Home' RTCA Documents for Review : DO-230H FRAC Contents 21
©2017 RTCA, Inc.
Introduction and Purpose
This section examines credentialing for access control systems at airports and describes the U.S.
requirements for credentialing. As each airport differs, so do the applicable local, state and national laws
Issuance of credentials is part of a larger process of identity management. Issuance of credentials is a
frequently used security process to govern access to sensitive areas of an organization and sensitive
information. It can have both a physical and logical component for airport security systems.
Credentialing, with regard to airport access control systems, is the process by which an airport operator
issues regulatory-compliant media known as ‘credentials’ to allow unescorted access to security-related
areas of airports by airport staff, including tenants, concession staff and airlines, other airport-approved
entities such as law enforcement, first responders, construction personnel, and certain government
employees. See Figure 2.1 below.
The credential, colloquially known as an airport ‘badge’, can be the credential required by a physical access
control system (PACS) [Refer: Section 4: PACS]; conversely, less complex airports may control access
using a combination of disparate security components (master keys, badges, etc.). Frequently, the access
credential is coupled with the traditional photo ID badge, although each element of the badge has different
regulatory requirements and serves distinctly different purposes. The terms ‘badge’ and ‘credential’ are
sometimes used interchangeably.
Airport credentials may also provide both identification and access to a range of privileges, including access
to physical areas of an airport and/or access to information in the physical and virtual environments. A
badge may also be used to identify the right for an individual to operate a vehicle/equipment in specific
The Transportation Security Administration (TSA) is the U.S. civil aviation security authority and invokes
its regulations in compliance with national law and applicable International Civil Aviation Organization
(ICAO) standards and recommended practices, providing oversight and guidance to the nation’s airports.
Airport operators maintain the responsibility – and the ultimate liability - for local access decisions. This
section provides only a high-level generic description of credentials without operational detail or
proprietary or Sensitive Security Information (SSI).
The creation of an airport access credential among U.S. commercial airports, for instance, is governed in
part by federal regulations
and each airport’s Airport Security Program (ASP), and may also be governed
by other regulatory requirements relative to the individual airport operator’s jurisdiction. In a regulated
airport environment, an access credential is used by individuals to gain unescorted access to sterile area,
secured, and /or security identification display area(s) (SIDA), and in some cases, the Air Operations
U. S. Title 49 Code of Federal Regulations (CFR) Part 1542 [Refer: § 2.5]
U.S. Title 49 CFR Part 1542.103(a). [Refer: § 2.5.1]
Links Archive Navigation Previous Page Next Page