ICAM PROOFCARDS™/TESTING
ICAM ProofCards test for:
GOOD
- An access control system’s ability to correctly interoperate with and interrogate well formed, Golden PIV and PIV-I credentials (this creates a known good baseline from which faults can be systematically injected to measure performance against negative test cases)
BAD
- Manipulated data on a credential
- Invalid dates
- Copied data objects on a credential
- Revoked credentials
- Mismatched keying material from skimmed credentials
ICAM ProofCards are a strategic component of your testing strategy. They provide proof positive that your solution is PIV and PIV-I conformant. Many people have testing responsibilities:
- OEM system developers (e.g., PACS) must demonstrate their systems as conformant prior to sale
- System owners who must ensure fielded systems properly leverage PIV/PIV-I
- Independent auditors who are responsible for ensuring proper performance of security solutions
All these roles need testing tools that ensure access control system conformance. Throughout development, deployment, and Certification and Accreditation, systems must be tested for compliance with requirements dictated by the Personal Identity Verification (PIV) in Enterprise Physical Access Control Systems (E-PACS) document that helps support the federal government’s Identity, Credential, and Access Management (ICAM) implementation; FISMA; and OMB M-11-11. ICAM ProofCards are the solution.