Strategies for the Implementation of PIV I Secure Identity Credentials
|
|
- Chloe Johnson
- 5 years ago
- Views:
Transcription
1 Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual Smart Cards in Government Conference Washington DC Convention Center November 16-19, 2010
2 Why Smart Cards?
3 What is a Smart Card? A Smart Card is one of the latest additions in Information Technology Processing power to serve many different applications (multi-application card) Business and personal information stored securely and only accessible to the appropriate user In short: Data portability, security and convenience
4 Contact Smart Cards
5 Contact-less Smart Cards
6 ISO Dual-Interface Smart Card Contact module with chip Internal antenna with connection points for chip A single chip for both contact and contactless
7 ISO Dual-Interface Smart Card Dual interface contact and contactless smart card. SmartMX chip technology ISO 7816 (T=0 and T=1) contact interface. ISO 14443A/B-4 (T=CL) contactless interface. DES3 encryption. Suitable for high level languages and multi-application OS (Operating Systems) such as JAVA, JCOP, MULTOS. Available with 36k, 72k, 128k, <1M (EEPROM) memory Max number of user applications and files is OS dependent.
8 RFID vs. RF-Enabled Understanding the differences between RFID and RF-enabled smart card technologies is critical in order to correctly assess each technology's fit with a specific application's security and privacy requirements.
9 RF-Enabled Applications
10 RFID Security RFID and RF-enabled smart card technologies comply with different standards, have different operating ranges and widely varying ability to support security features needed by RF-enabled applications.
11 RFID Security Levels
12 RFID Tags & Readers
13 Contactless RF-Enabled Smart Cards & Readers Stronger security via long keys, encrypted communication, and mutual authentication
14 ISO Contactless Smart Reader MHz contactless Host Application CPU ISO Reader CPU Smartcard CPU
15 Contactless Smart Reader Multi-Applications Administrator Smart Reader Logical Access Biometrics Configuration Identification Payment Logical/Physical Access System monitoring Devices control Smart cards edocuments Security Management Transactions Users Information Physical Access Money Digital Signature
16 Contactless Smart Card Major Benefits Security Contactless Chip is tamper-resistant Information stored can be read/write protected Capable of performing high security encryption Challenge Response Mutual Authentication Smart Cards have unique serial numbers Biometrics support provides One-to-One Match Intelligence Capable of Processing, not just storing information Multi-Application support Information and Applications on a card can be updated without having to issue new cards. PKI & Encryption support
17 Contactless Smart Card Major Benefits (cont.) Convenience Portable easy-to-use form factor High speed access for high throughput Useable in harsh or dirty environments (RF) Fast positive Authentication of Identity Reliable and Inexpensive Durable - card bodies Contactless - manual dexterity, speed, no maintenance Passive no batteries Low Cost - ownership Flexible Reader Interface Options = TCP/IP, USB 2.0, Wiegand, Serial data Many Form Factors
18 IDENTITY PAST & PRESENT
19 US Government Identity Credential Timeline >1991 Department of Defense DoD ID card 1995 Murrah building bombing Oklahoma City, OK, creation of Federal Security Levels 1997 Secure networks with smart card on Navy Smart Battleship ~2000 Common Access Card (CAC) 2003 Executive Office of the President OMB M E- Authentication Guidance for Federal Agencies 2004 Homeland Security Presidential Directive (HSPD) 12, one credential for Federal employees and contractors for logical and physical access.
20 US Government Identity Credential Timeline (cont.) 2005 National Institute of Standards (NIST) Federal Information Processing Standard (FIPS 201), Personal Identity Verification (PIV), 2006 First Responder Authentication Credential (FRAC) CertiPath Aerospace and Defense Industrial Base Bridge, initial Personal Identity Verification Interoperability (PIV-I) deployments 2007 Transportation Worker Identification Credential (TWIC) 2008 Special Publication , Guidance on Physical Access Control; bi-directional reader comm s, Certificates, PKI 2009 Federal Identity, Credentialing, and Access Management (FICAM) Roadmap, PIV-i baseline
21 US Government Identity Credential Timeline (cont.) 2010 National Strategy for Trusted Identities in Cyberspace (NSTIC), PIV-i 1.1, PIV-i FAQ, FICAM Part B Guidance (expected Q4), Department of Commerce; Cyber security, Innovation and the Internet Economy, Fed PKI-Policy Authority; Citizen and Commerce Class Common Certificate Policy.
