Smart Card Alliance Conference 2003
`Smart Card Integration
`into
`Physical Access Control Systems
`
`Presented by: Dwayne M. Pfeiffer
`Northrop Grumman Information Technology
`July 16, 2003
`
`USR Exhibit 2022, page 1
`
`
`Smart Card Integration
`into
`Physical Access Control Systems
`
`Presented by: Dwayne M. Pfeiffer
`Northrop Grumman Information Technology
`July 16, 2003
`
`USR Exhibit 2022, page 1
`
`
`
`Smart Card Alliance Conference 2003
`
`• Summary
`– What is a Physical Access Control System?
`– Why Integrate Smart Cards into Physical Access
`Control Systems?
`– Physical Access Control System Security
`Considerations
`– Smart Card Technology Choices
`– Biometrics, PINs, and Smart Cards
`– Key Questions to be Considered in Planning the
`Integration of Smart Card Technology
`– Example Integration Scenarios
`– Conclusion
`
`2
`
`USR Exhibit 2022, page 2
`
`
`
`Smart Card Alliance Conference 2003
`• What is a Physical Access Control System?
`– A physical access control system is a coordinated
`network of identification tokens (magnetic stripe
`cards, proximity cards, key fobs, smart cards, etc.),
`electronic door readers, control panels, specialized
`databases, software and computers designed to
`monitor and control traffic through access control
`points.
`
`3
`
`USR Exhibit 2022, page 3
`
`
`
`Smart Card Alliance Conference 2003
`• Sample Physical Access Control System Network
`
`Access
`Control
`Server
`
`Badging
`
`Guard
`Workstation
`
`Other
`Servers
`
`
`LAN/LAN/
`
`WANWAN
`
`RS-485
`
`TCP/IP
`
`LAN
`Interface
`
`RS-485
`
`
`ControlControl
`
`PanelPanel
`
`
`ControlControl
`
`PanelPanel
`
`
`ControlControl
`
`PanelPanel
`
`
`ControlControl
`
`PanelPanel
`
`Modem
`
`Modem
`
`
`ControlControl
`
`PanelPanel
`
`Wiegand
`
`
`
`ReaderReader
`
`
`DoorDoor
`
`LockLock
`
`
`
`ReaderReader
`
`
`DoorDoor
`
`LockLock
`
`ReaderReader
`
`
`ReaderReader
`Readers
`
`
`DoorDoor
`
`DoorDoor
`
`StrikesStrikes
`
`LocksLocks
`
`
`
`ReaderReader
`
`
`DoorDoor
`
`LockLock
`
`ReaderReader
`
`
`ReaderReader
`Readers
`
`
`DoorDoor
`
`DoorDoor
`
`StrikesStrikes
`
`LocksLocks
`
`4
`
`USR Exhibit 2022, page 4
`
`
`
`Smart Card Alliance Conference 2003
`• Why Integrate Smart Cards into Physical Access
`Control Systems?
`– Improve security
`– Add PIN and/or biometrics
`– Implement more efficient identification processes
`– Reduce the number of ID cards carried
`– Add new applications
`
`5
`
`USR Exhibit 2022, page 5
`
`
`
`Smart Card Alliance Conference 2003
`• Physical Access Control System Security
`Considerations
`–Card Security: Smart cards can help to deter
`counterfeiting, thwart tampering with an ID card and
`prevent usage of an unauthorized card
`–Card to Card Reader Communications: Smart
`cards support encryption and security techniques that
`enable card and reader authentication methods that
`can secure communication between the card and the
`reader
`–Card Reader to Control Panel Communications:
`Providing secure channels neutralizes the most
`serious threats because the reader and the card are
`the two elements that are exposed and physically
`available to an attacker.
