Under the PMP program, every DoD civilian, military, and contract employee working at the Mark Center must undergo a required background check mandated by HSPD-12 and must be enrolled in the PMP before being issued an HSPD-12 compliant CAC.
As a part of the enrollment process, each person must meet with an agent in the access control division. The person’s biometric and biographical data is processed and stored in the PMP system, which will be tied to the CAC.
The process is thorough but not time-consuming. “The whole process, if you know what you’re doing, only takes three or four minutes,” says Nagel.
Through the PMP, PFPA can grant different access rights for tenants combined with multiple authentication factors. In the most common scenario, tenants will use their CACs alone to get on the campus (one-factor authentication).
They then will use the card again, possibly plus a biometric, to enter the building (two-factor authentication). The lobby turnstiles come equipped with fingerprint and iris scanners but these are not yet in use because of concerns with through-put, a problem Nagel and his team are currently trying to solve. If they cannot find a solution that delivers an acceptable level of throughput, biometrics may be activated only during times of elevated threat.
The next access control layer requires that tenants use their cards to get into their office space, at which point they may have to use both biometric and PIN verification, depending on the required security level (three-factor authentication).
Another exciting aspect of the PMP for Nagel is the possibility of “airline style ticketing” for visitor management. In this scenario, visitors invited by a tenant will be able to go online and feed their information into a PMP-enabled secure Web portal before they arrive at the Mark Center. Then the visitor will “arrive with a printed out boarding pass or have the ability to print locally at a kiosk,” he says.
And there may even be a biometric component to that too eventually. “For recurring visitors who frequent our sites, they could present an iris or fingerprint and be issued a visitor’s badge,” says Nagel. The enrollment process would be one-time only.
Possibly the most important aspect of the PMP is that it leverages open standards, which allows the PFPA to mix vendor products easily. It will also make life-cycle replacement easier, says Nagel.