Upload
eugenia-jefferson
View
218
Download
1
Tags:
Embed Size (px)
Citation preview
Education and Training | Government Relations | Industry Events | Standards
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
Information. Insight. Influence. securityindustry.org
SIA OSDP Profile Drafts
Education and Training | Government Relations | Industry Events | Standards
SIA OSDP Profiles – Basic Reader
[Description] A reader that supports basic current OSDP commands [Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7)
[Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad EntryText Display
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
SIA OSDP Profiles – Federal GovernmentDescription[Description] A Peripheral Device (PD) that conforms to functions necessary to perform Federal Identity, Credentialing and Access Management (FICAM) applications. These requirements are informed by officially published GSA Approved Products List (APL) testing and certification guidance. Please Note: The FICAM APL PACS testing and certification program is a comprehensive end-to-end process that is yet to be completely finalized. Conformance to either method in this OSDP profile does not guarantee acceptance to the FICAM APL.
This can be achieved through various modes:
•[Transparent Mode]
•[Extended Packet Mode]
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
SIA OSDP Profiles – Federal Government:Standards and Options[Standards] OSDP v2.1.6 (2.1.7) Reader to Panel communications using bi-directional RS-485 115kb or greater. NIST 800-73-3FICAM PACS Master Test Procedures Section 1.3FICAM APL-2 Certification GuidanceISO-7816-4
[Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad EntryText Display
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
SIA OSDP Profiles – Biometric Verification [Description] A device that supports current OSDP commands for the verification of a biometric template.
[Standards] Reader to Panel communications using bi-directional RS-485 at 9600 to 115kb. OSDP v2.1.6 (OSDP 2.1.7)
[Optional Features] Secure OSDP Bi-directional RS-485 communications. Keypad EntryText Display
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
Information. Insight. Influence. securityindustry.org
Security Industry AssociationSNMP Standards Development Sub-Committee
Initial Scope Review
Education and Training | Government Relations | Industry Events | Standards
Information. Insight. Influence. securityindustry.org
Charter Goals• Deliver a turnkey implementation method to ensure the standardized
management of any physical security IP based device.• Use industry standard, readily accepted and implemented to prevent
proprietary forced usage requirements, allowing benefit to the customers who buy these devices.
• Platform agnostic approach to enable monitoring these devices. • Easy to understand and implement.• Promote the use of SIA as a repository and reference for all devices
compliant with the standards.
Education and Training | Government Relations | Industry Events | Standards
IETF SNMP Standards • Internet Engineering Task Force
• Founded in 1986 by US Government Researchers
• Evolved into a standards development function in 1993.
• Widely accepted industry standards body with regards to SNMP utilization and definition
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
Standard RFC/OID Implementation Guideline• RFC to be implemented in its full capacity, not just in parts. All
OID’s must be readable.
• Where possible, utilize no less than SNMP V2C
• SNMP V3 security is preferable to ensure the protection of data available.
• Any OID’s defined as writable by the SNMP standard shall be implemented as writable on all devices.
Information. Insight. Influence. securityindustry.org
Education and Training | Government Relations | Industry Events | Standards
Proposed Usage -IETF RFC’s• RFC 1213 – MIB for Network Management of TCP/IP Based
Internets
• RFC 2863 – Interface Group MIB
• RFC 4022 – MIB for Transmission Control Protocol
• RFC 2790 – Host Resource MIB
• RFC 4293 – MIB for Internet Protocol
• RFC 2465 – MIB for IP Version 6
Information. Insight. Influence. securityindustry.org
The Role of IoT in Security Standards
Steve Van TillCEO, Brivo SystemsChairman, SIA Standards [email protected]
How does IoT change security?
• More smart devices• More data• New standards• Better analytics• Early warnings
• More things to hack• More privacy threats• Compatibility risks• Data overload• Signal-to-noise
#GOOD #BAD
An anti-hero who can hack into the physical infrastructure to obtain and control information or to destroy such devices completely.
#UGLY
Source: How Smart, Connected Products Are Transforming Competitionby Michael Porter and James E. Heppleman
Harvard Business Review, November 2014
The Goal of IoT Standards
To create interoperable products that can discover, connect, and interact directly with other nearby devices, systems, and services regardless of transport layer, device type, platform, operating system, or brand.
- AllSeen Alliance
SIA Standards in Context
• SNMP (MIB)– Model: an industry profile for an extensible framework– An ‘Internet’ (IP) standard (the I in IoT)– Common heritage to (some) IoT initiatives– As a MIB, has a role in many types of systems
SIA Standards in Context
• OSDP– Model: industry-specific standard for industry-specific need– Shifting from local/wired (RS-485) to IP– Opportunity: broader use and an Internet (IP) standard?
Possible Roles & Responses
• Educate SIA members about IoT standards• Educate IoT communities about SIA members• Join IoT organizations• Outreach to IoT players• Contribute to IoT standards• Create an industry-specific IoT framework
Thank You
• Steve Van Till• President & CEO• Brivo Systems• [email protected] You
Steve Van TillPresident & CEO, Brivo SystemsChairman, SIA [email protected]