28 May, 2019
category: Biometrics, Contactless, Corporate, Government, Smart Cards
The Security Technology Alliance has released new guidance concerning the implementation of PIV credentials for physical access control. It comes in the form of a complementary guide to NIST Special Publication (SP) 800-116 R1, which, according to the alliance, “provides technical guidance for successful implementation of PIV-enabled PACS in government facilities.”
As technology gets more complex, there’s an increased need for security to be built into every device, product and service in the federal space
Entitled “Industry Recommendations for Implementing PIV Credentials for Physical Access Control Systems,” the guide focuses “on the content of SP 800-116 R1 that provides the essential information required to successfully implement PIV with PACS, without including discussion of how the card is made or how it works under the hood,” the Alliance said. “Alternative visual diagrams are provided to enhance understanding of the applications and approaches to meet the requirements.”
The guide not only “distills” the findings in the NIST publication, but it also offers the following benefits:
- informs about “interoperability qualities and infrastructure requirements” of PIV implementation
- advises about “effective mitigation techniques”
- provides descriptions of “PIV authentication methods in PACS applications, with a focus on authentication factors and credential validation”
- digs deep into “real-life PACS deployment recommendations” that take into account the “experience of industry professionals who have deployed PIV credentials with PACS”
- “explores deployment considerations for implementers, including rollout considerations, PIV identifiers, PACS registration, temporary badges and the CHUID-only “authentication” issue.”
Growing demands on PIV credentials for physical access control
According to Randy Vanderhoof, executive director of the Secure Technology Alliance, “as technology gets more complex, there’s an increased need for security to be built into every device, product and service in the federal space.”
He added that this new guide demonstrates how, “the Alliance has become a forum for federal government and technology executives to discuss current challenges, identify possible solutions and answer questions about government identity management initiatives.”
The guide was developed by the Secure Technology Alliance Access Control Council. More discussion about PIV credentials for physical access control, along with other issues, will early next month at the annual Securing Federal Identity 2019. It is scheduled for June 4-5 at the at Hilton Crystal City in Arlington, VA. According to the alliance, “the event’s keynotes, roundtables, and panels will cover the most important topics impacting federal identity initiatives today, including discussion on effective use of PIV credentials and mobile identity technologies.”
