Open doors with phones, and 4 other predictions for federal mobile access
Expect personal access cards to go wireless this year.
Common Access Cards and Personal Identity Verification cards will be loaded onto smart phones and other mobile devices to allow personnel more flexibility in accessing both physical and digital infrastructure, and it will permit federal agencies to more easily issue and update security credentials.
This is the prediction of Dave Adams, senior director of product marketing at HID Global. Adams recently released a list of five federal mobility trends/predictions for this year.
Tools could put iPhones, Androids on government networks
Guide to better security for mobile access to networks
Adams predicted that:
- Government employees and contractors will be able to carry their CACs and PIV cards on their smart phones.
- The movement of CAC and PIV cards to move to smart phones will redefine how both types of cards are issued.
- The ability to carry CAC and PIV cards on smart phones will help create a new access control infrastructure model.
- Combining the current secure identity data structure with a new credential issuance and management model will help improve identity security.
- Near-field communications (NFC)-enabled smart phones will become a convergence platform for other access control applications.
Commercial and federal industry sectors moving to a more secure, flexible and extensible smart card data structure will make it possible for CAC and PIV cards to be embedded into smart phones and other mobile devices equipped with NFC technology, Adams wrote.
For example, users may be able to open locked doors by simply waving their mobile devices in front of the door reader just as they would with their CAC or PIV cards. The embedded short-range NFC wireless system in the mobile devices allows them to exchange access control data with the door locks.
Permitting CAC and PIV cards to be carried on mobile devices will also allow organizations to issue credentials over the air within a secure boundary via cloud-based identity provisioning. This capability will be more expedient and convenient for users and issuers alike, Adams wrote.
NFC mobile access devices are smart enough to verify a user’s identity and relevant access data. This means that future physical access control readers and locks can be built without any major intelligence or connectivity capabilities, Adams wrote. This is because the average smart phone has the on-board intelligence to carry out most of the tasks that would otherwise be carried out by a reader and server or panel.
Without the need for any resident computing power, all readers and locks need to do is interpret an encrypted command to open the door. This will make the resulting unconnected, encrypted door switches less costly to build, Adams wrote.
Additionally, as access control moves to mobile devices, it allows the deployment of inexpensive, yet very secure, access systems for interior doors, filing cabinets and storage units.
The emerging mobile access control model will provide an additional layer of security, on top of those dictated by Homeland Security Presidential Directive 12 and the Federal Information Processing Standard 201 by allowing credential issuers to continuously monitor and modify security parameters when needed, eliminate the risk of credential copying, issue temporary credentials as needed, and cancel credentials when mobile devices are lost or stolen, he wrote.
Besides offering a scalable and interoperable security system, HSPD-12 also establishes the government’s vision for future converged logical and physical security. Converged identity systems reduce deployment and management costs while improving security by allowing single credentials to be used for logical access such as strong desktop authentication.
Converged systems also help federal agencies enforce more consistent policies and facilitate the use of consolidated audit logs throughout the enterprise. NFC-enabled smart phones are ideal for this convergence, Adams said.
Smart phones and tablets will leverage existing digital credential data structures to support many types of information such as access control, biometrics, vending, meal and transit fare payment, time-and-attendance, and secure print management. These capabilities will further enhance the value and utility of CAC and PIV credentials, he said.