Physical Access End-to-End Security

Similar documents
Keith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002

Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation

Using the Prototype TWIC for Access A System Integrator Perspective

Strategies for the Implementation of PIV I Secure Identity Credentials

TWIC / CAC Wiegand 58 bit format

T h e re is an upgrade route to larger configurations. O v e rv i e w

DHS ID & CREDENTIALING INITIATIVE IPT MEETING

TWIC Transportation Worker Identification Credential. Overview

multiclass MHz Contactless and 125 khz Proximity Cards and Readers

eh880 Secure Smart Card Terminal

SYSTEM GALAXY HARDWARE. 635-Series

FACIAL RECOGNITION TERMINAL SYSTEM

Secure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories

Corporate Commitment to Excellence

Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?

PRODUCT INFORMATION BULLETIN

The Future of Smart Cards: Bigger, Faster and More Secure

HID Proximity Credentials

There is an increasing desire and need to combine the logical access and physical access functions of major organizations.

Pegasus Equipments Export Limited. Local Contact:

NFC Identity and Access Control

Credentialing Project Technical Architecture

g6 Authentication Platform

INNOMETRIKS INC. Rhino Quick Start Guide

DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics

Match On Card MINEX 2

Sphinx Feature List. Summary. Windows Logon Features. Card-secured logon to Windows. End-user managed Windows logon data

Power LogOn s Features - Check List

ACR880 GPRS Portable Smart Card Terminal

AWARD TOP PERFORMER. Minex III FpVTE PFT II FRVT PRODUCT SHEET. Match on Card. Secure fingerprint verification directly on the card

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

Single Secure Credential to Access Facilities and IT Resources

IN A FAST MOVING WORLD YOU CAN RELY ON AC2000; A POWERFUL ACCESS CONTROL AND SECURITY MANAGEMENT SYSTEM AC2000

Specifications based on the usage

Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS

Powering the enterprise-grade mobile access experience.

Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform

CREDENTSYS CARD FAMILY

Physical Access Control Systems and FIPS 201

TMAS G 120 / G100-RF / G80 Multifunctional Access and Security Terminal

TECHNOLOGY SOLUTIONS BRIEF

TWIC Readers What to Expect

Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility

SC-1 Smart Card Token. QUICK Reference. Copyright 2007 CRYPTOCard Corporation All Rights Reserved

Knowledge Base Article

Cardax FT XtraSec. System Catalogue ELM

5. Execute the attack and obtain unauthorized access to the system.

aptiq Multi-technology readers Overview Features and benefits Accommodates interior, exterior, metal, and non-metal installation environments

Contactless Technology for Secure Physical Access: Technology and Standards Choices

DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017

Authentication Technologies

Smart Access Control System Software. User Manual. Version 1.0

The Leader in Unified Access and Intrusion

MaCaPS International Ltd

Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005

"How-To-Order" Guide - Bioscrypt Biometric Readers

Identiv FICAM Readers

Interagency Advisory Board Meeting Agenda, February 2, 2009

Presentation of the Interoperability specification for ICCs and Personal Computer Systems, Revision 2.0

Using PIV Technology Outside the US Government

ACCESS CONTROL Products 2017

Leveraging RFID: The Evolution of Security and Access Control April 30, 2013

advant power Fully scalable fully flexible advanced contactless smart card system Key applications & standards

ACR3801. FIPS 201 Certified. PC-linked Smart Card Reader. Technical Specifications.

ACR880 GPRS Portable Smart Card Terminal

Secure Government Computing Initiatives & SecureZIP

Interagency Advisory Board (IAB) Meeting. August 09, 2005

Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008

Changes to SP (SP ) Ketan Mehta NIST PIV Team NIST ITL Computer Security Division

ACCESS CONTROL SYSTEM

Smart Cards & Credentialing in the Federal Government

Physical Access Control Systems and FIPS 201 Physical Access Council Smart Card Alliance December 2005

Digitus Biometrics Product Catalogue. Request a quote or design assistance by ing or calling

Datenblatt / Specifications. ACR880 GPRS Portable Smart Card Terminal. idvation GmbH

AXP-400. Enterprise. Access Solution

GE Security Smart Cards & T-7xx Readers How to Order Guide PN: HTOG

Building Technologies. Access Control SiPass networked - simple & networkable for everyday use

Identiv TS Readers. Ordering Guide. October 2016

Securefast SPECIFICATION MANUAL. Entra Access Control. Part of the Securefast Group SECUREFAST DEEDLOCK PINSON TATE COLSON. securefast.co.uk.

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop

Bluetooth mobile solutions APPLICATION NOTE / FAQ. Page 1 on 24

pivclass How to Order Guide

New Product Announcement

COMPUTER NETWORK SECURITY

13.56 MHz Contactless Technology How to Order Guide

FiXs - Federated and Secure Identity Management in Operation

IAB Minutes Page 1 of 6 April 18, 2006

Office of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)

Lecture 9 User Authentication

ADmitMac PKI Executive Summary. 2010, Thursby Software Systems, Inc.

