FIPS-201 Failure

Author: Brian Rhodes, Published on May 28, 2012

The security market is hungry for money. With security budgets shrinking worldwide, any glimmer of untapped sales sends manufacturers and integrators scrambling. Nothing carries more impact that sweeping government regulations, and as a result, when FIPS-201 (PIV) demanded government entities reform their identity credential use, many providers jumped at the chance. Unfortunately, more than a decade later, the security industry is still waiting for race to begin.

In this update, we examine FIPS-201 intent, identify where it has gotten sidetracked, and discuss if it will ever be a significant source of security spending.

*******

****-*** **** ** *********** ******** *** ******* *********** **** * single ******:

  • ******* ** **** *.* ******* ******* ******* *** ***********
  • ******* ******** ******** ** ************ ******* ********
  • ** ** * ***** ** ********** ** ******** /***********

**** **********, *** ** ********** **** ******** * ***** ** comply. ***** **************** ***** *** ******, ******* *** *** **** *********** *******. **** **** *** ********: "**** **** *****?"

********

*** ********** ** ******* ******* ****-*** ******* ** *** *** to **** ** ********* ** *** ********** ******. ******, * host ** ***** ******** **** *********** ******** *******:

  • **** ********* ************* **** ****-*** *****:**** ****** *** ******* ** ** **** *** ** ** compliant.
  • ********** ********** ******** *** ******* **********:******* ******* ** ***** ** ********** ***** ** *****.
  • ******** ******** *********** **********:********* *********** *** ******* *** ** ** ******** *****.
  • ******** ********:******* **** ********** *********, ***** *** *** ******** ** **** changes.
  • ** *********** ****** *******:***** ******* *** ** *** ** ***-**********, **** ********* *** nonexistent.

Market ******

* ***** ********** *****-************ *** *** ******* ****** ** * ***** **** *** compliance ** *** ********** ********, *** ******* ******** ********* ** from ***** * **** ****** ******.

*** *******, * ********* '******' ******** ** ***** * '****** access *******' ****** ******* ** ****-*** ********* ** ******** *********** that **** ******** ************* *********. ** *** ******* ****, **** requires * **** ** **** **** ******** * '****' ***** under * ******. ** ********, ****-*** ********** ********** ******** * cryptographic '**** ****' ******* ******* ******-***. ** ******* ********** ******, **** ******** ***** ****** * full ****** ** ********** ********* ** '****' * **********.

***** ************ **** **** ********** ******** **** ******* *** ****** or **** ***** ********* ** ********* ********** ******* ********** ******* areas. ** ***** ** **** *******, **** ***** * **** percentage ** *** ********* **** ******* **** ** ********. **** does *** **** ******* *** **** ******** **** ********** ************ applicable ** *** ****** ******* ****** ******, ***** *** **** to ** ************* ******* ** ******** ******** ** ****** *********.

** ***** ** *** *** ******** ******, ****-*** ********** *** not ************ ******** ****** *********** ******* ** **** ********** ****** control *******. ** ** ********* ********* ** ***** *** ******* effectiveness ** ****-***. ***** *********'* ****** ** *****, *** **** can ** **** **** **** ************* *** ********* ***** ** the ******** ****** *** **** ******.

Future ****** ******?

*** ****** **: **, *** ** *** *** ** *** once ********. *** ****** ******* **** **** ** **** '*** cart ****** **** *** *****'. ** ****** *** ********* *** security ****** ** ** ********** ***** **********, ** ******* *** enforcement *** *** ************ **** ********* **** **** ** ********* into *** **** ** ********* ***********. ***** ******, ********** ******** will *** ****** ** ***** ***** ****** **** *** ****** to ** ***** * ******** ****** ** *** *******. *** many, ****-*** ********** ****** ******* ******* ***** *** ** *** '5-Year ********* ****' ** ** ********* ** * ***** ****.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Access Door Controller Configuration Guide on Sep 27, 2016
Properly configuring access control door controllers is key to a professional system. These devices have fundamental settings that must be...
Access Control Course Fall 2016 on Sep 22, 2016
IPVM offers the most comprehensive access control course in the industry. Unlike manufacturer training that focuses only on a small part of the...
Door Fundamentals For Electronic Access Control on Sep 20, 2016
Assuming every door can be secured with either a maglock or an electric strike can be a painful assumption in the field. While those items can be...
The Passback Problem on Sep 14, 2016
Every security system has flaws, even high-tech ones. While Electronic Access Control helps keep sensitive areas safe, it is not without...
S2 Founder Touts Mercury Board To Replace Software House on Sep 08, 2016
Access control is a stoic market typically devoid of glitzy, flashy product releases. But one new product is notable because of who is touting it...
Lenel Partners Angry, Lenel Does Not Care on Sep 01, 2016
Even more than Arecont, one manufacturer stands out for consistent complaints - Lenel. Over the past few years, no manufacturer has had more...
ZKAccess Company Profile and Higher Margin Guarantee Examined on Aug 30, 2016
A budget access manufacturer has entered the North American market, but it is not Hikvision or Dahua. This player, ZKAccess, has recently set up...
Axis Hosted Video Decade of Failure on Aug 29, 2016
Do you want to 'head up' Axis hosted video offerings? Axis almost never publicly promotes senior positions, but for such an unattractive job they...
Genetec Access Control Security Center 5.5 Release on Aug 26, 2016
Inside, we examine Genetec's new Access Control features in Security Center 5.5. Enhanced Active Directory and 'Universal Groups' New, Single...
Tailgating - Access Control Tutorial on Aug 25, 2016
Despite costing thousands of dollars per door, electronic access control systems are vulnerable to an easy exploit called 'tailgating'. Unless this...

Most Recent Industry Reports

Camera Calculator Class and IPVM Member Orientation October 2016 on Sep 28, 2016
Members, learn how to better design video surveillance systems and get the most out of your IPVM memberships with 2 upcoming live classes. Both...
Axis 4MP Camera Tested (M3046-V) on Sep 28, 2016
Axis has brought 4MP to its camera line in the new M3046-V, the highest resolution model in their revamped M30 series. We bought and tested this...
Hiring Spree At Aimetis 6 Months After Being Acquired on Sep 28, 2016
Aimetis was acquired in April 2016, and is now expanding almost all of their departments, hiring employees from Axis and other industry...
Camio Natural Language Processing Tested on Sep 27, 2016
The ex-Googler led team from Camio has advanced its video monitoring offering to include natural language processing. Camio ingests video,...
Access Door Controller Configuration Guide on Sep 27, 2016
Properly configuring access control door controllers is key to a professional system. These devices have fundamental settings that must be...
Hacked Dahua Cameras Drive Massive Cyber Attack on Sep 27, 2016
Cyber attacks are accelerating and IP cameras are behind many of them. Worse, last week, a 'massive' attack was carried out using numerous Dahua...
Axis Secretly Paid Anixter Sales People To Push Axis NVRs on Sep 26, 2016
Internal Axis communication shows how Axis paid Anixter and Tri-Ed sales people with secret bonuses to push Axis NVRs. In this report, we examine...
VLANs for Video Surveillance Tutorial on Sep 26, 2016
Many people confidently say to 'use VLANs' as an answer to IP video networking problems and as a way to signal expertise. But how should VLANs be...
Ambarella CEO Admits H.265 and 4K Not Popular on Sep 26, 2016
Ambarella is the main chip provider for high-end surveillance cameras driving higher resolution and new CODECs. While Ambarella has been pushing...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact