Education and Training | Government Relations | Industry Events | Standards Information. Insight. Influence. securityindustry.org

Education and Training | Government Relations | Industry Events | Standards

Information. Insight. Influence. securityindustry.org



SIA OSDP Profile Drafts


SIA OSDP Profiles – Basic Reader

[Description] A reader that supports basic current OSDP commands [Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7)

[Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad EntryText Display



SIA OSDP Profiles – Federal GovernmentDescription[Description] A Peripheral Device (PD) that conforms to functions necessary to perform Federal Identity, Credentialing and Access Management (FICAM) applications. These requirements are informed by officially published GSA Approved Products List (APL) testing and certification guidance. Please Note: The FICAM APL PACS testing and certification program is a comprehensive end-to-end process that is yet to be completely finalized. Conformance to either method in this OSDP profile does not guarantee acceptance to the FICAM APL.

This can be achieved through various modes:

•[Transparent Mode]

•[Extended Packet Mode]



SIA OSDP Profiles – Federal Government:Standards and Options[Standards] OSDP v2.1.6 (2.1.7) Reader to Panel communications using bi-directional RS-485 115kb or greater. NIST 800-73-3FICAM PACS Master Test Procedures Section 1.3FICAM APL-2 Certification GuidanceISO-7816-4




SIA OSDP Profiles – Biometric Verification [Description] A device that supports current OSDP commands for the verification of a biometric template.

[Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7)





Security Industry AssociationSNMP Standards Development Sub-Committee

Initial Scope Review



Charter Goals• Deliver a turnkey implementation method to ensure the standardized

management of any physical security IP based device.• Use industry standard, readily accepted and implemented to prevent

proprietary forced usage requirements, allowing benefit to the customers who buy these devices.

• Platform agnostic approach to enable monitoring these devices. • Easy to understand and implement.• Promote the use of SIA as a repository and reference for all devices

compliant with the standards.


IETF SNMP Standards • Internet Engineering Task Force

• Founded in 1986 by US Government Researchers

• Evolved into a standards development function in 1993.

• Widely accepted industry standards body with regards to SNMP utilization and definition



Standard RFC/OID Implementation Guideline• RFC to be implemented in its full capacity, not just in parts. All

OID’s must be readable.

• Where possible, utilize no less than SNMP V2C

• SNMP V3 security is preferable to ensure the protection of data available.

• Any OID’s defined as writable by the SNMP standard shall be implemented as writable on all devices.



Proposed Usage -IETF RFC’s• RFC 1213 – MIB for Network Management of TCP/IP Based

Internets

• RFC 2863 – Interface Group MIB

• RFC 4022 – MIB for Transmission Control Protocol

• RFC 2790 – Host Resource MIB

• RFC 4293 – MIB for Internet Protocol

• RFC 2465 – MIB for IP Version 6


The Role of IoT in Security Standards

Steve Van TillCEO, Brivo SystemsChairman, SIA Standards [email protected]

Four Megatrends Affecting Security

Data

Social

IoT

Mobile

Internet of Things

Internet of Everything

Industrial Internet of Things

How does IoT change security?

• More smart devices• More data• New standards• Better analytics• Early warnings

• More things to hack• More privacy threats• Compatibility risks• Data overload• Signal-to-noise

#GOOD #BAD

An anti-hero who can hack into the physical infrastructure to obtain and control information or to destroy such devices completely.

#UGLY

What jobs will IoT do for security?

• Sensing• Controlling• Identity

Source: How Smart, Connected Products Are Transforming Competitionby Michael Porter and James E. Heppleman

Harvard Business Review, November 2014

The Goal of IoT Standards

To create interoperable products that can discover, connect, and interact directly with other nearby devices, systems, and services regardless of transport layer, device type, platform, operating system, or brand.

- AllSeen Alliance

Who’s Creating IoT Standards?

SIA Standards in Context

• SNMP (MIB)– Model: an industry profile for an extensible framework– An ‘Internet’ (IP) standard (the I in IoT)– Common heritage to (some) IoT initiatives– As a MIB, has a role in many types of systems

SIA Standards in Context

• OSDP– Model: industry-specific standard for industry-specific need– Shifting from local/wired (RS-485) to IP– Opportunity: broader use and an Internet (IP) standard?

SIA Standards Role in

IoT Standards Development?

One Thing We Don’t Want To Do

Possible Roles & Responses

• Educate SIA members about IoT standards• Educate IoT communities about SIA members• Join IoT organizations• Outreach to IoT players• Contribute to IoT standards• Create an industry-specific IoT framework

Thank You

• Steve Van Till• President & CEO• Brivo Systems• [email protected] You

Steve Van TillPresident & CEO, Brivo SystemsChairman, SIA [email protected]

Documents

Education and Training | Government Relations | Industry Events | Standards Information. Insight. Influence. securityindustry.org