Alliance Activities : Publications : Air Transport Identity
Interoperable Identity Credentials for the Air Transport Industry
Since September 11, 2001, the air transportation system–airports and air carriers–has been subjected to significantly more security measures and procedures to counter threats to U.S. civil aviation. One area of security that has received considerable attention is the deployment of an interoperable identification (ID) credential system that would provide identity assurance, electronic identity verification, and potentially, automated access to airport security controlled areas.
The number of air transport industry workers is expanding and includes members from a wide variety of private as well as government organizations. Staff from these organizations provide services ranging from baggage handling, aircraft maintenance, critical operations and management functions. Each individual has legitimate access requirements to controlled areas for both routine as well as for emergency purposes.
This white paper discusses the use and applicability of interoperable identity credentials for airport facilities. It covers the following topics:
- The definition of an interoperable, high assurance identity credential.
- The existing standards and guidance for Federal identity credentials and airport access control.
- The technologies and processes that are needed to support an interoperable identity credential.
- The use cases for an interoperable identity credential within an airport.
- The status of current guidance on airport credentialing and access control systems.
FIPS 201, ACIS and the RTCA DO-230B are important standards and guidance that form the foundation for an interoperable trusted identity aviation credential. The white paper looks at each of these and describes the support they provide for implementing an interoperable identity credential for the air transport industry.
FIPS 201 provides an established architecture for identity assurance. A FIPS 201 conformant identity credential is PKI-enabled, may be deployed to establish trust across multiple organizations and provides strong authentication verification for access control applications. All organizations in the aviation community should take advantage of the experience of the Federal organizations that are now deploying FIPS 201-interoperable credentials. An interoperable credential can fully leverage the experience and investment made by the Federal government and industry. A FIPS 201-aligned smart card-based credential can meet the requirements of chief information officers and airport security directors who are looking for a cost-effective solution for secure physical access.
This white paper captures best practices and defines use cases for interoperable identity credentials that meet the identity goals of trust, privacy, interoperability and usability. The paper was developed by the Smart Card Alliance Physical Access and Identity Councils after discussion with both government and air transport industry personnel to understand the complexities of trusting identity credentials at airports
The Smart Card Alliance offers an independent assessment of how standards, technology and processes can support the implementation of a high assurance, interoperable identity credential for the air transport industry, while local airports retain the ability to determine access privileges and design and issue local ID badges.
About the Smart Card Alliance Physical Access Council
The Smart Card Alliance Physical Access Council is focused on accelerating the widespread acceptance, usage, and application of smart card technology for physical access control. The group brings together, in an open forum, leading users and technologists from both the public and private sectors and works on activities that are important to the physical access industry and that will address key issues that end user organizations have in deploying new physical access system technology. The Physical Access Council includes participants from across the smart card and physical access control system industry, including end users; smart card chip, card, software and reader vendors; physical access control systems vendors; and integration service providers.
About the Smart Card Alliance Identity Council
The Smart Card Alliance Identity Council is focused on promoting the need for technologies and usage solutions regarding human identity information to address the challenges of securing identity information and reducing identity fraud, and to help organizations realize the benefits that secure identity information delivers. The Council engages a broad set of participants and takes an industry perspective, bringing careful thought, joint planning, and multiple organization resources to bear on addressing the challenges of securing identity information for proper use.
Identity and Physical Access Council participation is open to any Smart Card Alliance member who wishes to contribute to the Council projects.