ACI PS&S Spring Conference 2015
SAFE for Aviation
Airport Identity Management System v4.8
Kristi Crase, Director of Vertical
Market Development
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Agenda
•
Security Challenges Facing Airports Today
•
Identity Management Defined
•
SAFE for Aviation Overview
•
Value Proposition
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Security and Operational Challenges at Airports Today
Compliance/Audit Anomalies; Paper-based, error
prone operations
Balancing Business Friendly / Insider Threat
Customer Service levels are difficult to maintain;
Difficult to scale
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Security and Operational Challenges at Airports Today
Limited Security Intelligence – primarily reactive
Little integration across authoritative systems in
use
Difficult to adapt to changing regulations and the
latest crisis; Limited improvements
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Identity Management Defined
Identity Management (IDMS)
•
Modern, Enterprise Software platform designed to manage the
lifecycle of an airport worker
•
Web based, automated solution allowing for a paperless
environment
•
Cross airport solution encompassing many user groups, systems,
rules and policies
•
Locally hosted system that integrates with existing systems of truth
•
Management overlay that allows for increased efficiencies, reduced
costs and better customer service
•
Process automation tool that provides risk mitigation of insider
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SOC / Comms Aviation Security/Ops
Authorized Signatories Ticketing / Violations
Cross Airport Departments -Role-based Users
Finance
Physical Identity Management Concept
Employer Manager
(Authorized Signatories, Badge Types, Fees, Exemptions, Insurances, Privileges)
Training (CBT Integration – IET, SSI, Etc.) Electronic Audit & Attestation
(10% / 100% Employer)
Biographic Information
Asset Manager - Metal Keys
(Issuance / Audit / Tracking)
DACS Integration – TSC, TelosID, Morpho (TSA STA, FBI CHRC, DOJ, CBP etc…)
Optional: Watchlist Mgr.– No Fly /Selectee
Physical Access Control System (Card #, Access Privileges)
Breeder /Airport Document Manager (Paperless Process - ID Auth. / E-Signature)
Appointment Scheduler
(Trainings / Fingerprinting / Badging / Etc.)
Financial Manager
(Billing / Invoicing)
Optional: POS Integration
Infraction Manager
(Violations / Penalties)
Optional: Mobile Devices
Vehicle Manager
(Parking / Permits / Audits)
AV Reporting & Dashboards
Optional: Analytics / Trending
Livescan Integration / Biometric Enrollment (Identix / Crossmatch / Morpho)
Physical Identity
Credential Production
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE for Aviation Suite
Workflows Orchestration Policy/Rules
SAFE Policy Server
Database SAFE Livescan Agents SAFE DACS Agents SAFE PACS Agents SAFE CBT Agents Training System Biometric Capture and Repository Federal / State
Security Checks Multiple PACS
SAFE Integration Framework
• Employer Manager
• Authorized Sig Portal
• Regulatory Compliance
• Document Manager
• Paperless Badging
• Attestation & Audit
• Security Reporter • PACS/CBT Integration • Infraction Manager • Financial Manager • Asset Manager • Vehicles Manager • Visitor Manager
• Watch list Manager
• Appointment Scheduler • Event Correlation • Aviation Analytics • iOs/Android • DL / Passport Auth. • Touchscreen Forms • Electronic Signature • Document Scanners • Biometric Enrollers • Modern Cameras
• In line Print/ Encode
Comprehensive Offering for Aviation – SAFE for Aviation
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Proposed Security Solution-Value Proposition
100% Real-Time Compliance; Automated,
Paperless Environment
Cross-Airport Solution
Immediate Operating Cost Reduction
Improved Levels of Customer Service
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Return on Investment Calculator
Immediate Cost Savings for the Airport and its Customers
•
Typical payback period for SAFE solution - <3 years
•
Percentage of staff time recovered by eliminating manual tasks –
up
to 25%
•
Percentage of staff time recovered by reducing errors & corrections
–
up to 80%
•
Cost per new badge reduced through efficient process –
up to 50%
•
Ability to efficiently track and bill for material and operational costs
–
recoup up to 100% of credentialing costs
•
Risk mitigation of insider security events and breaches –
potentially
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Quantum Secure – The Leading Identity Management
Solution Provider
Quantum Secure offers SAFE -
an enterprise software suite
that streamlines the
physical identity and
access management lifecycle
• Founded in 2004
• 6 Years of 100% Consecutive Growth • 200+ Employees
• Headquarters in Silicon Valley, California
Background
• Patented technology
• Over 5 Million Identities Managed by SAFE
• Off the shelf support for 55+ access control systems – all major vendors
• First Airport solution live in 2008 – Greater Toronto Airport Authority • Dedicated Aviation Vertical Team with deep aviation experience –
Sales through Support
• Sell direct and through major systems integrators
Product
• Over 90 Customers: Fortune 500, Government, Airports, Financial Services, Energy, Telecom
• Business Partner: AAAE/TSC/IET, Crossmatch, Telos ID, Morpho Trust USA, SSI, Everbridge
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Deployments in Aviation Today
