Current Technology and the TWIC Program Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology.

Slides:



Advertisements
Similar presentations
EzScoreboard.com A Fully Integrated Administration Service.
Advertisements

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.
Card and Reader Overview Gerald Smith Sr. Consultant ID Technology Partners.
FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.
RSA AND RCG PHOTO IDENTIFICATION CARD. Existing arrangements RSA commenced 1995 RCG commenced 2000 RTOs purchase blank certificates from OLGR at $15 each.
Eligibility, Benefits, and Pre-certifications
Residents’ register service under the Ministry of the Interior
Labcal. © 2004 Labcal. Presented by: Mr. Gregory McConnell Partner & Director of Business Dev. Labcal. Todays Biometric Projects Need Mobile.
12 November 2002Digital Identity Forum – London Biometrics and ID Bill Perry Independent Consultant Phone:
Sunday Business Systems Asset Tracking Database Control Calibrated Equipment Manage Preventive Maintenance Maintenance Tracking.
Parking solution designed for hotels – Providing one card solution to hotel management. Richard Hsieh Tel: Ext. 128 Fax:
San Francisco International Airport
1 N EW M EXICO AFIS F AST ID U PGRADE C HANGE R EQUEST C ERTIFICATION N EW M EXICO AFIS F AST ID U PGRADE C HANGE R EQUEST C ERTIFICATION Executive Summary.
Department of Information Technology John F. Simms Bldg. Security Upgrade Implementation Certification Project Sponsor, Andrew Griego Project Manager,
HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
Lecture 6 User Authentication (cont)
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
SAC844 Anviz Online Training Lesson 8
USCG Enforcement for the Implementation of TWIC
Department of Labor HSPD-12
Cryptography Usage in TWIC (Draft v4 8Dec06)
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
Test & Evaluation Master Plan (TEMP) Overview
Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.
Cardholder Configuration An in-depth guide. Overview Main module for cardholder database – Personal Info – Cards – Access Levels – Print Cards Reads &
FICAM Testing Program For more information, please contact GSA-FICAM- The FIPS 201 Evaluation Program is now the FICAM Testing.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
PIV Data Model Testing Ketan Mehta March 3, 2006.
Liberian Registry INTERTANKO ASSOCIATES COMMITTEE MEETING March 29, 2006.
Notes: Update as of 12/31/2010 inclusive. Chart counts NIST CVE – Reported Software Flaws by “published” date, utilizing the NIST NVD. SQL Server.
Enterprise Physical Access Control System (ePACS) Overview Briefing
Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.
Marjie Rodrigues
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
Certificate and Key Storage Tokens and Software
I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.
Microcrypt Technologies SPACER Secure Physical Access Control Enhanced Reader for contactless cryptographic smart cards.
NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.
November 2009 Network Disaster Recovery October 2014.
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Biometric Access Control in TWIC Read Hardware and Card Application Specification Roger Roehr.
ODRC Mainframe Systems Migration Project
Lifecycle Workstation Operator Training: PIN Reset and Certificate Update Updated April 17, 2012.
Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
PIN-on-Card New contact-less smart card with integrated PIN pad for secure user verification at unparalleled cost effectiveness.
1 Transportation Worker Identification Credential (TWIC) What you should know LT Fran Smith CWO Alan Guedesse.
Transportation Worker Identification Credential (TWIC) Guidance for TWIC Reader Pilot Program November 19, 2007.
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
Biometrics Authentication Technology
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Information Systems Design and Development Security Precautions Computing Science.
Port of Stockton Access Policy
TWIC Compliance MERPAC Meeting April 17, 2009 LT Devon Brennan
Transportation Worker Identification Credential (TWIC) Next Generation (NEXGEN) Card Update for National Maritime Security Advisory Committee (NMSAC)
Merchant Marine Personnel Advisory Committee (MERPAC) Transportation Worker Identification Credential (TWIC) Update September 12, 2007 LCDR Jon Maiorine.
TWIC Implementation Update
TWIC Update to Sector Delaware Bay AMSC
U.S. Coast Guard LCDR Brett Thompson.
Previously In groups of three compete the charts listing advantages and disadvantages for each.
Biometric technology.
NEW PRODUCT INTRODUCTION CONEKT™ Mobile Smartphone Access Control Identification Solution June 2018.
NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.
PLANNING A SECURE BASELINE INSTALLATION
Port of Stockton Access Policy
Presentation transcript:

