The BridgePoint Physical Access Control System with “Trust at the Threshold PKI” is the first high-assurance FIPS 201 reader and PACS to implement digital certificate challenge and response and certificate validation for user authentication, says the company.
The solution, which can be implemented in coordination with other vendor PACS or in a stand-alone mode, can be combined with CoreStreet Enabled server extensions to the FIPS 201 PKI validation infrastructure. In combination the solution provides FIPS 201 credential holders the ability to meet the end state for physical access control today.
“In developing this solution BridgePoint looked to meet the requirements of Special Publication 800-116, and provide flexibility by greatly increasing the capability of the edge device,” said BridgePoint CEO Tom Corder. “You get full PKI in the reader, control panels that can handle full FIPS 201 data element types and sizes and, in concert with CoreStreet and the existing FIPS 201 PKI, validation of millions of credentials.”
“Partnering with BridgePoint Systems extends our market leading credential validation technology to high assurance Physical Access Control Systems, a key requirement for our government customers including the defense and intelligence communities,” said CoreStreet CEO Chris Broderick. “Through the integration of CoreStreet Enabled technology the BridgePoint PACS takes full advantage of, and seamlessly integrates with, the entire federal personal identity verification infrastructure.”
The investment in FIPS 201 public key and validation infrastructure will continue to scale. Eventually physical access control systems will have an ability to trust any credential associated with the Federal Bridge at a known level of security and identity assurance. Both BridgePoint and CoreStreet have created products that can take advantage of this infrastructure.
The solution provides government agencies and contractors as well as state, local and commercial enterprises looking to leverage FIPS 201 with a single solution able to accommodate the migration to smart card based access control called for in SP 800-116.