compensate for the classic security
drawback of SSO systems, where authentica
-
tion takes place only once.
ID Center is Citrix ready®.
Integration with Single Sign On (SSO) systems, e.g. Citrix Password Manager
Improved Internet Extensions
ID Center authentication mechanisms can be
used for a wide range of browser-based
applications. This allows end-to-end biometrics-
based authentication for network access and
intranet/internet applications.
© Siemens AG Österreich 2007.
Technical information provided refers only to the product specifications and does not constitute any warranty of specific
features and characteristics. Binding information can be obtained only from drawings combined with product specifications.
All rights reserved. Published by Siemens AG Österreich, Siemens IT Solutions and Services PSE, Gudrunstraße 11- A-1100
Vienna. All trade names or trade marks mentioned herein are trade names or trade marks of their respective owners.
Subject to alteration. Errors and omissions excepted.
Susquehanna Health System: Protection of sensitive medical data
The Susquehanna Health System in the USA is an alliance of three regional hospitals that has been
using the Soarian Clinicals and Soarian Financials solutions from Siemens Medical Solutions for years
now. As the healthcare sector places particularly high demands on IT security, access to Soarian is
now protected by a high-security component, the biometric authentication system ID Center. After
ID Center had proven its practical value as security solution in its initial 500-user configuration in
2002, the Susquehanna Health System rolled out the biometric solution throughout the whole
organization: All the clinical as well as administrative staff – a total of 3,000 persons – now use
their fingerprints for authentication when accessing a multitude of applications. Depending on their
access rights, users will find different applications on their desktops, from workflows for patient
registration to clinical programs, patient reports, nursing care plans to drug dispensary. Additional
security measures – for example, renewed fingerprint-based authentication for the dispensing
of special drugs – are easy to implement. The high IT administration cost caused by forgotten
passwords is declining steadily, giving the hospital staff valuable time they need to attend to their
patients.
Styrian health insurance fund: User identification and access control
Access to the IT premises and desktop systems at the Styrian health insurance fund is protected by
ID Center, a biometric system featuring fingerprint recognition. It not only meets the high security
requirements, but also saves costs and is easy to use. Staff no longer needs to remember lots of
different passwords, and the risks of passwords being spied out or forgotten are a thing of the past.
Thanks to a combination of SiPass – a Siemens building access control system – and ID Center, only
one registration procedure per person is required. The biometric data is first captured in ID Center,
converted into biometric reference patterns and assigned to user accounts. This enrollment is
followed by the log-on process for the defined applications with the help of a biometric terminal
device, e.g. the ID mouse. What is more, the fingerprint image reference data is also made available
to the door-mounted readers of the building access control system. When authorized persons place
their fingers on the door sensor, the door unlocks automatically. The first stage of the project, which
comprises protection for 10 doors and 100 workplace systems, was started in 2005. Meanwhile,
1,100 workplaces have been linked up to the system.
Success Stories
Contact
Siemens IT Solutions and Services
Biometrics Center
Siemens AG Österreich, PSE
Strassganger Strasse 315
A-8054 Graz
E-Mail:
fpsolutions.at@siemens.com
www.siemensidcenter.com
www.siemens.com/biometrics