| |
|
|
The HSPD-12 and PIV-I Directive
Nearly four years after the federal government enacted Homeland Security Presidential Directive 12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors, many federal agencies are still implementing identification measures. Standards established under the Federal Information Processing Standard (FIPS 201), Personal Identity Verification (PIV) of Federal Employees and Contractors, provide the guidelines for complying with the directive. PIV satisfies the control objectives and meets the procedural security and privacy requirements of HSPD 12, while PIV-I meets the technical interoperability and technological security requirements.
Under the PIV-I standards, the identification hardware, software and provisioning that agencies implement must be uniform and interoperable government-wide. For example, State Department employees around the globe must be able to access facilities around the world using a single card type.
Monitor Dynamics Meets PIV-I Requirements
A PACS (Physical Access Control System) supplier for more than 30 years, Monitor Dynamics still leads the federal government integrated access control space. The Monitor Dynamics product family currently protects over 10 million alarm points across the globe for many of the world's most recognized organizations and government agencies, including FBI, TSA, Bureau of Engraving & Printing, United States Army, IRS, FDA, USDA and the United States Marine Corps., just to name a few.
Monitor Dynamics has been very active with the evolving requirement for HSPD-12, primarily with the Smart Card Alliance. This involves many of the commercial suppliers of card readers, cards and the associate front-end servers. In mid-2006, the National Institute of Standards and Technology (NIST) put Monitor Dynamics' SAFEnet hardware and software solutions through a technical test - and Monitor Dynamics solutions proved their readiness for use in government agencies.
Interoperability
Monitor Dynamics solutions offer government agencies a simple and cost-effective migration path to meet these requirements - without the hassles of replacing substantial amounts of hardware and software. Monitor Dynamics' SAFEnet is an open architecture security platform that adapts each individual application and device into its command and control dashboard - promoting global collaboration as one manageable system and ensuring interoperability with existing systems.
Monitor Dynamics compliance solutions fall into two categories:
PIV Enrollment
Monitor Dynamics offers two methods to existing and new customers:
1. USB data collection - A USB keypad and a USB contact reader extract the CHUID (Cardholder Unique Identifier) data from the PIV chip. The card owner must first input his or her PIN (only the owner of the card knows the PIN) to unlock the card, and then the USB contact reader obtains the desired data. At a minimum, the cardholder's full name, expiration date, agency, system code and credential numbers are required to be compliant, but the system administrator can also obtain and save many other fields (i.e. blood type etc.) to the physical access control system PACS database. The full 200-bit Federal Agency Smart Credential Number (FASC-N) can also be saved to the cardholder database, but only 75 bits are required. To enroll the card in the PACS, the system administrator makes selections - with a few mouse clicks - to obtain the cardholder's data and add access privileges.
2. Ethernet data collection - The second method is much like the above description, except the desired date is obtained over a secured Ethernet connection from the Card Management System to the Card (CMTC-FIPS terminology) to the Monitor Dynamics SAFEnet PACS.
PIV II Reader Solutions:
Monitor Dynamics works with several card reader suppliers on the approved GSA list. They include HID Corporation (iCLASS), SCM Microsystems, Integrated Engineering (IE) and several others. All of these suppliers can offer PACS providers with the full 200-bit FASC-N, plus the expiration date of the card.
The current GSA and NIST requirement is to send 75 bits from the reader to the "panel," which includes the agency code, system code (or site code) and credential number. From this data, the Monitor Dynamics SAFEnet system builds a 48-bit cardholder number, which is used for access control.
Monitor Dynamics SAFEnet Demos and Installations
The Monitor Dynamics team offers demonstration systems or can install a small "test bed" system with several cards for review by the appropriate personnel. Monitor Dynamics has successfully installed many compliant systems across the Government, including the Gunter/Maxwell Air Force Base in Georgia. |
HOME
iTRUST 2.0 
