Home' RTCA Documents for Review : DO-230H FRAC Contents 103
©2017 RTCA, Inc.
However, if Bob uses Alice’s card the system will grant access to Bob. Bob may continue to use Alice’s
card until Alice requests her card back or reports it missing and it is de-provisioned. As this example
describes, there is no binding between the credential and the authorized individual. The level of trust in the
identity of the person requesting access using just a token is low.
A second authentication mechanism is based on something one knows. A PIN may be a credential that is
provisioned in a PACS and used as an access credential in some areas. Alice now uses a PIN and she keeps
this PIN secret. Alice will not allow Bob to borrow her PIN as she knows she cannot let someone
temporarily “borrow” a PIN. Once a PIN is revealed it is revealed forever. PACS manufacturers have
devised a wide variety of methods to protect the privacy of a PIN at different levels of the system. This
authentication mechanism may offer low or some degree of trust in the identity of the person requesting
access using a PIN.
The two authentication mechanisms above can be combined so that Alice will use her card and then enter
her PIN. This is a common two factor authentication mechanism. Depending on how the specific PACS
processes and stores the PIN and card data, the system may be configured to allow use of Card+PIN, or
Card only at certain portals during normal business hours while after hours (or at elevated threat conditions),
both a card and a PIN may be required. The dual authentication mechanism offers a higher degree of trust
in the identity of the card holder.
When using a PIN, the access control credential (whether a card or the PIN itself) is somewhat bound to
the individual to whom the credential references assuming that the PIN is kept secret. However, the PIN
does not represent a strong binding to the individual because the PIN can be shared or guessed. A stronger
method of binding the credential to the individual is to use a unique identifier in conjunction with a
biometric comparison process. Refer to section 3 for more information on biometrics in general.
A biometric identifier collected at the time of initial enrollment and provisioning and stored in the system
or in the card may be matched against a live biometric identifier submitted by Alice at the access control
portal. Combining card and/or PIN with a biometric comparison may offer an even higher degree of trust
in the identity of the person requesting access at an access control portal.
Therefore, the three independent authentication factors are
“Something you have” (such as a card),
“Something you know” (such as a PIN code), and
“Something you are” (as measured by a biometric comparison).
Many readers offer the capability to combine two or three of the authentication factors described above.
The authentication mechanism (combination of factors to be used) is controlled by the PACS on a portal-
by-portal basis and may be modified by time of day or facility threat condition. Readers with Two & Three
authentication factors are available and communicate with the controllers just like a standard one factor
reader. (See Figure 4-14)
Links Archive Navigation Previous Page Next Page