22 HSPD-12 and FIPS-201 HSPD-12 (Homeland Security Presidential Directive 12) Issued by President George W. Bush on August 27, 2004 Mandates the establishment of a standard for identification of Federal Government employees and contractors. Requires the use of a common identification credential for both logical and physical access to Federally controlled facilities and information systems. Intends to enhance security, increase efficiency, reduce identity fraud, and protect personal privacy. FIPS-201 (Federal Information Processing Standard Publication 201) Issued by National Institute of Standards and Technology (NIST) Feb 25, Defines the standard for Personal Identity Verification (PIV) of Federal Employees and Contractors. Applies to both physical and logical access control, and other applications as determined by the individual agencies. Provides guidance for implementing the HSPD-12 requirements for a common Federal identification credential that is to be used to access both physical and logical facilities and information systems.
23 FIPS 201 Standards Benefits The most important benefits of the FIPS 201 model is the strong assurance that the identity associated with a credential belongs to the correct individual. Specifies a useful and secure identity card that supports a wide range of use cases. Enables card support across a wide range of PCs, servers, controllers, systems, and mobile devices. Defines Policy & Infrastructure. Defines processes and technical specifications that enable interoperability across organizations. Fosters competition to reduce prices.
24 FIPS 201 PIV Card Advantages It is supported by a wide range of manufacturers and integrators. It does not compel an organization to use a single vendor for key components (see APL). It provides flexible authentication, signature, and encryption functionality. It is well positioned to take advantage of emerging technologies, such as biometrics. As a standard that will be used by Federal agencies to issue credentials to millions of U.S. Federal employees and contractors, it has the advantage of scale. It provides the framework to support interoperable identity credentials across organizations PIV-i
25 PIV Cards Personal Identification Verification (PIV) Cards Cornerstone Electronic Credential in U.S. Federal Government used in Authentication to both Information Resources and Facilities. In HSPD-12 U.S. Federal Departments and Agencies are Required to Issue PIV Cards to Permanent Government Personal and Contractors. Issued ONLY by U.S. Federal Entities. Is Relied On by U.S. Federal and Non-Federal Entities. Background Investigation Minimum NACI. Assert Federal Common Policy Framework (FCPF) Certificate Policy Object ID s for PIV.
26 PIV & PIV-i Technology PIV Personal Identity Verification Card an identity card that meets the PIV technical specifications to work with PIV infrastructure elements such as card readers, and is issued by the Federal government in a manner that allows relying parties to trust the card. PIV-I - Interoperable Card an identity card that meets the PIV technical specifications to work with PIV infrastructure elements such as card readers, and is issued by a Non-Federal Issuer (NFI). in a manner that allows Federal government relying parties to trust the card. 79
27 PIV-i PIV Interoperable Cards Personal Identification Verification Interoperable (PIV-i) Cards Cornerstone Credential For All Security Controls For Both Information Resources (LACS) And Facilities Protection (PACS). Issued by Non-Federal Issuers (NFI). Intended Primarily For Issuance By Non-Federal Entities. May Be Relied On By Federal And Non-federal Entities. Identity and Affiliation Certainty Equivalent to PIV. No Issuer Background Investigation of Cardholders. Asserts Federal Bridge Certificate Authority (FBCA) Certificate Policy Object ID s for PIV-i.
28 Credential Identifiers PIV = FASC-N Federal Agency Smart Credential Number Defined and assigned by U.S. Federal Agencies Place holder for GUID PIV-i = GUID / UUID FASC-N May Not Be Used GUID is defined by RFC 4122
29 IDENTITY FUTURE
30 ICAM Defined What is ICAM? The intersection of digital identities, credentials and access control into one comprehensive approach.
31 FICAM Initiatives Create Digital Identity Achieve Compliance Enable System Interoperability Protect Personally Identifiable Information (PII) Integrate PACS and LACS
32 FICAM Goals Enhance security across the government by closing gaps. Improve government agency compliance. Improve accessibility of federal agencies to each other and the American public. Address identity management and physical access control issues for federal employees. Reduce costs and improve efficiencies.