`
`6
`
`USR Exhibit 2022, page 6
`
`
`
`Smart Card Alliance Conference 2003
`• End-to-End Security in a Smart Card-Based Physical
`Access System
`
`Smart
`Card
`Reader
`
`Access
`Control
`Panel
`
`Access
`Control
`Server
`
`Secure Authenticated Communication
`- Contact or Contactless Interface
`
`Secure Encrypted Channels
`
`7
`
`USR Exhibit 2022, page 7
`
`
`
`Smart Card Alliance Conference 2003
`• Smart Card Technology Choices:
`– Contactless Smart Card Technology
`–ISO/IEC 14443 is a 13.56 MHz contactless
`technology with an operational range of up to
`about 4 inches (10 centimeters)
`–ISO/IEC 15693 is a 13.56 MHz passive RF
`technology designed to operate at ranges of up to
`3 feet (1 meter)
`– Contact Smart Card Technologies
`–ISO/IEC 7816 contact smart cards are currently
`used for a wide variety of applications, including
`physical and logical access
`
`8
`
`USR Exhibit 2022, page 8
`
`
`
`Smart Card Alliance Conference 2003
`• Biometrics, PINs, and Smart Cards
`– Smart cards can store biometric information for an
`individual against which the individual can be
`authenticated in real time.
`– Smart card chips, depending on memory size, can
`store virtually any type of biometric information, either
`as a compressed digital template (e.g., fingerprint
`minutiae), or as a complete digital representation of
`the biometric feature (a digital image).
`– Smart cards can also store a PIN that can be
`matched at the reader and can be used with or
`without implementing biometrics.
`
`9
`
`USR Exhibit 2022, page 9
`
`
`
`Smart Card Alliance Conference 2003
`• Biometric Smart Card Devices Available for
`Integration into Physical Access Control Systems
`– Fingerprint
`– Iris
`– Hand Geometry
`
`10
`
`USR Exhibit 2022, page 10
`
`
`
`Smart Card Alliance Conference 2003
`• Some Key Questions to be Considered in Planning
`the Integration of Smart Card Technology
`– Legacy Systems
`–What is the desired timing to replace legacy
`systems?
`–How many legacy systems are in place?
`–Are different legacy systems in place at different
`locations?
`–Are there new locations that must be considered?
`– Access Points
`–What access points require new readers?
`–Do some or all access points require new
`functionality (e.g., biometrics or PIN pads) or is
`new functionality only required at selected sites?
`–Can a new multi-technology smart card meet
`security requirements at some access points
`without requiring the reader to be changed?
`
`11
`
`USR Exhibit 2022, page 11
`
`
`
`Smart Card Alliance Conference 2003
`• Some Key Questions (Continued)
`– ID Cards
`–Which employees require new ID card
`functionality?
`–Is it desirable to replace all ID cards to improve
`security and add functionality throughout the
`organization or are new ID cards only required for
`a subset of employees?
`– Data Format
`–Will the ID system numbering scheme or data
`format change?
`–How will legacy systems be modified to
`accommodate these changes? ?
`– Are there new security requirements that will require
`replacement or upgrades of the physical access
`system architecture or components, such as cabling?
`
`12
`
`USR Exhibit 2022, page 12
`
`
`
`Smart Card Alliance Conference 2003
`• Example Integration Scenarios
`– Multiple Cards, Multi-Technology Readers, Multiple
`Access Control Systems
`– Single Multi-Technology Card, Multiple Single
`Technology Readers, Multiple Access Control
`Systems
`– Single Multi-Technology Card, Multiple Single
`Technology Readers, Legacy Access Control System
`– Single Technology Card, New Single Technology
`Readers, Multiple Access Control Systems
`
`13
`
`USR Exhibit 2022, page 13
`
`
`
`Smart Card Alliance Conference 2003
`
`• Conclusion
`– It is critical for an organization to define the long-term
`objectives for a new smart card-based physical
`access control system
`– Develop a careful integration strategy and plan that
`implements the system in a logical, convenient, timely
`and cost-effective way
`– Integrating smart card technology into a physical
`access control system can be economical and
`relatively straightforward if it is well planned.
`
`14
`
`USR Exhibit 2022, page 14
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
