PIV CARDS – Authentication Capability

Deployed Physical Access Control Systems readers use proximity or magnetic stripe technology to interface with identity cards and use proprietary protocols to communicate data. Some of these proprietary protocols employ cryptography, but their use is limited to the local site.

Recommendation for the Use of Personal Identity Verification Credentials in Physical Access Control Systemscredentials that could be used for a new generation of identity management technology for building access. Federal Information Processing Standard 201 (FIPS 201) and its supporting special publications define the credential data model and the card-to-reader interface, and also provide requirements for implementing the digital certificates.

Federal Information Processing Standard 201 (FIPS 201) added a standardized contactless and contact interface, biometric fingerprint, and cryptography to the credential that could be used to attain a higher level of identity authentication assurance.

The capability to perform bi-directional data communication is fundamental to the deployment of secure building access. Adding cryptography to the credentials permits agencies to validate the data objects on the card and authenticate the cardholder. Adding credential expiration and on-line credential validation requirements also strengthens access control decisions.

At the same time, Federal Information Processing Standard 201 (FIPS 201) provided the opportunity to migrate building access systems from LITTLE OR NO confidence assurance levels to VERY HIGH confidence assurance levels. Existing Physical Access Control Systems need to be upgraded to take advantage of these features and functions, in coordination with the following guidelines and authorities:

  • Federal Information Processing Standard 201 (FIPS 201) assurance levels
  • Department of Justice Vulnerability Assessment Report of Federal Facilities
  • Office of Management and Budget (OMB) M-04-04, E-Authentication Guidance for Federal Agencies.

Federal Information Processing Standard 201 (FIPS 201) redefines the requirements for building access in a fundamental way: instead of each facility issuing an access card solely for that facility’s defined Physical Access Control Systems architecture, a facility relies on the Personal Identity Verification Card that was issued by the same, or a different, agency certified by the Federal government.

The facility still has control over the user’s access privileges, but the technology has been standardized to optimize inter-agency interoperability and the credential has been issued to the user as part of the Federal Information Processing Standard 201 (FIPS 201) identity management process.

Published in PIV Cards , Thursday February 5th 2009
Tags: ,



No Responses to “PIV CARDS – Authentication Capability”

  1. omar says:

    Very interesting article.I wait to read more about this subject

  2. Ken says:

    interesting post

  3. P. Silva says:

    a very good article about PIV CARDS – Authentication Capability

Privacy | About Us | Contact
Copyright © 2008 Home Automation - JAEC - All the rights reserved