Current Technology and the TWIC Program Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology Partners, Inc. Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology Partners, Inc NAWE Semi-Annual Meeting – Charleston, SC April 14, 2010

2010 NAWE Semi-Annual Conference TWIC Card and Biometric Readers Purpose is to read TWIC card and perform automated validation of card authenticity and biometric verification of card holder

2010 NAWE Semi-Annual Conference Types of TWIC Readers Fixed mount outdoor Fixed mount indoor Portable (handheld) Fixed mount outdoor Fixed mount indoor Portable (handheld)

2010 NAWE Semi-Annual Conference Examples of TWIC Readers

2010 NAWE Semi-Annual Conference TWIC Reader Technical Requirements Defined by TSA TWIC Reader Hardware and Card Application Specification –Version May 30, 2008 – Still considered as a working document –Will likely undergo changes as a result of Lessons learned during environmental and expanded functional testing Lessons learned during field pilot tests Defined by TSA TWIC Reader Hardware and Card Application Specification –Version May 30, 2008 – Still considered as a working document –Will likely undergo changes as a result of Lessons learned during environmental and expanded functional testing Lessons learned during field pilot tests

2010 NAWE Semi-Annual Conference Key Maritime Reader Requirement Outdoor readers must operate in all weather conditions Temperature Humidity Sunlight Dirt Rain Snow Salt spray Outdoor readers must operate in all weather conditions Temperature Humidity Sunlight Dirt Rain Snow Salt spray

2010 NAWE Semi-Annual Conference Use of TWIC Readers Today Policies for reader use will be set through future USCG rule making –Current requirement is for visual inspection of TWIC even for voluntary users of TWIC readers –Exception is reader field pilot participants –Final reader rule is likely many months away Policies for reader use will be set through future USCG rule making –Current requirement is for visual inspection of TWIC even for voluntary users of TWIC readers –Exception is reader field pilot participants –Final reader rule is likely many months away

2010 NAWE Semi-Annual Conference Interim Use of TWIC Readers USCG expected to implement interim policy measures to leverage biometric capabilities –Expect new Policy Advisory Council policy to replace PAC within two months –Largely driven by pending expiration of 05 & 06 grant funding targeted for purchase of TWIC readers –Expected to define interim voluntary reader use without requirement for visual inspection USCG expected to implement interim policy measures to leverage biometric capabilities –Expect new Policy Advisory Council policy to replace PAC within two months –Largely driven by pending expiration of 05 & 06 grant funding targeted for purchase of TWIC readers –Expected to define interim voluntary reader use without requirement for visual inspection

2010 NAWE Semi-Annual Conference TWIC Reader Operating Modes

2010 NAWE Semi-Annual Conference Reader Mode (Contactless) Place card in close proximity to reader Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Requires previous registration of TWIC Privacy Key (TPK) to decrypt biometric stored on card No PIN entry required Place card in close proximity to reader Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Requires previous registration of TWIC Privacy Key (TPK) to decrypt biometric stored on card No PIN entry required

2010 NAWE Semi-Annual Conference Reader Mode (Mag Swipe & Contactless) Swipe magnetic stripe –To obtain TPK for decrypting biometric on card Place card in close proximity to reader CHUID + card authentication + biometric No pre-registration of TPK required No PIN entry required Swipe magnetic stripe –To obtain TPK for decrypting biometric on card Place card in close proximity to reader CHUID + card authentication + biometric No pre-registration of TPK required No PIN entry required

2010 NAWE Semi-Annual Conference Reader Mode (Contact) Insert card into contact reader slot Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Not recommended for outdoor fixed mount operation No PIN entry required Insert card into contact reader slot Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Not recommended for outdoor fixed mount operation No PIN entry required

