Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

CertiPath unveils federated physical access control system

Monday, October 26, 2009

CertiPath, a credentialing authority for aviation, aerospace and defense organizations, has introduced architecture systems for federated physical access control that leverage high-assurance credentials. The concept demonstrates the viability of a single-credential system that can provide secure access for both physical and logical assets, and provide interoperability for employees, customers and partners.

Funded in part by the General Services Administration, CertiPath was tapped to design and oversee the implementation of a system that could overcome the fragmented, expensive and vulnerable approaches to managing physical and logical identity authentication and access control.

CertiPath’s architecture eliminates the need to physically issue visitor passes and enables certainty that each visitor is employed and in good standing with their employer. The system extends PKI-based security systems for managing and assuring logical access control to the challenges of managing and assuring physical access control.

CertiPath’s architecture conforms to the principles of NIST SP 800-116 and also:

  • Leverages PIV, PIV-I , and Department of Defense Common Access Card credentials issued by any valid issuer, as well as Transportation Workers Identity Credentials
  • Utilizes FIPS 201-certified (or in process) components
  • Enables customers to upgrade physical access control system without replacing existing systems
  • Leverages commercially available products to minimize custom solutions
  • Uses the U.S. Federal Bridge to validate interagency trust
  • Delivers cost-effective options to operate at one or multiple assurance levels

The system was installed and is in production at Exostar, the provider of collaboration solutions for the world’s largest aerospace and defense manufacturers and their 40,000 supply chain partners.

In the past, a visitor pass had to be issued for every single non-employee to enter the premises, and the visitor required an escort. Now visitors can use a single enterprise-issued smart card credential with an embedded chip containing digital certificates to enter the building. [end] 

Related Articles
The next step in realizing HSPD-12

Investment needed to improve logical, physical infrastructure

The identity, credentialing and access management effort on the part of the CIO Council is a next step to realize the goals of HSPD-12. It takes FIPS 201 technology and policy and applies procedures to the identity, credential and access categories, hence management. Not coincidentally, in parallel, are President Obama’s National Strategy for Trusted Identities in Cyberspace and the Department of Commerce’s efforts on innovation in cybersecurity, innovation and Internet policy.

read more »
Feds schedule PIV information sharing day

In order to share information about various deployments and uses of PIV credentials there will be an information sharing day for federal officials on Aug. 4. The purpose of the ICAM Information Sharing Day is to provide an forum for agencies to understand and share information related to implementation activities being taken by early adopters of ICAM programs.

read more »
Kaba enables flexibility for physical access control

Mark Allen, marketing manager at Kaba, talks about the company’s E-Plex 5800 series and its compatibility with FIPS 201-compatible credentials. He says the locks enable organizations to choose if they want a simple or sophisticated system based on its particular security requirements and make it easy to deploy.

read more »
Audio from July 28 IAB meeting online now

The July meeting of the influential Government Smart Card Interagency Advisory Board (IAB) was recently held in Washington D.C. FIPS201.com was on hand to cover the event and has provided, as a service to the IAB and the smart card community, an audio recording of the presentations. Click on the link below to access a list of audio and accompanying PowerPoint slides (in pdf format).

read more »
RF IDeas launches reader for physical access control

RF IDeas has announced the release of its new pcProx Enroll reader for physical access control.

According to RF IDeas, the reader is compatible with more than 300 million physical access proximity cards, allowing employees to use their building access card for other forms of identification and security throughout the workplace.

read more »
The merging of logical and physical access

Robert Beliles, vice president of enterprise business development at Hirsch Electronics, talks about the company’s physical access control gateway that combines physical and logical networks for better security. “This links physical access control events to trigger network responses,” Beliles said at the RSA Conference.

read more »

Copyright © 2010, AVISIAN, Inc. All rights reserved.