The specification is being developed by the PSIA's Physical-Logical Access Interoperability (PLAI) Working Group
PLAI specification streamlines and standardises the management of physical and logical identities

Cost effective, automated synchronisation of physical and logical identities, privileges and credentials took a major step toward becoming an industry standard today, with the Physical Security Interoperability Association (PSIA) releasing a draft proposal of its Physical-Logical Access Interoperability (PLAI) specification.

"We're excited about the potential the PLAI specification has for reshaping physical and logical identity access for the security industry," said David Bunzel, executive director, the PSIA. "With the PLAI specification, we're making it possible to achieve access, privilege and credentials management across physical and logical identities on a plug-and-play basis. This is a game changer."

The PSIA released the PLAI draft during a special session of the PLAI Working Group at ISC West in Las Vegas.

"Today we were pleased to demonstrate multiple disparate systems working seamlessly through the PLAI draft specification," said Mohammad Soleimani, chair of the PLAI Working Group and executive vice president and CTO, Kastle Systems. "That demonstration showed how the PLAI specification fundamentally changes the way the security industry approaches identity, privilege and access management. We are opening a door to enable broad, holistic solutions that span the physical and logical realms of identity."

During the ISC West demonstration, the PLAI specification enabled an identity to be entered into Microsoft's widely used and LDAP-compliant Active Directory, and then to automatically propagate all of that identity's associated privileges and credentials to physical access control systems (PACS). Similarly, when an identity was removed from Active Directory, the PLAI specification automatically propagated the revocation of privileges and credentials in the physical access control systems.

"Being able to automate temporary and permanent privilege management through the PLAI specification will significantly reduce administrative time and cost burden," said Mike Faddis, Director at Microsoft Global Security. "The PLAI specification streamlines and standardises the management of physical and logical identities, helping chief security officers effectively support Enterprise Security Risk Management."

The PLAI specification ensures the logical and physical access privileges associated with an employee's role are always synchronised. That enables a company to ensure a person is physically present before permitting access to databases or applications.

"That demonstration showed how the PLAI specification fundamentally changes the way the security industry approaches identity, privilege and access management"

Further, the PSIA's PLAI specification will enable automated inter-PACS interoperability in the market for the first time. Users can reduce multiple access cards because the inter-PACS interoperability automates the process of enabling an access card associated in one vendor's PACS to be used at entry points associated with a different PACS system as long as the card readers are the same.

"With the PLAI specification, the industry is getting functionality we've always wanted without spending significant time and money to build custom interfaces among dozens of systems," said Joshua Jackson, director, global product integration, Stanley Security.  "This specification opens the door for manufacturers and integrators to add a great deal of value to security solutions while minimizing cost and implementation time."

The PLAI specification builds on standards already used in the logical identity and access management world, including Role-Based Access Control (RBAC-RPE) and Lightweight Directory Access Protocol (LDAP). These will enable vendors and users to more easily map logical identities and their role-based privileges to physical identities.

The specification is being developed by the PSIA's Physical-Logical Access Interoperability (PLAI) Working Group, which includes Allegion (previously Ingersoll Rand), Brivo Systems, HID Global, Inovonics, Kastle, Z9 Security, Mercury Systems, Microsoft Global Security, Stanley Security, Tyco Security and UTC.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

HID Global news

ISC West 2019 Day Two: Explaining The New And The Tried-And-True

There are many new technologies at ISC West this year. There are also some tried-and-true solutions on display. More mature products have the benefit of being fully vetted and battle-tested, which may make them a more comfortable choice for security customers. I had a couple of discussions on Day 2 of the show about the advantages, and possible drawbacks, of new products. “To a security director, when you say ‘new,’ he translates that into ‘risk,’” says Bill...

Mail.Ru Selects HID Global For Enabling Secure Access Control Using Smartphones

HID Global, a trusted identity Solutions Company announced that Mail.Ru has chosen its HID Mobile Access solution for secure and convenient access control using smartphones and other cellphone devices. Need for access control Mail.Ru reaches over 91% of all Russian internet users via its mail platform and social networks. The company has more than 7,000 employees and a high volume of visitors to its Moscow offices, necessitating an access control solution that provides best-in-class secur...

Genea Officially Joins HID Global’s Advantage Partner Program

Genea Energy Partners, Inc. (Genea), a Software-as-a-Service (SaaS) company specializing in cloud-based building technology systems, announced its partnership with HID Global through its participation in the HID Global Advantage Partner Program. The program provides Genea optimal integration of its non-proprietary Access Control system with HID Global’s physical access control cloud platform, HID Origo. “HID Global has been and continues to be a trusted partner in the identity...

HID Global case studies

HID Global Civil Registry Solution Advances Antigua And Barbuda’s Transformation To A Digital Society

HID Global, an identity solutions company announces that Antigua and Barbuda have deployed HID® Integrale™ for CRVS to modernize the country’s civil registry system. The solution helps the country embark on a digital transformation by enabling the secure registration and reporting of life events of residents and visitors, and offers a single, true source of verifiable identity information. The Government of Antigua and Barbuda (GOAB), the Ministry of Information, Broa...

HID Global Deploys Its Secure HID Integrale End-To-End Solution For Libya’s First Diplomatic And Special ePassport Program

HID Global, the globally renowned company in trusted identity solutions, has announced that it has deployed the government of Libya’s first diplomatic and special ePassport program. HID Integrale HID Global provided Libya’s Ministry of Foreign Affairs (MOFA) with HID Integrale, a secure end-to-end solution that expedites the application and issuance processes and manages the entire ePassport lifecycle. For improved security, the redesigned and modernized booklets include a durable...

Access IS Delivers Contactless Transit Payment Solutions For Storstockholms Lokaltrafik To Secure Stockholm’s Public Transport

Access IS, part of HID Global, is delighted to celebrate the successful launch of contactless payments across the Stockholm region by SL (Storstockholms Lokaltrafik). Building on the successful mass deployment of Access-IS ticket readers and validators back in 2019, the latest upgrade to the system sees Access-IS devices in train gates and ticket offices as well as bus mounted validators being upgraded to permit full cEMV contactless payment capability. Contactless ticketing Ticket reading is...