You are here » Home » Products » Networked PACS


The TrustZone™ networked Physical Access Control System (PACS) was developed specifically to meet the requirements of Homeland Security Presidential Directive 12 (HSPD-12), which mandates a secure and tamper proof ID card be used to access Federal Government facilities and networks. The system is capable of operating with all government issued CAC and PIV credentials and will also operate with BridgePoint PIV-compatible Temporary Credentials.

  • Open Architecture
  • Scalable and Flexible
  • Efficient and Cost-effective
  • Network and Serial Controllers
  • Database-Independent
  • Hardware-Independent
  • Unlimited Card Holders
  • Unlimited Access Control Devices
  • Configurable Access Levels
  • Hardware Time Schedules
  • Customizable Holidays
  • Global Anti-pass-back
  • Integrate Any Access Technology
  • Biometric Support
  • Easy-to-Use Interface and Application
  • Local or Centralized Security Control
  • Integrated IDS
  • Multiple Client Workstations
  • Encrypted Communication
  • Event Photo Management
The TrustZone system architecture is widely accepted in the security industry. The major components in the system include:

  • Enrollment and Validation Client hardware and software (with optional PKI authentication)
  • Central Server hardware and software (with optional CRL validation)
  • Central Controller and door interface devices
  • Access Readers that deliver "Some", "High" and "Very High" assurance levels
The diagram below shows the basic architecture of a TrustZone PACS, integrated with either a TrustPoint PC Enrollment Reader or optional TrustAlert Validation software and BridgePoint Access Readers:




TrustZone Software offers features and performance comparable to or exceeding any access system on the market today. The software combines all related security systems under one common platform and is database and hardware independent. It provides a powerful security system with an intuitive user interface, alarm graphics, intrusion detection and audit reporting.




HSPD-12, the FIPS-201 standard and NIST SP-800-116 guidance publications raise the bar for authentication in physical access systems to a similar level for logical systems. Many legacy access systems simply compare a 26-bit card ID number to grant access, which is no longer considered adequate to secure government facilities.

Even with upgraded smart card readers, most conventional access systems do not have the computing power to be in compliance with NIST guidance because of the potential for credential collisions. NIST recommends the use of PKI-based strong authentication mechanisms for authenticating credentials and preventing the possibility of cloned credentials being used to attack access systems.


NIST Statement:

"PKI and asymmetric CAK authentication mechanisms should be implemented by a PACS reader capable of full certificate validation, either on-line or using a caching status proxy ... If a caching status proxy is used, the certificates should be captured when the PIV Card is registered to the PACS."

--NIST SP-800-116, Paragraph 7.4 PACS Registration


The TrustZone PKI-PACS, when integrated with the TrustAlert Validation System, implements PKI from end-to-end, meeting all recommendations set forth in NIST SP-800-116. CAC and PIV credentials are validated at enrollment into the TrustZone system, periodically checked for revocation status and are challenged at every point-of-access. All PKI operations are based on asymmetric cryptography and conforms to the NIST guidance that is provided in NIST SP-800-116, "A Recommendation for the Use of PIV Credentials in Physical Access Control Systems".
Get Technical
Information
Email Product
Support
Call Customer
Service
Print Page
Copyright © 2009, BridgePoint Systems, Inc., All rights reserved
Use of this Website is subject to the Terms and Conditions and the Privacy Policy.