HIPAA Security. 3 Security Standards: Physical Safeguards. Security Topics

TWIC Program Overview for the Smart Cards in Government Conference March 10, 2004

DIGITUS BIOMETRICS PRODUCT GUIDE 2013

TWIC Implementation Challenges and Successes at the Port of LA. July 20, 2011

Module 5: Smart Card Usage Models Identity, Security and Access Control

ACTPRO ACCESS CONTROL. Specification Guide

Digitus Biometrics Product Guide

Leveraging HSPD-12 to Meet E-authentication E

TL100C Features: Real-time 1-touch data export 3rd party hosted & non-hosted applications

Technical Implementation Guidance: Smart Card Enabled Physical Access Control Systems Draft Version 2.3E

Transcription:

Physical Access End-to-End Security Smart Card Alliance Smart Cards in Government-2003 July 16, 2003 Physical Access 3:45 PM Robert Merkert Director, Strategic Accounts All Company and/or product names are trademarks and/or registered trademarks of their respective owners.

Historical Perspective - 1 1999 Dr. John Hamre, Deputy Secretary of Defense issues a memo to create a Common Access Card for Physical and Logical Access 2000 - GSA Smart Card Contract awarded 2000 - First Smart Card Interoperability Document issued 2001 Awareness of our vulnerability to attack on strategic infrastructures 2002 NIST issues Government Smart Card Interoperability specifications for contact smart cards 2002 Physical Access Interoperability Working Group (PAIWG) set up by Government agencies

Historical Perspective - 2 2002 State Department Contact Card Physical Access system put in place 2003 GSA Buildings begin installation of smart card physical access systems 2003 - NIST issues GSC-IS v2.1 to include interoperability of contactless smart cards DoD begins investigation of contact/contactless CAC card to integrate physical access control function 2003 Department of Homeland Security created. TSA and TWIC programs leading to pilot phase of physical access control for airport and seaport security 2003 - Smart Card Alliance initiates Physical Access Smart Card white paper

System Overview Main Players Access Control System Developer, Servers, Control Panels Readers and Cards Door Locks and Entrance Control System Integrator and System Installer

Simplified System Overview Access Control Badging Guard Workstation Servers LAN/WAN LAN/WAN TCP/IP MODEM MODEM RS-485 LAN/IF RS-485 Control Wiegand 1 to 32 Readers Panels Access Control Readers and Controlled Doors

System Requirements PAIWG Interoperability NIST GSC-IS v2.1 compliance Contact and Contactless Smart Card interfaces Contact card ISO 7816 Contactless card ISO 14443, parts 1-4 with a FIPS 140-2 approved algorithm Three factor authentication on exterior entrances Card, PIN, Biometric Two factor authentication on interior doorways (except some high security areas)

System Authentication Three factor authentication Smart Card (something you have) PIN (something you know) Biometric (something you are) Two-factor authentication Smart Card and PIN Smart Card and Biometric Copyright, SCM Microsystems. All rights reserved.

Security = Personal Authentication levels of authentication for an ID System Graph Relative Security Level Something You Have + Something You Know + Something You Are + + Something You Have + Something You Are + Biometric Something You Have + Something You Know ID Card + Something You Have Key or Card Something You Know PIN, Password Solutions

System Desires Compatible with currently installed controlled panels using the Wiegand (tm) communications channel and protocol. Secure channel capability. Authentication of the card and reader. Bi-directional RS-485 or TCP/IP communications channel to the control panel and/or server. Multi-level authentication modes under the control of the Acces Control Server Programmable Card Reader to extract SEIWG-12 data string or other ID string from the card.

Power Wiegand System Interface Wiegand Unlock ID Number Status * ** Interfaces between Control Panel and Access Control Readers and Controlled Doors

Full Duplex Secure Channel Concept Power Full Duplex Secure Unlock Channel Status * ** Full duplex intelligent interface between Control Panel and Access Control Readers

Secure Channel Concept Access Control Control Card Smart Server Panel Reader Card Secure authenticated Secure encrypted channels Communication ISO 7816 or ISO 14443

Programmable Security Levels Security Level Severe High Significant Guarded Low Access requirement example Contact Card, PIN, and Biometric Contact Card and Biometric Contact Card and PIN Contactless Card and PIN Contactless Card

Alternate Secure Channel Approach ADMINISTRATIVE CONTROL Access Control Server TCP/IP or RS-485 RS-485 Control Panels DOOR ACCESS CARD ID Access Control Readers with Server interface

Images courtesy of Gemplus Smart Cards for Access Control Diagrams courtesy of Atmel Corporation Contact Smart Card Contactless Smart Cards Hybrid Smart Cards a card with both a contact chip and a contactless chip Dual Interface Smart Card a single microprocessor smart chip with both a contact interface and a contactless interface.

Available Combined Technologies Different technologies can be combined: 125 khz Proximity 14443A & 14443B, 15693 13.56MHz Smart cards Contact smart cards Magnetic stripe Bar Code Photo Printing Holograms Special inks ISO/IEC 7810, 7811, 7816, Diagram courtesy Of HID Corporation

Typical three-factor Card Reader LCD display Smart Card Reader Fingerprint sensor Secure Pinpad Status LEDs indicating Security Level Acoustic alarm Contactless reader Dimensions: 175x135x45 mm (indication concept measurements)

Typical interior Card Readers Contact/RF PINPAD PINPAD/ Biometrics

Interior Portals

Exterior Installation

Entrance Portals Photo Courtesy of Gunnebo Omega

Entrance Portals Photo Courtesy of BOON EDAM

Summary Many factors are converging to provide cost-effective interoperable Physical Access Systems for both Government and Industry There is a movement towards secure channel Physical Access Systems Homeland Security will be greatly increased through the use of these improved Physical Access Systems

Contact Information For more information, contact Bob Merkert 856-784-7177 rmerkert@scmmicro.com Visit us at our SCA Booth

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback