Home' RTCA Documents for Review : DO-230H FRAC Contents 17
©2017 RTCA, Inc.
The system design fuses data, processes and procedures from various security systems, sensors and other
technologies to support the coherent operations model of an access control system. Requirements
definitions and a functional decomposition of the system address stakeholder concerns should be done as
part of the system design. Many airports will have a mix of legacy and emerging systems and technologies;
e.g., a fusion approach would facilitate the integration of legacy fingerprint with emerging biometrics
technology to harden access to secure areas of the airport. More information on these and other related
topics may be found in Section 8: Integration.
The purpose of cyber security is to mitigate the most serious threats to information technology and the
potential for adverse economic impact to nations and industries. The number of identified cyber
vulnerabilities increases daily and the need for collaborative approaches to combat these threats has become
more important. Hardening the digital infrastructure to make it more resilient to disruptions and unwanted
cyber penetration is a top priority item, along with the ability to recover quickly from any cyber incident.
The following subsections provide information relating initiatives of the government of the United States
and its operating agencies. This is not meant to be an exhaustive information session on cyber security
initiatives, but a representative sampling for consideration given the current debates and the possible
impacts to the operations of airport security systems. Cyber security is further explored in Section 9:
National Security Initiatives
The National Security strategy adopted for cyber security is to 1) improve the resilience to cyber incidents
and 2) reduce cyber threats. Several federal initiatives have been launched including National Security
Presidential Directive 54 and Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23), and
states, local governments and private industries are working on various approaches. The “National
Vulnerability” database is the standards-based federal repository of vulnerabilities reference data which is
sponsored by the DHS Cyber Security division.
FICAM Cyber Security Programs
The Federal Identity, Credential and Access Management (FICAM) initiative and the implementation of
access control systems rely on strong identity management practices combined with policies and procedures
to lessen cyber security incidents. The implementation guidelines outlined in the FICAM roadmap provide
guidance for interoperable and secure FICAM components as well as reference guidance to standards and
specifications for testing and system deployment.
EOP-OMB Cloud Computing Initiative
The Executive Office of the President - Office of Management and Budget (EOP-OMB) recognized the
complex nature of the federal enterprise and the proliferation of duplicative investments in technology, and
issued directives to agency CIO heads to show a preference for using shared services instead of separate
independent systems. Cloud computing is one of the shared services being explored. The General Services
Administration (GSA), along with NIST and other agencies, is the Program Management Office (PMO) for
the Federal Risk and Authorization Management Program (FedRAMP). GSA will provide a standards-
based approach to security assessment, authorization, and continuous monitoring for cloud products and
Links Archive Navigation Previous Page Next Page