Physical security systems include equipment and processes that implement physical security measures for incidents, access control, monitoring systems, lighting, security, audits, inspection, facility management, building automation, and the like. Almost all businesses, large commercial and government facilities, and many homes utilize physical security systems to alert owners and operators about potentially harmful activities such as intrusion, theft, fire, flooding, gas leaks, and so on. Such systems typically comprise sensors, alarm units and control systems that provide proprietary methods of control and feedback data formats using different communication for different alarm events. Many large businesses and entities also employ access control systems that monitor and control personnel access to physical resources such as buildings and offices, and even asset movement (e.g., products or material) to and from the premises. These systems generally include a proprietary repository of individual records and access privileges and control access control hardware such as readers (e.g., for access cards, biometric sensors, etc.) and controllers (e.g., door controllers) for allowing or disallowing access to physical resources and/or areas of a building.
Many different physical security systems are available on the market, and are manufactured by a variety of vendors, each of which may have its own standards of data representation and exchange. Large entities, such as big corporations or government departments may utilize multiple physical access control systems distributed across the world, or even within certain locations, such as a single building. These can have multiple representations of individuals or assets, and non-uniform policies for access to physical resources. Besides the representation of entities within the system, alarm triggering events can also be represented differently among different vendors, or even within different security systems from a single vendor. The access and alarm events from different physical security systems generally do not follow standard definitions. This prevents the creation of uniform policy, enforcement and compliance procedures across corporations and multiple systems.
Some attempts have been made to standardize the communication protocols between various building automation systems. One such communications protocol is BACnet, for automation and control systems for HVAC (heating ventilating and air conditioning), lighting control, etc. Such communication standards, however, are limited to building automation functions and do not provide seamless integration with other physical security or network security control systems.
What is needed, therefore, is a system that defines a uniform data format for the entities and events controlled by disparate physical security systems. What is further needed is a system that allows the definition of data and events along policy rules enforced in real-time by a policy engine within an integrated physical security environment.
What is further needed is a system and process to define physical security, network and IT system as visual objects to be used in a visual policy creation tool that is used to diagrammatically define physical security policies and enforce them on disparate security systems, data changes and events, and to translate the visual policies to standardized rules format that can be enforced in real-time by a policy engine.