To uniquely identify, authenticate and authorize a person in order to just grant the person the rights assigned to him, for example with respect to the operation of a system or access to a system, is at present becoming increasingly important. The conventional access control systems have long since reached their limits with respect to these increased requirements. Furthermore, the authentication of a user is based on hardware components (codes, chip cards etc.) or on password systems (password, PIN/TAN etc.). They can be relatively easily overcome using criminal methods such as the kidnapping or blackmail of the key holder, robbery or duplication of chip cards, data theft etc, and can possibly be lost or forgotten. For these reasons, such access control systems cannot meet the increased security requirements.
In addition to the authentication, the administration of the authorization plays an ever more important role due to the increasingly frequent changeover of administrative personnel, even though administration is very expensive. Up to now, the authorization of persons for a specific application was usually carried out by an empowered person (e.g. the system administrator) who granted authorizations. The granting of an authorization often takes a long time because administration and approval procedures must be complied with. Where there are changes in tasks, the granted authorization has to be reassigned if necessary.
Newer, more efficient approaches, based on biometric methods for example, can also often not really be applied in the harsh working environment of the production process because they usually require a clean, office-type working situation for the optical or electrical detection process. Furthermore, the biometric methods used so far have an unacceptable failure rate, especially if only a biometric method is used for access control.