Physical Access Control Systems and FIPS 201 Physical Access ...

More documents

Recommendations

Info

PACS Infrastructure: Issues / Recommendations C CR CRI CARD 1 2 3 4 4 CARD READER Interface Point 3 Could be combined CARD READER INTERFACE ACP Local Database ACCESS CONTROL PANEL LAN/WAN ADMIN or CLIENT WORKSTATION Relevant Issue: Lack of security between reader and panel provides a weak link for PACS. RS232, RS485 & current loop are established asynchronous bi-directional forms of communications standards and can be made secure but are not addressed in any current guideline documents Recommendation: Consider encryption for medium and/or high assurance applications Relevant Issue: Card reader interface to ACP is typically proprietary Recommendation: Emphasis should be on CRI to card reader for open standards and minimum data requirements set for legacy systems and with migration guidelines for future proofing such as requirements for the GUID 5 LAN/WAN IDMS PACS Server/ Database 30
C CR CRI CARD 1 2 CARD READER PACS Infrastructure: Issues / Recommendations CARD READER INTERFACE Interface Point 4/5 Could be combined 3 ACP Local Database ACCESS CONTROL PANEL 4 4 LAN/WAN ADMIN or CLIENT WORKSTATION 5 LAN/WAN PACS Server/ Database Relevant Issue: Data fields within the schema of the PACS database server are not identified and may not correlate to those in the CHUID fields for easy migration to the host from the IDMS. Every system will therefore have to be customized at a cost Recommendation: Establish a minimum set of data to be imported and the method of transfer for standardization (for example, XML). All systems would have same set Relevant Issue: There is much confusion on what is open and what is IDMS proprietary when PACS systems are evaluated and purchases are made on beliefs and assumptions Recommendation: Clearly define what portions of the PACS are to be based on open standards and what does not have to be 31
Page 1 and 2: Physical Access Control Systems and
Page 3 and 4: Introduction: Traditional PACS
Page 5 and 6: Introduction: FIPS 201 - PACS Relat
Page 7 and 8: PIV Card Issues/Recommendations FA
Page 9 and 10: PIV Card Issues/Recommendations CH
Page 11 and 12: Recommendation and Benefits to Use
Page 13 and 14: PKI High Assurance Profile On-card
Page 17 and 18: PACS Readers: Issues/Recommendation
Page 21 and 22: PACS Panels: Overview Panels are c
Page 23 and 24: PACS Hosts (Servers): Overview The
Page 25 and 26: PACS Hosts: Cardholder Enrollment
Page 27 and 28: PACS Infrastructure: Issues / Recom
Page 29: PACS Infrastructure: Issues / Recom
Page 33 and 34: Biometrics An access control reade
Page 35 and 36: Biometrics: Issues/Recommendations
Page 37 and 38: Privilege Granting and Revocation
Page 39 and 40: Privilege Granting and Revocation
Page 41 and 42: PACS Products Issues GSA has not p
Page 43 and 44: Certifying PACS The Authority Havi
Page 45 and 46: Conclusions FIPS 201 and associate
Page 47 and 48: Physical Access Council Mission: A
Page 49: For More Information Physical Acce

Physical Access Control Systems and FIPS 201 Physical Access ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?