• San Francisco International Airport-SFO (2010) • Phoenix Sky Harbor-PHX (2013)
• Port of Seattle-SEA (2014) • Massport-Boston/Logan-BOS (2015)
CAT X
• Portland International-PDX (2015)CAT 1
• Columbia Metropolitan-CAE (2013)• Atlantic City International Airport-ACY (2014) • Richmond International Airport-RIC (2014) • Wichita Kansas-ICT (2015)
• Westchester County-HPN (2014)
CAT 2
• Aspen Pitkin County Airport-ASE (2010) • Friedman Memorial Airport-SUN (2013) • Elmira-Corning Regional Airport-ELM (2013)
CAT 3
• Sao Paulo-Guarulhos International Airport-GRU (2014) • Toronto Pearson International Airport-GTAA (2008)
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
© 2014 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008 © 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
IT Considerations
•
Infrastructure
•
Failover, UAT, Retention/Backups, Server Administration, Certificates (SSL)
•
Network
•
Firewalls, Access between SAFE and PACS, VPN(s)
•
Peripherals / Badging Workstations
•
Spares, Troubleshooting, Admin rights, Workstation Standards
•
Implementation, Administration & Upgrades
•
Integrations, Testing, Promotion to Production, New Integrations,
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
PACS 1-n Local Training
SSI / manual Livescan Identix / Morpho CrossMatch Term 1 Term 2 International Identix / Morpho Crossmatch DACS STA / CHRC CBP FIREWALL SOC Aviation Security Comm. Airfield Operations Parking
SAFE Authorized Signatory Portal Paperless Applicants, Renewals, Audits
Public Internet SSL 30 day badge expiration, Background check clearance complete, Violations, etc. Email notifications VPN Authenticate Paper Forms Review Financials Encode & Print Smartcards Verify Fingerprint Manage Visitors Photo Capture Print Badge Input Fingerprint
SAFE Credentialing Stations Web Based – All common browsers
supported
PeripheralSupport - printers, biometrics, cameras, document
scanners, DL readers
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE for Aviation – Procurement Options
Capital Expenditure Options:
•
Standard Software Perpetual License Purchase
. Quantum Secure offers catalog pricing for the
out-right purchase of software licenses, professional services and annual maintenance. This option
provides ownership rights of the software to the airport.
•
GSA Schedule
. Quantum Secure SAFE for Aviation can be purchased off GSA Schedule 70 and 84
allowing airports a cleaner path for procurement.
•
State Contracts (ex. TEXMASS)
•
AIP/Federal Grants and Funds
. Quantum Secure SAFE for Aviation can be purchased using federal
grants and funds.
Operating Expenditure Options:
•
Subscription Model.
This option wraps software licenses, professional services and maintenance in
the monthly subscription price (could include additional services per month for tuning/changes).
•
NEW: Pay As You Go Model
. Pricing based on size of customer and projected transaction amounts;
cost per transaction and length of contract are determined by airport id count and transaction
count.
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
Comprehensive management of fees and billing rules for companies and all interactions and transactions SAFE for Aviation is part of; can be integrated with Airport Financials Systems/Dept. and Point of Sale CC payment processing
Manages permit issuance, parking, audits, and vehicle details for land side and airside vehicles associated with companies and their workers
Issue, track, audit metal keys and other access/security assigned assets
Allows flagging of any persons of interest across your environment by allowing your teams to indicate people at risk as well as incorporation of TSA No Fly / Selectee lists for comparisons
Permits authorized personnel to issue
citations and manage them compliant to your airport Rules and Regulations; utilizes
Authorized Signatory Portal
Robust business information, trend analysis and dash boarding tools
Configurable appointment scheduling for use by Authorized Signatories and
Applicants/Badge holders
Supporting user interactions using all common type mobile devices – iPhone/Android for convenience - notifications, infraction issuance, etc.
Physical Security Information Management (PSIM) integration that allows data exchange between SAFE and PSIM systems like NICE, Proximex and VidSys through web services
Web-based solution for visitor
pre-registration, visitor check-in/check-out and badge printing functions; integrates with different peripherals for streamlining and automation
Optional SAFE for Aviation Modules
SAFE Financial Manager SAFE Asset Manager SAFE Infractions Manager SAFE Appointment Scheduler SAFE Vehicle Manager SAFE Watchlist Manager SAFE Analytics for Aviation SAFE Mobile Applications SAFE Visitor Manager SAFE Identity & Event
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE for Aviation Peripherals
Modern, inexpensive cameras; utilize “Face Finder” technology to ensure ease of
getting the photo right
High-speed, multi-page and single-page scanners enable rapid capture of breeder and
other documents into the SAFE for Aviation document management repository
Used for receipt of badge, acknowledgement of terms and conditions, etc.; allows
storage of signature within badge holder record for future comparisons
Supports use at biometric access points (ANSI 378) as well as authentication of
individuals at touch points in your airport including citations, training, badging office,
etc.