33 FICAM Outcomes Create trusted digital identity representations. Bind those identities to credentials used for access transactions. Leverage credentials to grant authorized access. Enable digital signatures (applications, documents, authorizations )
34 FICAM Benefits Enhance Security Improve Efficiencies Reduce Costs Improves Accessibility Establishes Common PACS and LACS Protocols Fosters Agency Compliance
35 HSPD-12, FIPS-201, SP Pubs, & ICAM, PIV, TWIC, PIV-i HSPD-12 TWIC PIV-i / FRAC ICAM FIPS -201 SP Interfaces for PIV SP Codes for the Identification of Federal and Federally- Assisted Organizations SP Biometric Data Specification for PIV SP PIV Card / Reader Interoperability Guidelines SP Cryptographic Algorithms and Key Sizes for PIV SP Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations SP A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS)
36 FIPS 201 SCA Decoder Docs Physical Access Control System Migration Options for Using FIPS Compliant Credentials, Smart Card Alliance Physical Access Council white paper developed in collaboration with the Open Security Exchange, Security Industry Association and International Biometric Industry Association, September 2007 FIPS 201 PIV II Card Use with Physical Access Control Systems: Recommendations to Optimize Transaction Time and User Experience, Smart Card Alliance Physical Access Council white paper, May 2007 Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility, Smart Card Alliance Physical Access Council white paper, September 2006 FIPS 201 and Physical Access Control: An Overview of the Impact of Physical Access Control Systems and FIPS 201, a Smart Card Alliance Physical Access Council briefing presentation, January 2006 FIPS 201 on Federal Physical Access Control Systems, a Smart Card Alliance Physical Access Council white paper, September 2005
37 Steve Rogers President 115 Southport Commons Suites I and J Spartanburg, SC Smart Card Alliance P: (800) Clarksville Rd. Princeton Junction, NJ (800) steve.rogers@iceware.com
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern
More informationPKI and FICAM Overview and Outlook
PKI and FICAM Overview and Outlook Stepping Stones 2001 FPKIPA Established Federal Bridge CA established 2003 E-Authentication Program Established M-04-04 E-Authentication Guidance for Federal Agencies
More informationInteragency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal
More informationFIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013
FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationTransportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005
Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005 Who Am I? How do you know? 2 TWIC Program Vision A high-assurance identity credential that
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop Access Security Usage Models for PIV I Trusted Identity Credentials Roger Roehr
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationMultiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation
Multiple Credential formats & PACS Lars R. Suneborn, Director - Government Program, HIRSCH Electronics Corporation Insert Company logo here A Smart Card Alliance Educational Institute Course Multiple credential
More informationHITPC Stage 3 Request for Comments Smart Card Alliance Comments January, 14, 2013
HITPC Stage 3 Request for Comments Smart Card Alliance Comments January, 14, 2013 The Smart Card Alliance hereby submits the following comments regarding the Health Information Technology Policy Committee
More informationWill Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?
Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions? Jack Radzikowski,, Northrop Grumman & FiXs Smart Card Alliance Annual Meeting La Jolla, California
More informationSmart Card Alliance Update. Update to the Interagency Advisor Board (IAB) June 27, 2012
Smart Card Alliance Update Update to the Interagency Advisor Board (IAB) June 27, 2012 Industry s Access Control Payments (NEW) Mobile & NFC Identity Industry s Healthcare Transportation Access Control
More informationInteragency Advisory Board Meeting Agenda, Wednesday, May 23, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content
More information(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US
(PIV-I) Trusted ID across States, Counties, Cities and Businesses in the US Brian A. Kowal, cryptovision cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com
More informationSecuring Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS
Securing Federal Government Facilities A Primer on the Why, What and How of PIV Systems and PACS Introduction The expectations and requirements on government contracts for safety and security projects
More informationOffice of Transportation Vetting and Credentialing. Transportation Worker Identification Credential (TWIC)
Office of Transportation Vetting and Credentialing Transportation Worker Identification Credential (TWIC) Program Briefing for the American Association of Port Authorities Chicago, IL 27 April 2005 TWIC
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationState of the Industry and Councils Reports. Access Control Council
State of the Industry and Councils Reports Access Control Council Chairman: Lars R. Suneborn, Sr. Manager, Technical Marketing, Government ID, Oberthur Technologies Property of the Smart Card Alliance
More informationMandate. Delivery. with evolving. Management and credentials. Government Federal Identity. and. Compliance. using. pivclasss replace.
Simplifying Compliance with the U.S. Government Federal Identity Mandate The first in a series of papers on HID Global ss Federal Identity Initiative and Delivery Strategy U.S. government agencies are
More informationInteragency Advisory Board Meeting Agenda, Wednesday, April 24, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, April 24, 2013 1. Opening Remarks 2. A Security Industry Association (SIA) Perspective on the Cost and Methods for Migrating PACS Systems to Use PIV
More informationLeveraging HSPD-12 to Meet E-authentication E
Leveraging HSPD-12 to Meet E-authentication E Policy and an update on PIV Interoperability for Non-Federal Issuers December 2, 2008 Chris Louden IAB 1 Leveraging HSPD-12 to Meet E-Authentication E Policy
More informationIMPLEMENTING AN HSPD-12 SOLUTION
IMPLEMENTING AN HSPD-12 SOLUTION PAVING THE PATH TO SUCCESS Prepared by: Nabil Ghadiali 11417 Sunset Hills Road, Suite 228 Reston, VA 20190 Tel: (703)-437-9451 Fax: (703)-437-9452 http://www.electrosoft-inc.com
More informationTWIC / CAC Wiegand 58 bit format
This document was developed by the Smart Card Alliance Physical Access Council to respond to requests for sample Wiegand message formats that will handle the additional fields of the Federal Agency Smart
More informationThere is an increasing desire and need to combine the logical access and physical access functions of major organizations.
Introduction There is an increasing desire and need to combine the logical access and physical access functions of major organizations. This can be as simple as merely having an access card that can be
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationInteragency Advisory Board Meeting Agenda, April 27, 2011
Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop PACS Integration into the Identity Infrastructure Salvatore D Agostino CEO, IDmachines LLC 8 th Annual
More informationTWIC Transportation Worker Identification Credential. Overview
TWIC Transportation Worker Identification Credential Overview TWIC Program Vision Goals Improve the security of identity management by establishing a system-wide common credential, universally acceptable
More informationSecure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories
Secure Solutions l l l l BridgePointTM solutions that will take your security system to the next level EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible
More informationAn Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication
An Overview of Draft SP 800-157 Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov
More informationBiometric Use Case Models for Personal Identity Verification
Biometric Use Case Models for Personal Identity Verification Walter Hamilton International Biometric Industry Association & Saflink Corporation Smart Cards in Government Conference Arlington, VA April
More informationDATA SHEET. ez/piv CARD KEY FEATURES:
Personal Identity Verification (PIV) Card ez/piv Card satisfies FIPS 201, HSPD-12. It allows your users to authenticate to z/os Security Server through the use of a government PIV or CAC Card. KEY FEATURES:
More informationFederated Access. Identity & Privacy Protection
Federated Access Identity & Privacy Protection Presented at: Information Systems Security Association-Northern Virginia (ISSA-NOVA) Chapter Meeting Presented by: Daniel E. Turissini Board Member, Federation
More information000027
000026 000027 000028 000029 000030 EXHIBIT A 000031 Homeland Security Presidential Directive/Hspd-12 For Immediate Release Office of the Press Secretary August 27, 2004 Homeland Security Presidential Directive/Hspd-12
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop. Scalability: Dimensions for PACS System Growth
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop Scalability: Dimensions for PACS System Growth Tony Damalas VP Technology, Diebold Security 8 th Annual
More informationSmart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security
Smart Cards and Authentication Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Payment Landscape Contactless payment technology being deployed Speeds
More informationFederal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance November 10, 2009 Powered by the Federal Chief Information Officers Council and the Federal Enterprise Architecture
More informationEmergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery
Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery A Smart Card Alliance White Paper Publication Date:
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationUsing PIV Technology Outside the US Government
Using PIV Technology Outside the US Government Author: Bob Dulude Publishing: 10/19/15 Introduction A common perception of many who have heard of the US Government s Personal Identity Verification (PIV)
More informationCertiPath TrustVisitor and TrustManager. The need for visitor management in FICAM Compliant PACS
CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant PACS CertiPath TrustMonitor CertiPath TrustVisitor and TrustManager The need for visitor management in FICAM Compliant
More informationUnified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP (HSPD 12) in a Trusted FICAM Platform
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800 116 (HSPD 12) in a Trusted FICAM Platform In Partnership with: Introduction Monitor Dynamics (Monitor)
More informationg6 Authentication Platform
g6 Authentication Platform Seamlessly and cost-effectively modernize a legacy PACS to be HSPD-12 compliant l l l l Enrollment and Validation Application Authentication Modules Readers HSPD-12 Enrollment
More informationCryptologic and Cyber Systems Division
Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationInteragency Advisory Board Meeting Agenda, Tuesday, November 1, 2011
Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. FIPS 201-2 Update and Panel Discussion with NIST Experts in Q&A Session (Bill MacGregor
More informationNFC Identity and Access Control
NFC Identity and Access Control Peter Cattaneo Vice President, Business Development Agenda Basics NFC User Interactions Architecture (F)ICAM Physical Access Logical Access Future Evolution 2 NFC Identity
More informationHow to Plan, Procure & Deploy a PIV-Enabled PACS
How to Plan, Procure & Deploy a PIV-Enabled PACS Access Control Council Webinar Series Session Two: Facility Characteristics & Risk Assessment Introductions Randy Vanderhoof, Secure Technology Alliance
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop Total Operational Security Roger Roehr Executive Director, Roehr Consulting 8 th Annual Smart Cards
More informationUS Federal PKI Bridge. Ram Banerjee VP Vertical Markets
US Federal PKI Bridge Ram Banerjee VP Vertical Markets e-gov and PKI Drivers Government Paperwork Elimination and ESIGN Acts Public Expectations Long-term Cost Savings The Need for Privacy and Security
More informationNo More Excuses: Feds Need to Lead with Strong Authentication!
