UFC 4-021-02NF
27 September 2006
change 1, 23 October 2006
rates are high and authorized personnel are regularly unable to enter their workspace or
facility.
3-2.4.2 Advantages and disadvantages of using biometric devices to grant or deny
access are shown in Figure 3-4. For information about the different types of biometric
technologies, see the subsection Biometric Readers in the section ACS Equipment in
this chapter.
Figure 3-4. Advantages and Disadvantages of Using Biometric Devices
Advantages
They provide automated verification that the person attempting to gain access is
authentic.
Biometric credentials are extremely difficult to duplicate.
Disadvantages
The cost is slightly higher.
Longer verification time.
Require special housings.
Do not work well in exterior environments
3-2.5
Combining credentials. A site's security can be significantly enhanced by
combining two or more types of automated access control credentials - such as a
biometric characteristic with a smart card or a proximity card with a PIN code. However,
combining credentials results in increased verification time and will decrease throughput
rate. Throughput time should be considered when making decisions about whether or
not to use redundant verification. Another consideration in combining two types of
credentials is that a system can be required to use one device during lower risk times
(such as during normally staffed times) and two devices can be required for entry after
hours. The same philosophy can be applied for access control enhancement during
times of heightened force protection threat levels. A risk assessment needs to be
performed to help determine the degree or level of credentially.
3-2.6
Identification Method Selection. The type of identification method (card,
PIN, biometric attribute or a combination thereof) that will be used needs to be
determined early in the project. Identification of the existing ACS token media and
system capacity should be assessed during project kickoff or the early programming
phase. Per DoD Directive 8190.3, the CAC is the preferred card.
3-3
OTHER ACS IMPLEMENTATION CONSIDERATIONS
3-3.1
Other things to consider implementing as part of an ACS include anti-
passback, anti-tailgating, the two-man rule, and performing event tracking. These are
described in the following sections.
28