san francisco international airport access control and biometrics case study kim dickie, asst deputy...
TRANSCRIPT
San Francisco International Airport
Access Control and Biometrics Case Study
San Francisco International Airport
Access Control and Biometrics Case Study
Kim Dickie, Asst Deputy Airport Director, - Aviation Security Kim Dickie, Asst Deputy Airport Director, - Aviation Security
2
• Access Control System (ACS) MDI and Ingersoll Rand Hand Geometry installed 1991
• Serve 20,000 airport ID badged employees
• Terminal 2 Renovation Project• New domestic terminal w/ 14 gates • Select a new ACS and Biometric system• Identify need for migration plan for all terminal facilities• Smart Card Technology• Comply with new industry standards
Background
3
• Approximately 1500 airfield access portals
• ACS Card Reader transactions• —over 200,000 / day
• 200+ access portals equipped with Card/ Hand Geometry Readers
• Hand Geometry Reader transactions• —can exceed 35,000 / day
• Deployed at all Airport controlled access portals leading directly to the Secured Area
ACS and Biometric System - CurrentACS and Biometric System - Current
4
Turnstile Vestibule, Card Reader/Hand Geometry, Access Portal
Access Control System - Current Access Control System - Current Access Control System - Current Access Control System - Current
5
How it works……………• Over 90 distinct hand measurements taken
including:• Length • Width • Thickness• Surface area
• 3-D image acquired• 9 byte template is generated
Biometric Technology – Current
6
Hand Geometry Facts• Easy to use• Low failure to enroll rate
• 2 out of 70,000• Fast verification
• 2 – 3 second average• Low false rejection rate—.1% • probability an authorized user is rejected• Hand Geometry Reader reliability• — greater than 99.9%
Biometric Technology - Current Biometric Technology - Current
7
• Lumidigm™ fingerprint readers to replace infrared hand geometry readers
• Multispectral imaging technology used to collect fingerprint information from below the surface of the skin
Biometric Technology - Future
Avoids conventional fingerprint reader pitfalls:
•Worn fingertips
•Overly moist or dry skin
•Soft press against reader
•Susceptibility to fraudulent, artificial fingertips
8
Access Control System - Future
• ACS system – Lenel OnGuard• HID iClass Elite “contactless” Card
• Fingerprint, Hand Geometry, Mag stripe, proximity card
• Space for a contact chip
Presentation Title and date (update in slide master)9
Airport Badging/Credentialing Process – Current
Presentation Title and date (update in slide master)10
Forms & Pre-Checks
Pre-Enroll
Manual Setup
Airport Security Training
Conduct
Enroll Fingerprinting
CHRC
“No-Fly” List Manual Verification – inconsistent return rate – 3 places to check for approval
Manual Setup
Badging & Card Issuance
Manual Results
End Enroll
Document Archiving
Manual Filing
Manual Physical AccessPrivileges
Physical Access
Manual Data Reconciliation
Provision
Manual Provision
Audit
Manual AuditReports
Time for completion Not Controlled by Airport -
Time for completion Not Controlled by Airport -
CA
DOJ
CA
DOJ
Presentation Title and date (update in slide master)11
Airport Badging/Credentialing Process – Future
12
Web Paper Forms
Pre-Enroll
Badging, Card, Key, Issuance
End Enroll
Automate Result Upload
Audit
Automate Data
Reconciliation
Automate Audit
Reports
Physical Access
Privileges Provision
AutomateProvisioning & Role-based Access
Privileges
Airport Security Training
Document ArchivingConduct
Automate Doc Mgmt
Automate Training Registration
AutomateData Input
Capture Fingerprints
“No-Fly” & “Selectee” list
CHRC
Background Check
Automate Upload &Verification
CA
DOJ
CA
DOJ
13
Identity Management System (IDMS)
Vehicle/Parking
Access Control
Biometric, Smart Cards
Document Mgmt
Physical
Security
Documents
PACS
Biometrics
Smartcard
ThirdParties
Background Check/ No-fly List
Vetting
Credential Check
External
Processes
AAAE/TSC
(BASIC, CATSA)
No-Fly
IDMS solution connects siloed systemsinto a common framework
14
IDMS – Automated Workflow
• E-Form Credential Application– Eliminates duplicate data entry– Streamlines manual enrollment of biographic data
• Badge creation is only allowed when: – STA & CA DOJ is approved– Role-based badge template selection
• Twice Daily – SAFE is looking for STA– Setup alert for company-authorized designee, – Deactivate Card within 48 hours
• Automatic Notification Process – Creates Authorized Signatory or Employer
correspondence
• Automated Compliance of TSA regulations– Audit process– Authorized designee training mandatory
SAFE AppliesPre-Defined Rules
15
BASIC Pilot Program
• SFO to BASIC : XML Web Services - HTTP, SOAP 1.1• Phase 1 – Biographic information completed
– 5-15 Day Exercise (Design, Test, Deploy)– Initial round of integration testing complete– Testing conducted remotely
• Phase 2 – Biometric and Biographic in work• Integrate SAFE to Identix LiveScan – Fall 2009
– Allow SFO to connect to BASIC
SAFE BASIC Agent(Airport)
WS Client (PersonService.wsdl)
WS Host/Listener (PersonServiceNotification.wsdl)
BASIC(CSSP)
WS Host/Listener (PersonService.wsdl)
WS Client (PersonServiceNotification.wsdl)
Response
Request
Response
Request
16
Lessons learned so far……..
Identify IDMS requirements and opportunities
Phased approach - operational pilot
Perform ROI - Metrics
Evaluate Network system to identify requirements