Depending on who you are, you probably have a very strong opinion about the value of access control as an element of the security enterprise. Nonetheless, there are some very strongly held opinions on how to execute it. Each of this year's innovators has both a contribution and a strategy for access control and each places the emphasis on a different aspect or technique.
That is as it should be. Defense-in-depth demands that we not put all of our eggs in a single basket and it takes a coherent strategy for managing access, especially to a large, widely disbursed enterprise. This year's selections address biometrics, network access control, credential management, identity management and multifactor authentication. All of these aspects are critical to maintaining the integrity of the enterprise.
As we move away from wired to wireless enterprises, we also find it is necessary to pay close attention to security in the aspect of pervasive computing. Technically, pervasive computing includes more than just the enterprise. However, the devices that will become the targets of a pervasive computing strategy may well reside on the enterprise and require clear protection for access and credential control.
It is these new computing paradigms that are going to challenge us going forward and so we attack the challenges of access control as our first innovators group. As we describe these five subcategories and their innovators, consider where they will need to go in the next few years. We asked them that and in most cases received interesting and creative – if consistent – responses.
Also, the whole issue of deployment is open for discussion. There are multiple definitions of what one should include in an access control system. The selections from biometrics, NAC and authentication that we gathered together in this year's net are not only critical to information security, but also should satisfy the demands of as many SC Magazine readers as possible.