In the past, simple ID badges were used to prove authorization to enter a protected space. Whether visually verified by a guard or electronically using a card access system, there was a serious flaw. Both check whether or not a credential is authorized to enter a protected area. They fail, however, to verify that the card belongs to the person presenting it, that it is an original unaltered credential, and that it has not been revoked....
Search
In order to use a PACS, each badge must be entered into the database. In the days before PIV cards, this was simple; enter the person's name in the database, along with the badge number, and you are done. With the new credentials, however, things are more difficult. Credentials are referred to by their Federal Agency Smart Credential Number (FASC-N) which is not printed on the exterior of the PIV credential. In fact, many of the data...
According to FIPS 201, real-time certificate validation (which includes path validation and revocation status checking) is the preferred means for validating a PIV credential. Unfortunately today, this type of real time certificate checking using PKI technology, would pose an unacceptable performance problem for the PACS system. Recognizing this, FIPS 201 describes a system that stores certificate status locally and is called a
Transportation workers and seaports go together. While the fresh sea breeze may be refreshing, it represents a special challenge for the electronics in a security system. Salt air is highly corrosive and can drastically shorten the life of contacts and connectors. The designers of the credentials for the TWIC system correctly decided to use a "contactless" RF interface to talk to the card and maximize reliability. Unfortunately, this...