FIPS-201 Improvements Reviewed

By Brian Rhodes, Published Jul 19, 2012, 08:00pm EDT (Info+)

A new version of FIPS-201 is being introduced, but does the update make it more relevant to the physical security industry? To a large extent, FIPS-201 has been responsible for issuing large numbers of new credential cards, but has failed to change physical access control systems. Does the update rectify this? In this note, we examine the draft update and analyze what it means for the physical security industry.

Key Changes

*** ** ****-***'* *********, *** ******** Institute ** ********* *** **********(****), *** ****** ******* ******** *** events *********** *** ******* ********,***** ****-***-*. ** ****** *** ********* * ************ ** **** **** ******* *** proposed ******* **** ****** ************, *** while ** ****** ** ******* ** that ******* **** *********, ** ***** the ****** **** ******** ** ******** security *****:

  • *********** *** ** ****** *** * years, ******* ** *.
  • ********** *** ************ ********** (************) **** PIV ***** *** *** ********.
  • ********** *** *********** '*-**************' ** ********** or ***** ******** ********** ******* *** now ********.
  • *** ******** **********-*** ********* ********** ******* ** * ******* ** vendors *** ** **** **************

***** *** **** ****** ** ******** changes ** ******** ********** ******* ** being *********, *** ***** ******* ** not ******** *** ********* ****** ***********.

******* ** ******: **** **** *** *** ********* introduced ** ****, *** ***** *** predominantly ** ************* ******* ****** *********** first. ********** *** *************** ** ******** Access *********** **** ***** ****-*** *****, but *** ******** ** *** ****** has ******* **** ******** *****. ** a ******, *** **********/************** ** ****-*** has **** ***** ** *** ******** access ****, *** ** **** *** primarily ******* ** ******* *** '*** compliant' ***********. **** ****** ******* **** of *** **** ** *** ******** Access **** ** ********* ********** ** how ** ******** ***** *** ************ biometric *** ********** ***********.

**********: **** ***** ******** ** ********** implementation ** ********** *** **** *** used ** '* ******' ************, ***** the ******** ********* **:

  • "********* *** ****": ******** ** ******
  • "********* *** ****": *********** ****** ** Clearance ** ****** ***********
  • "********* *** ***": ********* ***********, **** Fingerprint **** ***********

*** ***** ******** ******** ** ***** two *********** ***** *** ********* ********. While *** ******** **** ******** * 'facial *****', **** ******* * ******* image *** *** **** ** ****** biometric *****. *** ********* *********** ** to ** ********* ***** **** * PIV ********** ** ******, ***** ** a ******* ** * *****.

*-**************:*** ******* ******** ***** *** **** for ********* *** ***** *** ***********. While *** ******** **** *** ************ identify *** **********, * *** ******* mirroring ***'* '*-************** ********' [**** ** longer *********] ******** ** ********. **** proposed ************** ******* ******* ********** *** issuing *-*********** **** '**** **** **********', meaning **** *** ******* ***** ** credential *** ** ******** ** **** technology.

*********

**** ************* ***** ** ********:****** *** *******, * ******** ******** member ********** *** ********, ******** *** difficulty ************* **** **** ********* **** 201 ********* ********. *** ****** ***** out, *** *** ***** *********, **** the '******** ******* ****' *** **** 201 ** ******* ** **** * few *******. ******* *** ************* ** difficult ** ********* *** **** *************, they ****** ** ***** ********* ********* products. ********* **** ****** ****** ************** need ** ** ********* ** ***** for **** ******** ******** ********* ** 'enter *** ****'.

Market ******

*** ****** **** ****** ** ****** to ******* ************** ** ****-***, *** requires ** *** ********** ********* ** credentials. ** **** *******, ****** *** current ******** ** ******* ******** *********** technologies **** ***. ***** **** *** standard *** *** ** ** ******** approved, ** **** *** ****** ** substantially ****** ******** ****** *******.

************* ****-*** ******* ******* *** ******** access ******* ******* * **** ********, apparently ** ** ********* ** ****** updates. ***** *** *********** ********** ********** new ********** *** *******, **** ***** does ******* ** ****** *** *** between ******* ****** *** ******** ****** control *******. ** ****** **** ****** to ** ******** ** * ***** update ** ******** ******** ******** *** executives.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports