HERNDON, Va., Oct. 26 /PRNewswire/ -- In a major breakthrough to the challenges of managing identity and access control in highly sensitive environments, CertiPath, the trusted credentialing authority for aviation, aerospace and defense (A&D) organizations, today introduced architecture and operational systems for federated physical access control (PACS), leveraging high-assurance credentials. The concept demonstrates the viability and effectiveness of a single-credential system that can provide secure access for both physical and logical assets, and provide interoperability for employees, customers and partners.
Funded in part by the General Services Administration, which operates the U.S. Federal Bridge for inter-agency information sharing, CertiPath was tapped to design and oversee the implementation of a system that could overcome today's fragmented, expensive and vulnerable approaches to managing physical and logical identity authentication and access control.
CertiPath's converged architecture eliminates the need to physically issue visitor passes and allows certainty that each visitor is still employed and in good standing with their employer. The system extends the proven value of PKI-based security systems for managing and assuring logical access control to the challenges of managing and assuring physical access control.
CertiPath's architecture conforms to the principles of NIST SP 800-116 and delivers the most advanced identity and access control at the lowest total cost by
-- Leveraging PIV, PIV-I , and Dept. of Defense CAC credentials issued by any valid issuer, as well as TWIC (Transportation Workers Identity Credentials) -- Utilizing FIPS 201-certified (or in process) components -- Allowing customers to upgrade PACS without replacing existing systems -- Leveraging commercially available products to minimize custom solutions that are expensive to maintain -- Leveraging the U.S. Federal Bridge to validate inter-agency trust -- Delivering cost effective options to operate at one or multiple assurance levels (e.g., 'controlled' areas card-auth only)Real-World Implementation at Work Today
The result - the first commercially available integrated platform that manages visitors' physical and logical access via their own organization's issued credentials - was installed and is in production at Exostar, the leading provider of collaboration solutions for the world's largest A&D manufacturers and their 40,000 supply chain partners.
In the past, a visitor pass had to be issued for every single non-employee to enter the premises, and the visitor required an escort. Today, visitors can use a single enterprise-issued smartcard credential with an embedded chip containing digital certificates to enter the building.
"We believe this system demonstrates the real value of an environment where visitors' physical and logical access is controlled via an integrated approach," said Steve Howard, vice president of operations for CertiPath. "It's a major step forward in overcoming the challenges of risk, scalability, and accountability to protect assets - both virtual and real - from breaches, whether malicious or accidental."
