Japanese
Contact Us

PIV Gateway™ PACS|Access control system compatible with SP800-116

Advanced physical security solutions applying certificate-based authentication and authorization

What is PIV Gateway™ PACS?

PIV Gateway™ PACS is an access control system that provides a high degree of physical security, designed with reference to the U.S. federal standard NIST 800-116 (Guidelines for the Use of PIV Identification Cards for Facility Access) and the BACnet standard.

By employing the latest security technologies such as PKI-based authentication, private key protection using TPM, Secure boot, Full Disk Encryption, and communication encryption using TLS1.3, this comprehensive solution covers everything from physical security to cybersecurity.

Authentication at entry and exit incorporates a robust security mechanism using a YubiKey hardware token to further strengthen user authentication.

Features

Advanced security to match U.S. federal government standards

PIV Gateway™ PACS employs PKI-based authentication and uses the Yubikey 5 NFC to effectively prevent card counterfeiting and impersonation, achieving a security level that meets US federal government standards.

Digital certificates are used for device authentication and signing, and private keys are protected by a Trusted Platform Module (TPM) to ensure uniqueness and authenticity.

In addition, the FIPS 140 version is available if required for compliance.

Robust system configuration

Tamper detection functionality is implemented to ensure system integrity via the use of Secure Boot, and Full Disk Encryption (FDE) encrypts disk data to ensure confidentiality.

Websocket over TLS 1.3 is used for communication between the NFC card reader and the authentication server to ensure confidentiality and integrity of all communications.

Integration and Scalability

PIV Gateway™ PACS is designed to work with Active Directory/LDAP or the zero-trust access control technology “NGAC (PIV Gateway™ Trust)”, enabling centralized management and centralized control. This provides a comprehensive security solution that covers not only physical security but also network security and the application layer.

Yubikey, which is used for entry and exit can also provide smart card authentication and single sign-on for a variety of operating systems, including Windows, Linux, and Mac.

Cost efficiency and practicality

By utilizing existing CPU boards and TPMs designed for industrial systems, the system offers both durability and security, while achieving significant cost savings compared to conventional dedicated systems. In addition, the e-ink display makes it possible to display information and highly visible guidance even in the event of power loss.

Audit compliance and trail management

The unlock request record can be digitally signed and used as a tamper-proof log to meet the requirements of security audits or legal compliance.

Recommended for

High security facilities

Facilities of government agencies, defense organizations, law enforcement agencies, intelligence community, and other organizations requiring the highest level of security.

R&D Organization

Facilities and data centers that handle highly confidential information, such as corporate R&D departments and research institutions.

Financial institutions

Bank vaults, stock exchanges, and other financial facilities requiring a high level of security.

Medical institution

Hospitals and clinics that require strict control of patients' personal information and medical records.

Educational institution

Educational facilities requiring access control, such as university laboratories and libraries.

Plants and infrastructure facilities

Facilities requiring strict access control, such as product production lines, raw material warehouses, and control centers.

Pricing

Varies depending on the scale of installation. For more details, please feel free to contact us.

Line up

PIV Gateway™ CA

PIV Gateway™ CA is the world's first cloud-based private CA solution that supports issuance of platform certificates in addition to X.509 certificates.
An authentication infrastructure equivalent to AAL3 can be built, and verification of the authenticity and traceability of devices using platform certificates is possible.

PIV Gateway™ Trust

A password-less multi-factor authentication infrastructure equivalent to AAL3 that uses hardware tokens and digital certificates.
Compatible with RFC9334, OpenID Connect, etc., and works with PIV Gateway™ CA to realize integrated management of authentication and authorization for users and devices easily and inexpensively.

PIV Gateway™ PACS

PIV Gateway™ Chronos is a highly available and accurate NTP time server that provides highly accurate time synchronisation even under GNSS spoofing and jamming attacks.

PIV Gateway™ Chronos

PIV Gateway™ CA is the world's first cloud-based private CA solution that supports issuance of platform certificates in addition to X.509 certificates.
An authentication infrastructure equivalent to AAL3 can be built, and verification of the authenticity and traceability of devices using platform certificates is possible.

Consult with our specialists for your security needs.

Cyber Defense Institute's core value drive us to provide top-notch cyber security services and ensuring a secure digital environment for our clients.
Trust us with every aspect of your security strategy, from inception to execution.
Contact Us
For confidential inquiries, we also accept requests via email at cdiprivacy(at)protonmail.com.
Please consider using this option if necessary. ※ (at)should be replaced with @.