Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Physical Access to most US institutions broken (openpcd.org)

An anonymous reader writes: During the "27th Chaos Communication Congress" (http://events.ccc.de/congress/2010) held in Berlin this last December, a document was presented that shows how to expose the security keys of HID's proprietary iClass physical access cards. By some reports, over 80% of US-based institutions have deployed iClass physical access cards and readers. Look around your building and see if your door card reader has the HID logo. This exposes hospitals, universities, sea-side ports, utility companies, airports, high-tech companies, etc throughout the US to potential physical access security breaches. Those intimate with physical security have advocated for other PROX and MIFARE technologies. The US Government has been defining new standards in physical access associated with successful US Government employee PIV ID Card (http://csrc.nist.gov/publications/nistpubs/800-116/SP800-116.pdf). Many Government contractors as well as some local state governments have deployed PIV-I ID Cards (http://www.va.gov/pivproject/faq.asp) that rely on updated physical access technology/security. Physical Security managers at these US Institutions should be aware of this new vulnerability and assess their new elevated risks.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Physical Access to most US institutions broken

Comments Filter:

Trying to be happy is like trying to build a machine for which the only specification is that it should run noiselessly.

Working...