Legacy physical access control can do PKI
There have been some concerns from federal agencies with the possible physical access control specifications proposed by NIST. The proposed standard would have the physical access control reader check the PKI certificate on the PIV card, something many say isn’t possible with legacy systems and would cause many facilities to completely replace the physical access control systems.
But Tim Baldridge, computer scientist at the Marshall Space Flight Center with NASA, says it can be done. Baldridge, who also has worked on the physical access control spec with the Interagency Advisory Board, says agencies would have to change processes. If a facility did not have the new PKI-enabled readers a visitor would have to register when entering the building. The visitor would register at a PKI-enabled reader, and once verified, that verification would register at other readers around the facility. Baldridge made the comments during a session at the CTST Conference, May 13-15 in Orlando, Fla. ![[end]](/resources/bullet/secureidnews-4.gif)