2010 NAWE Semi-Annual Conference Reader Mode (Contact with Face Image) Insert card into contact reader slot Enter PIN Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Display facial image Most suitable for portable readers PIN required Insert card into contact reader slot Enter PIN Three approaches based on security needs –CHUID only –CHUID + card authentication –CHUID + card authentication + biometric Display facial image Most suitable for portable readers PIN required

2010 NAWE Semi-Annual Conference TWIC Card registered into Physical Access Control System (PACS) with no TWIC Reader at Entry Points Read TWIC card at PACS administrative workstation Verify fingerprint matches to stored fingerprint on card Check TWIC card validity and expiration dates Add TWIC card holder unique identifier (CHUID) into PACS server database Link TWIC CHUID to existing record in PACS PACS server periodically checks TSA TWIC hot list –Revokes PACS entry privilege if found on hot list –Disables existing badge Read TWIC card at PACS administrative workstation Verify fingerprint matches to stored fingerprint on card Check TWIC card validity and expiration dates Add TWIC card holder unique identifier (CHUID) into PACS server database Link TWIC CHUID to existing record in PACS PACS server periodically checks TSA TWIC hot list –Revokes PACS entry privilege if found on hot list –Disables existing badge

2010 NAWE Semi-Annual Conference Operational Biometrics Register biometric in access control system –Biometric not read from card during entry No need to store TPK or decrypt biometric data –Could be fingerprint, iris, face, vein, etc. Card ID is pointer to biometric in database No need for PIN entry Register biometric in access control system –Biometric not read from card during entry No need to store TPK or decrypt biometric data –Could be fingerprint, iris, face, vein, etc. Card ID is pointer to biometric in database No need for PIN entry

2010 NAWE Semi-Annual Conference What do Readers Cost? Estimated price ranges: –Fixed mount outdoor readers - $2,500 to $4,000 –Fixed mount indoor readers – $2,000 to $3,500 –Portable mobile readers - $4,000 to $6,000 Typical warranty is one year Useful life is 5 to 7 years Software, installation, integration, physical access control system, field control panels, etc. are not included in the above price estimates Estimated price ranges: –Fixed mount outdoor readers - $2,500 to $4,000 –Fixed mount indoor readers – $2,000 to $3,500 –Portable mobile readers - $4,000 to $6,000 Typical warranty is one year Useful life is 5 to 7 years Software, installation, integration, physical access control system, field control panels, etc. are not included in the above price estimates

2010 NAWE Semi-Annual Conference Next Steps for TWIC Reader Certification TSA is working with the National Institute of Standards and Technology (NIST) to define an on-going TWIC reader test and certification process –Workshop to be held on September 21 To be implemented after publication of final reader rule Testing to be performed by accredited independent laboratories Will result in published TWIC reader Qualified Products List (QPL) TSA is working with the National Institute of Standards and Technology (NIST) to define an on-going TWIC reader test and certification process –Workshop to be held on September 21 To be implemented after publication of final reader rule Testing to be performed by accredited independent laboratories Will result in published TWIC reader Qualified Products List (QPL)

2010 NAWE Semi-Annual Conference Field test Sep 09 – Jan 10 –Datastrip and MAXID deployed to 51 field units –5,000+ TWICs inspected –Not used for enforcement –User feedback being reviewed Field deployment –All 42 Captain of the Port (COTP) Zones –Deployment schedule – Summer 2010 Expected mission use –Law enforcement boardings –Facility inspections / spot checks –Vessel inspections USCG Handheld Readers for Enforcement

2010 NAWE Semi-Annual Conference Demonstration

2010 NAWE Semi-Annual Conference More Information TSA website – – TWIC Reader Specification – Pilot Program – FAQs USCG website – -Final Rulemakings, Compliance Notices & Framework -Navigation & Vessel Inspection Circular (NVIC) Policy Advisory Council (PAC) Decisions -FAQs Biometric information – or Smart card information – Questions?

2010 NAWE Semi-Annual Conference Contact Information Walter Hamilton (727) (425) (cell) Walter Hamilton (727) (425) (cell)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.