BeTWICxt! Transportation Worker Identification Credential Readers in the Spotlight
atsec information security is one of three laboratories accredited by NVLAP to perform TWIC card reader testing
Port security has long been a focus of US anti-terror activities. Several federal agencies (Coast Guard, U.S. Customs and Border Protection, and the Transportation Security Administration (TSA), as well as local and state authorities are tasked with port security and most of their focus is on cargo, crew and passenger inspection. Container shipping involves many different actors: the exporter, the importer, freight forwarder, customs broker, excise inspectors, truckers, railroad workers, dock workers, and the crews of the vessels themselves and thereby offers a tempting target for infiltration by terrorists or criminals.
One approach to strengthen this aspect of port security is the TWIC (Transportation Worker Identification Credential) program. The TWIC program provides a tamper-resistant biometric credential to maritime workers that need unescorted access to secure areas of port facilities and ships regulated under the Maritime Transportation Security Act of 2002.
With over 2.1 million TWICs in the field the Transportation Security Administration (TSA) has launched a program to qualify card reader conformance to the TWIC Reader Hardware and Card Application Specification (dated May 2008). Readers determined to be conformant to TSA TWIC Reader requirements will be placed on a Qualified Technology List (QTL) maintained and made available to the public by TSA. QTL qualification requirements vary by reader type and claimed features of the vendor. All functional reader testing for the new QTL program will be performed by a National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratory. Reader conformance with TWIC environmental specifications, such as temperature range, humidity, shock and vibration, will require the vendor to supply to TSA certificates of conformance for all mandatory environmental requirements and any additional environmental qualifications.
For more information on TWIC and atsec's services, visit
or contact us at email@example.com
atsec information security
atsec information security is an independent, standards-based information technology security services company with offices in the U.S., Germany, Sweden, and China. atsec's services include formal laboratory testing and evaluation of information assurance (IA) and IA-enabled commercial off the shelf (COTS) information technology, as well as information security consultancy.
atsec offers evaluation and testing services leading to formal certification of information security technology, including evaluations under Common Criteria schemes in the U.S., Germany, and Sweden. In addition, the atsec U.S. organization operates a Cryptographic and Security Testing Laboratory accredited under the Cryptographic Module Validation and the Cryptographic Algorithm Validation Programs of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada for validating cryptographic modules under the FIPS 140-2 standard. atsec works with any company, regardless of size or locale, that is serious about IT security.
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Mit Burp Suite Schwachstellen in Web applications finden
Mit der Burp Suite können Administratoren den HTTP/HTTPS-Verkehr zu Webanwendungen abfangen und manipulieren, bevor er an den Server geschickt wird. Dadurch lassen sich Sicherheitslücken in Webanwendungen schnell und effektiv entdecken.Weiterlesen