Open doors with phones, and 4 other predictions for federal mobile access

Expect personal access cards to go wireless this year.

Common Access Cards and Personal Identity Verification cards will be loaded onto smart phones and other mobile devices to allow personnel more flexibility in accessing both physical and digital infrastructure, and it will permit federal agencies to more easily issue and update security credentials.

This is the prediction of Dave Adams, senior director of product marketing at HID Global. Adams recently released a list of five federal mobility trends/predictions for this year.


Related stories:

Tools could put iPhones, Androids on government networks

Guide to better security for mobile access to networks


Adams predicted that:

  • Government employees and contractors will be able to carry their CACs and PIV cards on their smart phones.
  • The movement of CAC and PIV cards to move to smart phones will redefine how both types of cards are issued.
  • The ability to carry CAC and PIV cards on smart phones will help create a new access control infrastructure model.
  • Combining the current secure identity data structure with a new credential issuance and management model will help improve identity security.
  • Near-field communications (NFC)-enabled smart phones will become a convergence platform for other access control applications.

Commercial and federal industry sectors moving to a more secure, flexible and extensible smart card data structure will make it possible for CAC and PIV cards to be embedded into smart phones and other mobile devices equipped with NFC technology, Adams wrote.

For example, users may be able to open locked doors by simply waving their mobile devices in front of the door reader just as they would with their CAC or PIV cards. The embedded short-range NFC wireless system in the mobile devices allows them to exchange access control data with the door locks.

Permitting CAC and PIV cards to be carried on mobile devices will also allow organizations to issue credentials over the air within a secure boundary via cloud-based identity provisioning. This capability will be more expedient and convenient for users and issuers alike, Adams wrote.

NFC mobile access devices are smart enough to verify a user’s identity and relevant access data. This means that future physical access control readers and locks can be built without any major intelligence or connectivity capabilities, Adams wrote. This is because the average smart phone has the on-board intelligence to carry out most of the tasks that would otherwise be carried out by a reader and server or panel.

Without the need for any resident computing power, all readers and locks need to do is interpret an encrypted command to open the door. This will make the resulting unconnected, encrypted door switches less costly to build, Adams wrote.

Additionally, as access control moves to mobile devices, it allows the deployment of inexpensive, yet very secure, access systems for interior doors, filing cabinets and storage units.

The emerging mobile access control model will provide an additional layer of security, on top of those dictated by Homeland Security Presidential Directive 12 and the Federal Information Processing Standard 201 by allowing credential issuers to continuously monitor and modify security parameters when needed, eliminate the risk of credential copying, issue temporary credentials as needed, and cancel credentials when mobile devices are lost or stolen, he wrote.

Besides offering a scalable and interoperable security system, HSPD-12 also establishes the government’s vision for future converged logical and physical security. Converged identity systems reduce deployment and management costs while improving security by allowing single credentials to be used for logical access such as strong desktop authentication.

Converged systems also help federal agencies enforce more consistent policies and facilitate the use of consolidated audit logs throughout the enterprise. NFC-enabled smart phones are ideal for this convergence, Adams said.

Smart phones and tablets will leverage existing digital credential data structures to support many types of information such as access control, biometrics, vending, meal and transit fare payment, time-and-attendance, and secure print management. These capabilities will further enhance the value and utility of CAC and PIV credentials, he said.


 

Reader Comments

Thu, Apr 12, 2012 David

It seems the way of the locksmith is all but gone. you can start some cars with your phone. Lock, and unlock the doors. What will I do then? I hear being homeless in San Diego is a good gig. The ol time locksmith. David

Wed, Apr 11, 2012 DC Fed Washington DC

How embarassing would it be to be locked out of your building or your workstation because your smartphone with all the embedded security features described in this article ran out of juice when you forgot to charge it up overnight. This stuff sounds great, but you better have a contingency plan such as the "simple" HSP-12 card with a picture on it. I assume you will still need the cards for photo ID unless you plan to wear your phone around your neck as you walk through the building.

Wed, Apr 11, 2012

This is all well and good, except for facilities that require more robust physical security. These are facilities where you leave your smartphone with its embedded recording and transmitting technologies in your car before you go in the front door (or in a locker by the front door if you are forgetful). The good old reliable HSPD-12 card will remain the access mechanism of choice for those select locations...

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above