Eliminate paper by displaying and retrieving acknowledgement for forms like
Disqualifying Crimes, Privacy Act, Terms & Conditions, etc.
Verify authenticity of scanned document (US & Intl.) and provide risk score on
authenticity while capturing data and image of standard document for direct use in
SAFE for Aviation
Photo Capture Document Scanning Electronic Signature Fingerprint Biometric Touch Screen Tablet ID Verification
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Integration Framework
•
Provides the foundation for bi-directional data exchange with integrated systems
•Out-of-the-box agents for more than 50 PACS and other systems like HR, IDM, ERP,
LDAP, Background Check, Training, Mass Notification, Biometrics etc.
About SAFE Agent
• Built-in publish/subscribe functionality
• Real-time and event-based processing
• Guaranteed message delivery
• Conflict and acknowledgment processes
• Message translator and normalizer
• Schema and Security Configuration Download Manager
• Pre-built system specific data model, i.e. PACS, IDM
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Policy Editor
•
Provides the ability to centrally define security policy rules and workflows
•Patented graphical tool allows easy flowcharting of a security policy rule
•
Includes pre-defined policies for TSA compliance, badging and other operations
Policy Automation in SAFE
•
Microsoft Visio based interface
•
Drag-and-drop and link “live
objects” to create schematic
representation of a policy
•
System automatically converts
the drawing into rule set for
the underlying systems
•
Includes out-of-the-box rules
based on proven best practices
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Deployment – GTAA
•Canada’s biggest & busiest airport •Handling 30 million+ passengers/year •80,000 identities under management
•Pass/Permit Control Office (PPCO) administers 33,000 active personnel •Serves 175 clients/day (over 43,000
per year)
Background:
•Reduce long processing times •Improve customer service
•Eliminate loss of newly hired workers (tenant employees) due to lengthy badging process
•Increase security compliance
•Improve ability and reduce costs of enforcing consistent security controls •Automate manual processes
•Reduce time to obtain a PPCO appointment
Requirements:
•Time for on-boarding IDs went from 577 min down to 72 min •Price per ID processing went from $49/card to $35/card
•Average wait times reduced from 560 minutes to 20 minutes, a 96% reduction •Faster processing = better client service
•Single-source data = high physical security controls •Reliable reporting = effective business operations
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Deployment – San Francisco International
•Category X airport that handles over 40-million passengers each year •Tenth largest in the United States and one of the world’s 30-busiest airports
•Multiple departments within the airport – Aviation Security, Airfield Operations, Security Operations Center etc.
Background:
•Management of entire badging process
•A system that could work across multiple departments and systems within the airport •Automating manual processes related to background checks, access credential issuance
and access privilege assignment
•Issuance of multi-technology, highly secure badges for use with multiple PACS and biometric access devices
•Provisioning of biographic and biometric information onto the badge contact-less chip •Dynamically driven enrollment processes appropriate to each applicant
•Electronic, workflow-driven processes for assignment of metal keys and other access devices to identities
•Integration with computer-based training systems for real-time validation of training credentials
Requirements:
•Streamlined security operations •Improved level of customer services •Simplification of compliance needs
•Real-time compliance with current TSA security directives •Reduction in data entry errors
•Optimization of the management of TSA-regulated badging processes SAFE Benefits:
© 2015 Quantum Secure, Incorporated. All Rights Reserved. Confidential. (408) 453-1008
SAFE Deployment – Aspen Airport
• County-owned public-use airport
• 44,000 square foot single-floor terminal facility, including six rental car operations, a year-round guest services operation, a restaurant and gift shop concessions.
• Largely seasonal employee base and a small airport badging staff Background:
• Simplified provisioning of all personnel into their airport identity management system
• Seamless integration of disparate biometric devices into one user interface • Incorporation of Biometric Airport Security Identification Consortium
(BASIC) practices
• Manage the issuance of pre-encoded proximity cards for different types of badge layouts
• Integration with centralized billing system
• Provide central repository for capturing, storing and managing documents Requirements:
• Streamlined security operations • Huge reductions in operating costs
• Future-proofing of the physical security infrastructure • Simplification of badging operations through automation • Reliable and accurate reporting on pass office operations • Real-time compliance with the TSA security directives SAFE Benefits: