NIST Recommends Best Fits for Federal Access Control

April 15, 2008

Federal agencies have begun issuing a secure form of government-wide ID known as the Personal Identity Verification (PIV) card, mandated in 2004 by Homeland Security Presidential Directive 12. The Gaithersburg, MD-based National Institute of Standards and Technology (NIST) has released a draft publication outlining best-practice guidelines for making the new cards work with the physical access control systems (PACS) that authenticate the cardholders in federal facilities.

The PIV card is intended to work everywhere across the federal government. Conventional PACS, however, are not fully enabled to work with PIV cards and are not interoperable between agencies. PACS also need to verify the cardholder's identity with an appropriate degree of confidence (either "Some," "High," or "Very High"), depending upon the level of security needed at the particular location in the federal facility. Current PACS, however, may not be tailored to work at these graduated levels of authentication assurance.

The NIST draft publication explores methods for verifying identity in a simple model describing four zones of increasing security in a facility. The zones are unrestricted (outside the fence or walls of the facility, controlled (inside the fence of front door), limited (past a security checkpoint for employees in a facility), and exclusion (secure areas granted to individuals with specific needs).

The draft specifies increasingly sophisticated authentication mechanisms for these zones, from visual and CHUID authentication (inspection of features on the front and back of the PIV card and reading a unique number from the card) to biometrics (the use of distinguishing features in physical features like fingerprints to grant access) and PKI Authentication (exchange of cryptographic information that requires the user to enter a PIN number).

The report takes into account the many different types of federal facilities, from single-agency buildings to multiple-agency campuses. It also explores how PACS systems can work with temporary ID cards for guest employees or visitors.

For more information, visit (

Voice your opinion!

To join the conversation, and become an exclusive member of Buildings, create an account today!

Sponsored Recommendations

Building Better Schools

Download this digital resource to better understand the challenges and opportunities in designing and operating educational facilities for safety, sustainability, and performance...

Tips to Keep Facility Management on Track

How do you plan to fill the knowledge gap as seasoned facility managers retire or leave for new opportunities? Learn about the latest strategies including FM tech innovations ...

The Beauty & Benefits of Biophilic Design in the Built Environment

Biophilic design is a hot trend in design, but what is it and how can building professionals incorporate these strategies for the benefits of occupants? This eHandbook offers ...

The Benefits of Migrating from Analog to DMR Two-Way Radios

Are you still using analog two-way radios? Download this white paper and discover the simple and cost-effective migration path to digital DMR radios that deliver improved audio...