Date Published: September 2016
Comments Due: November 10, 2016 (public comment period is CLOSED)
Email Questions to: firstname.lastname@example.org
D. Tobin (NIST)
[10/11/16 - The comment period has been extended to 11/10 (from 10/12).]
The National Cybersecurity Center of Excellence (NCCoE) has posted a draft Project Description on the topic of Authentication for Law Enforcement Vehicle Systems.
Law enforcement vehicles often serve as mobile offices for officers. In-vehicle laptop(s) or other computer systems are used to access a wide range of software applications and databases hosted and operated by federal, state, and local agencies, with each typically requiring a different username and password. The operational environment presents unique security challenges, as officers must frequently leave the vehicle unattended, perhaps on short notice, and must be able to gain access to systems quickly, possibly while the vehicle is in motion. These needs discourage the use of screen locks and traditional single sign on solutions.
In collaboration with stakeholders, the NCCoE aims to demonstrate an integrated set of authentication mechanisms, improving system security, usability and safety. By integrating simplified identity and authentication technologies, based on proximity, biometrics, tokens, or other similar technologies, with readily available integrated reduced-sign-on (RSO) tools, law enforcement organizations can enhance mission effectiveness, improve officer safety, and, through more consistently applied security controls, reduce risk to sensitive back-end databases and systems. This project will also explore additional capabilities, such as proximity authentication, derived Personal Identity Verification (PIV) credentials, integration with FirstNet, and integration with vehicle drive-away protection and Computer Assisted Dispatch systems to indicate whether the officer is in the vehicle or not.
Keywords proximity authentication; reduced sign on; automotive; law enforcement; vehicle upfit systems
Identification and Authentication;