Physical Access Control Systems and FIPS 201 Physical Access ...

More documents

Recommendations

Info

PIV Card Issues/Recommendations GUID Usage Requirements – What is the timeframe for implementing this? Since OMB policy has set June 2008 as the date by which all agencies’ infrastructure (network backbones) must be using IPv6 and agency networks must interface with this infrastructure, this should be the target implementation date. Work should begin as early as possible to meet this target implementation date. Expiration Date Usage Requirements – When and/or how often does this need to be checked? The PIV card contains multiple expiration dates (e.g., printed on the PIV card, inside CHUID, printed info buffer (optional), within PKI certificates). Expiration dates need to be synchronized. This should initially only need to be checked/validated at the time of initial registration and not at each access control event. 8
PIV Card Issues/Recommendations CHUID Asymmetric Signature Usage Requirements - When and/or how often does this need to be checked? The CHUID asymmetric signature should initially only need to be checked/validated at the time of initial registration and not at each access control event. At some later time this could be expanded as infrastructure matures. Card Authentication Key Usage Requirements - When and/or how should asymmetric keys be used in PACS? PACS 2.2/2.3 includes the use of symmetric keys for PACS in the high assurance profile, but does not include the use of asymmetric keys mentioned in FIPS 201 and SP 800-73. To ensure interoperability, this needs to be made mandatory and the PACS document must be updated to include this as a PKI high assurance profile. 9
Page 1 and 2: Physical Access Control Systems and
Page 3 and 4: Introduction: Traditional PACS
Page 5 and 6: Introduction: FIPS 201 - PACS Relat
Page 7: PIV Card Issues/Recommendations FA
Page 11 and 12: Recommendation and Benefits to Use
Page 13 and 14: PKI High Assurance Profile On-card
Page 17 and 18: PACS Readers: Issues/Recommendation
Page 21 and 22: PACS Panels: Overview Panels are c
Page 23 and 24: PACS Hosts (Servers): Overview The
Page 25 and 26: PACS Hosts: Cardholder Enrollment
Page 27 and 28: PACS Infrastructure: Issues / Recom
Page 29 and 30: PACS Infrastructure: Issues / Recom
Page 31 and 32: C CR CRI CARD 1 2 CARD READER PACS
Page 33 and 34: Biometrics An access control reade
Page 35 and 36: Biometrics: Issues/Recommendations
Page 37 and 38: Privilege Granting and Revocation
Page 39 and 40: Privilege Granting and Revocation
Page 41 and 42: PACS Products Issues GSA has not p
Page 43 and 44: Certifying PACS The Authority Havi
Page 45 and 46: Conclusions FIPS 201 and associate
Page 47 and 48: Physical Access Council Mission: A
Page 49: For More Information Physical Acce

Physical Access Control Systems and FIPS 201 Physical Access ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?