HID Identity pivCLASS RP15-H 910PHPNEGE0338 Benutzerhandbuch
Produktcode
910PHPNEGE0338
pivCLASS Authentication Module
Does the “Heavy Lifting” for PIV
Validation
pivCLASS
®
Authentication Module
The pivCLASS Authentication Module (PAM)
is an embedded computer packaged in a
small form factor with pre-installed, updatable
firmware. The PAM is installed between a
supporting reader (such as a pivCLASS reader)
and the existing access control panel, and
provides configurable Wiegand output to the
controller.
is an embedded computer packaged in a
small form factor with pre-installed, updatable
firmware. The PAM is installed between a
supporting reader (such as a pivCLASS reader)
and the existing access control panel, and
provides configurable Wiegand output to the
controller.
This enables the system to be upgraded to
support PIV cards for access control; the
access control panels do not have to be
replaced or even reconfigured, and the head-
end access control software does not need to
be enhanced with new features. Similarly, much
of your existing wiring may be reusable.
support PIV cards for access control; the
access control panels do not have to be
replaced or even reconfigured, and the head-
end access control software does not need to
be enhanced with new features. Similarly, much
of your existing wiring may be reusable.
Readers pass card information to the PAM,
which performs the required authentication
to validate (or invalidate) the cardholder
credential. If validated, the badge ID is then
passed to the existing access control panel for
the access authorization decision.
which performs the required authentication
to validate (or invalidate) the cardholder
credential. If validated, the badge ID is then
passed to the existing access control panel for
the access authorization decision.
Since the PAM regularly receives and caches
cardholder credential status from the pivCLASS
Certificate Manager, the result is nearly real-
time PKI-based high security at the door.
cardholder credential status from the pivCLASS
Certificate Manager, the result is nearly real-
time PKI-based high security at the door.
In its role, the PAM does the “heavy lifting” of
cryptographic operations for PIV cardholder
credential authentication each time a card is
presented to a reader. Each PAM can process
up to two readers at one or two doors.
cryptographic operations for PIV cardholder
credential authentication each time a card is
presented to a reader. Each PAM can process
up to two readers at one or two doors.
Increased Overall System Security
The pivCLASS solution is architected for the
security-conscious yet cost-sensitive security
administrator. The pivCLASS Authentication
Module typically sits inside the secure
perimeter, where it – not the reader – performs
the critical cryptographic functions. This
architecture locates the PKI operations
within the secure perimeter rather than in an
expensive, PKI-capable reader placed on the
insecure/attack side of the door.
security-conscious yet cost-sensitive security
administrator. The pivCLASS Authentication
Module typically sits inside the secure
perimeter, where it – not the reader – performs
the critical cryptographic functions. This
architecture locates the PKI operations
within the secure perimeter rather than in an
expensive, PKI-capable reader placed on the
insecure/attack side of the door.