This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."
Download it now to read this article plus other related content.
PL convergence usually utilizes a common user credential for authentication. The most common authenticator is the smart card. The PL smart card has two interfaces. The first is a contactless interface used for physical access. When using the contactless part of the smart card, the user places the smart card near a door reader. If authentication is successful, the physical access system unlocks the door. The authentication and subsequent access is called "badging."
The other interface for the smart card is the contact interface, which is used for PC access. Most PL smart cards have separate storage mechanisms for the contact and contactless interfaces. A recent introduction to PL smart card technology is the dual interface smart card; the contactless and contact interfaces share the same storage, which provides greater functionality.
The second class of authenticator is biometric. Compared to smart cards, biometric devices, typically fingerprint readers, are rarely used for physical access although some very high security environments may use them. Fingerprint biometrics is commonly used to authenticate to the contact interface of smart cards for IT access.
|HSPD-12 Compliance Not Easy|
Federal agencies face tough decisions with the mandate.
By Marcia Savage
| agencies are grappling with Homeland Security Presidential Directive 12 (HSPD-12) and the resulting Personal Identity Verification (PIV) program, which aims to equip all federal employees and contractors with smart cards for physical and IT access.
Agencies are weighing whether to develop policies and infrastructure, including software and vetting stations, or subscribe to those services, says Chris Broderick, CEO of CoreStreet, an infrastructure provider for smart credential programs.
"Technology is part of it, but there's also a lot of process and policy involved," he says, citing employee vetting as one of the tough policy decisions.
Chris Campbell, senior analyst at INPUT, a market-research firm covering the government sector, says vendor interoperability issues and cost are posing HSPD-12 compliance challenges. Agencies turning to the General Services Administration (GSA) for help likely will be in the best position for meeting the compliance deadline in October 2008, he says. In April, GSA awarded an HSPD-12 contract to EDS to provide a nationwide IT infrastructure for issuing identity credentials. The contract will cover about 42 participating government agencies, boards and commissions.
This was first published in September 2007