Like any other communication network, the integrity of the data carried on the smart cards and its source must be trusted. Without a proven layer of security, the system
would be vulnerable to attacks where cardholder access privileges could be altered, cards cloned or counterfeited, and access policies on the locks compromised:
- Card-connected technologies should apply industry-proven cryptography to provide the highest level of assurance;
- All card-connected privilege data should be digitally signed; and,
- Before providing access, each card-connected lock should validate the digital signature to prove that the card was issued by the PACS – the PACS is a “trusted source” -- and that the access privileges on the card were not altered.
Card-connected locks are ideal for any company or organization that:
- Has offices, storage spaces, equipment rooms or remote facilities that should be protected by electronic access control, but for which traditional wired access control is too expensive or impractical;
- Is required to control and record auditable data for access to sensitive information such as in the financial (Sarbanes-Oxley) and healthcare (HIPAA) industries, and;
- Has or maintains critical infrastructure that must meet newly established DHS regulations such as the petrochemical and power industries.
In all these organizations, access points and assets anywhere in the world can now be secured without relying on wired or wireless connections, at a fraction of the cost. And soon, user can expect to see card-connected padlocks, cabinet locks, and safe locks become available to further extend electronic access control across the enterprise – ultimately helping organizations take the necessary precautions to ensure their critical assets remain protected, especially during a time of economic uncertainty.
About the author: Todd Freyman is vice president and general manager physical access products for CoreStreet. Todd has more than 10 years experience in the physical security industry, has a strong technical background and is specialized in the transition of advanced technologies into commercially available products and integrated solutions. Todd holds a B.S. in aerospace engineering from Syracuse University and an M.S. in mechanical engineering from Pennsylvania State University.