There is an increasing desire and need to combine the logical access and physical access functions of major organizations.

Similar documents
Strategies for the Implementation of PIV I Secure Identity Credentials

Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS

Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008

Secure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories

TWIC / CAC Wiegand 58 bit format

Single Secure Credential to Access Facilities and IT Resources

(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US

Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011

Paul A. Karger

Defense Information System for Security (DISS) Frequently Asked Questions (FAQs)

Secure Government Computing Initiatives & SecureZIP

g6 Authentication Platform

DATA SHEET. ez/piv CARD KEY FEATURES:

FiXs - Federated and Secure Identity Management in Operation

CertiPath TrustVisitor and TrustManager. The need for visitor management in FICAM Compliant PACS

Interagency Advisory Board Meeting Agenda, February 2, 2009

NESSO QUICKSTART GUIDE

Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?

Services Directorate Dual Persona User Guide for DoD Enterprise Portal Service Military Sealift Command Version September 8, 2016

DHS ID & CREDENTIALING INITIATIVE IPT MEETING

Interagency Advisory Board (IAB) Meeting. August 09, 2005

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform

No More Excuses: Feds Need to Lead with Strong Authentication!

Federated Access. Identity & Privacy Protection

Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery

HSPD-12 : The Role of Federal PKI

Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013

Defense Manpower Data Center CAC/PKI NFC

AD-Series Electronic Locks with FIPS201 Compliant Multi- Technology Readers February 2011

CERN Certification Authority

NFC Identity and Access Control

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

Helping Meet the OMB Directive

Mandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.

Cryptologic and Cyber Systems Division

Keith Ward Northrop Grumman IT Smart Card Security Solutions June 04, 2002

Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012

Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005

Interagency Advisory Board Meeting Agenda, April 27, 2011

PIV-Interoperable Credential Case Studies

Smart Cards & Credentialing in the Federal Government

FIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013

DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics

Student ID card and campus security solutions. Colleges and universities

Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation

State of Colorado Cyber Security Policies

HITPC Stage 3 Request for Comments Smart Card Alliance Comments January, 14, 2013

Using PIV Technology Outside the US Government

Physical Access End-to-End Security

IMPLEMENTING AN HSPD-12 SOLUTION

Corporate Commitment to Excellence

Using Workspace ONE PIV-D Manager. VMware Workspace ONE UEM 1811 VMware Workspace ONE PIV-D Manager

Strong Authentication for Physical Access using Mobile Devices

Interagency Advisory Board Meeting Agenda, March 5, 2009

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

000027

State of the Industry and Councils Reports. Access Control Council

VMware PIV-D Manager Deployment Guide

SYSTEM GALAXY HARDWARE. 635-Series

DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017

TWIC Transportation Worker Identification Credential. Overview

T A B L E O F C O N T E N T S

Certification Authority

DMDC Card Technologies & Identification Systems Division. Evaluation of NIST SP End State Reference Implementation. Version 1.

existing customer base (commercial and guidance and directives and all Federal regulations as federal)

Biometric Use Case Models for Personal Identity Verification

Instructions for completing USFK Theater Specific Required Training. Welcome

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

Interagency Advisory Board Meeting Agenda, Wednesday, April 24, 2013

PKI and FICAM Overview and Outlook

What Why Value Methods

Identity and Authentication PKI Portfolio

Version 3.4 December 01,

Microsoft Deploying and Migrating Windows Servers

SOF U OUTLOOK WEB ACCESS (OWA) AND SSL VPN HOME USERS MANUAL

PRODUCT INFORMATION BULLETIN

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

Department of Defense Fiscal Year (FY) 2013 IT President's Budget Request Defense Technical Information Center Overview

Leveraging the LincPass in USDA

Leveraging HSPD-12 to Meet E-authentication E

Sphinx Feature List. Summary. Windows Logon Features. Card-secured logon to Windows. End-user managed Windows logon data

Interagency Advisory Board Meeting Agenda, December 7, 2009

Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA

Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility

Productivity and Usability Effects of Using a Two- Factor Security System

CREDENTSYS CARD FAMILY

Password Standard Version 2.0 October 2006

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

The Future of Smart Cards: Bigger, Faster and More Secure

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

IDGo Middleware and SDK for Mobile Devices

Interagency Advisory Board Meeting Agenda, December 7, 2009

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop

Choosing the Right Credentials Is Easier than You Think

Strategies for the Implementation of PIV I Secure Identity Credentials

InCommon Federation: Participant Operational Practices

DoD Identity & Access Management (IdAM) Portfolio Overview

Canadian Access Federation: Trust Assertion Document (TAD)

Velocity Certificate Checking Service Installation Guide & Release Notes

Transcription:

Introduction There is an increasing desire and need to combine the logical access and physical access functions of major organizations. This can be as simple as merely having an access card that can be used for both functions to the total integration of the IT systems. This latter case involves the cooperation of the Information Technology (IT) department, Security office, and Human Resources (HR) department. This presentation will focus on a system that uses a common card for both functions. It discusses the migration of the card used in the United States Department of Defense s Common Access Card (CAC) program to the use as a secure identification credential mandated by the recent Homeland Security Presidential Directive 12 (HSPD-12). 5/5/2008 1 Physical Access System Overview The Air Force Institute of Technology (AFIT) needed to do an expansion of their existing security system as they had added new buildings. AFIT s physical access system covers six buildings and 220+ doors across its campus, with panels networked together via IP to a centralized security center. The new system allows students to use their CAC card for both physical access and logical access thus eliminating the need for multiple type access cards. 5/5/2008 2 1

HSPD-12 and the DoD Directive (PKI PMO Warning Order) There are two strong drivers today in the United States Government space that is causing a large interest in both Logical and Physical Access Control and in the use of smart cards in these applications. Homeland Security Presidential Directive 12 (HSPD-12) Mandatory Government-wide Secure/Reliable forms of identification Issued by Federal Government to employees and contractors Credential issued must be rapidly authenticated electronically Department of Defense (DoD) secure network directive Initiate accelerated PKI implementation across DoD Execute CAC logon to NIPRNET Develop guidance for encryption of email Develop guidance for digital signing Allow only certificate-based client authentication to DoD web-servers 5/5/2008 3 Implementing a Physical Access System The primary desire with the installation was the use of only one card for both logical and physical access. As this is a DoD location most of the faculty, staff, and students already had (Common Access Cards) CAC cards. The CAC cards were already being used for logical access. By installing physical access readers that could read the contact chip of the CAC card the objective of using one card was accomplished. This saved the cost of issuing and maintaining a second card system. 5/5/2008 4 2

Implementing a Physical Access System In addition a goal of the upgrade to the system was to have a reader that could be used as the CAC card was upgraded to meet the requirements of HSPD-12. This objective was accomplished by installing a reader that interfaced to both legacy contact and transition contact/contactless smart cards. Another objective of the physical access control upgrade was to provide cards to both foreign and visiting students that were also attending AFIT. The expense of issuing temporary CAC cards was overcome by using contactless DESFire cards for these temporary applications. Using a contact and contactless reader made this possible. This is an ongoing cost saving with this approach. 5/5/2008 5 Implementing a Physical Access System The next step in the development of this system is the acceptance of the transitional CAC card by the system. Employing a reader with programmable memory allows for future updates, an objective of the original placement and part of the business case. The reader that is being employed at AFIT has the capability of interfacing to Legacy CAC contact cards DESFire/Mifare contactless card CAC transitional PIV card (contactless and contact) PIV Card & CAC end-state PIV card Legacy GSA Contact Cards First Responder Access Cards (FRAC) 5/5/2008 6 3

Air Force Institute Of Technology March 2006 5/5/2008 7 Summary AFIT was able to build a business case for the combination of logical and physical access control by Recognizing that the currently issued CAC card could be used for both their logical and physical access control needs Updating their physical access system to accept the same card as the currently installed logical access control system Using lower cost DESFire cards for transient visitors Having an upgrade path to allow the simultaneous reading of the current contact CAC card, the DESFire card (contactless), the transitional PIV CAC card, and the end-state PIV CAC card. The latter two cards are a dual interface contact (for logical access) and contactless (for physical access) card. 5/5/2008 8 4

Contact For more information on the configuration, integration, and installation of the system at AFIT - Mr. Keith Wilson Vice President Smartnet, Inc. Frederick, MD 21701 301-663-4400 keith@smartnetgov.com 5/5/2008 9 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback