Physical Access Control Systems and FIPS 201 Physical Access ...

More documents

Recommendations

Info

PACS Panels & Reader Data There is a need to specify what data to use: FASC-N data or the full GUID. There are multiple data formats supported by the various reader vendors (e.g., 200-bit, 128-bit, 64-bit, 40-bit) For full interoperability across agencies, the reader FASC-N data should minimally include the following (14 digits) • Agency (4 digits) • System (4 digits) • Credential (6 digits) For legacy applications, a fewer number of digits can be output, but the number will not be unique across Federal agencies and must be assessed for risk by local security manager. Optionally, for medium security applications, the reader can also output a Hashed Message Authentication Code (HMAC) which is used to verify that the card has not been modified since cardholder enrollment into the PACS Optionally, the reader can also output the card’s expiration date 22
PACS Hosts (Servers): Overview The PACS host is the primary application for configuring, controlling, and disseminating information about the access infrastructure (particularly controlled doors) and the cardholders who have access privileges to those doors. The host has a configuration database, a cardholder database, administrative functions for configuring doors, readers, panels, clearances, schedules, cardholders, and other various features. All configuration activity is journaled for audit purposes. The host communicates to administrative clients, guard/monitoring station clients, and panels The host interfaces to the IDMS and other enrollment systems. 23
Page 1 and 2: Physical Access Control Systems and
Page 3 and 4: Introduction: Traditional PACS
Page 5 and 6: Introduction: FIPS 201 - PACS Relat
Page 7 and 8: PIV Card Issues/Recommendations FA
Page 9 and 10: PIV Card Issues/Recommendations CH
Page 11 and 12: Recommendation and Benefits to Use
Page 13 and 14: PKI High Assurance Profile On-card
Page 17 and 18: PACS Readers: Issues/Recommendation
Page 21: PACS Panels: Overview Panels are c
Page 25 and 26: PACS Hosts: Cardholder Enrollment
Page 27 and 28: PACS Infrastructure: Issues / Recom
Page 29 and 30: PACS Infrastructure: Issues / Recom
Page 31 and 32: C CR CRI CARD 1 2 CARD READER PACS
Page 33 and 34: Biometrics An access control reade
Page 35 and 36: Biometrics: Issues/Recommendations
Page 37 and 38: Privilege Granting and Revocation
Page 39 and 40: Privilege Granting and Revocation
Page 41 and 42: PACS Products Issues GSA has not p
Page 43 and 44: Certifying PACS The Authority Havi
Page 45 and 46: Conclusions FIPS 201 and associate
Page 47 and 48: Physical Access Council Mission: A
Page 49: For More Information Physical Acce

Physical Access Control Systems and FIPS 201 Physical Access ...

Create successful ePaper yourself

Delete template?

Save as template?