No More Excuses: Feds Need to Lead with Strong Authentication! Dr. Sarbari Gupta sarbari@electrosoft-inc.com Annual NCAC Conference on Cybersecurity March 16, 2016 Electrosoft Services, Inc. 1893 Metro
More informationConsiderations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility
Considerations for the Migration of Existing Physical Access Control Systems to Achieve FIPS 201 Compatibility A Smart Card Alliance Physical Access Council White Paper Publication Date: September 2006
More informationPhysical Access Control Systems and FIPS 201
Physical Access Control Systems and FIPS 201 Physical Access Council Smart Card Alliance December 2005 1 This presentation was developed by the Smart Card Alliance Physical Access Council. The goals of
More informationPIV-Interoperable Credential Case Studies
PIV-Interoperable Credential Case Studies A Smart Card Alliance Identity Council White Paper Publication Date: February 2012 Publication Number: IC-12001 Smart Card Alliance 191 Clarksville Rd. Princeton
More informationFICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance A Smart Card Alliance Identity Council and Physical
More informationInteragency Advisory Board (IAB) Meeting. August 09, 2005
Interagency Advisory Board (IAB) Meeting August 09, 2005 Agenda National Institute of Standards and Technology (NIST) Discussion on Reference Implementation and Conformance Testing IAB Working Group Updates
More informationThe Leader in Unified Access and Intrusion
Unified PACS with PKI Authentication, to Assist US Government Agencies in Compliance with NIST SP 800-116, FIPS 201 and OMB M 11-11 in a High Assurance Trusted FICAM Platform In Partnership with: The Leader
More informationCREDENTSYS CARD FAMILY
CREDENTSYS CARD FAMILY Credentsys is a secure smart card family that is designed for national ID systems, passports, and multi-use enterprise security environments. The family is certified to FIPS 140-2
More informationMobile Validation Solutions
227 Mobile Validation Solutions John Bys Executive Vice President Copyright 2007, CoreStreet, Ltd. Who has requirements? Maritime Safety Transportation Act Ports / MTSA Facilities Vehicle check points
More informationThursday, May 15. Track D Security & Access Control
Thursday, May 15 Track D Security & Access Control Session: PKI Logical Access Technology & Applications Time: 10:15 AM 12:00 PM Room: W204 D Moderator: Steve Howard VP, Business Development, Identity
More informationPRODUCT INFORMATION BULLETIN
PRODUCT INFORMATION BULLETIN ID-One PIV v2.3.2 The electronic Identity card compliant with US specifications for electronic Table of contents 1. Foreword... 3 2. Introduction to PIV cards features... 4
More informationInteragency Advisory Board Meeting Agenda, December 7, 2009
Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO
More informationInteragency Advisory Board Meeting Agenda, December 7, 2009
Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO
More informationSmart Card Alliance Comments and Considerations on Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
Smart Card Alliance Comments and Considerations on Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance This document offers Smart Card Alliance comments on the
More informationThe Future of Smart Cards: Bigger, Faster and More Secure
The Future of Smart Cards: Bigger, Faster and More Secure Joerg Borchert, Vice President, Secure Mobile Solutions July 16, 2003 Page 1 N e v e r s t o p t h i n k i n g. Infineon Technologies: Overview
More informationHSPD-12 : The Role of Federal PKI
HSPD-12 : The Role of Federal PKI Judith Spencer Chair, Federal Identity Credentialing Office of Governmentwide Policy General Services Administration judith.spencer@gsa.gov How We Got Here 2005 FIPS-201
More informationTWIC Readers What to Expect
TWIC Readers What to Expect Walter Hamilton Chairman International Biometric Industry Association Walter Hamilton International Biometric Industry Association 1155 F Street, NW Washington, DC 20004 (727)
More informationRevision 2 of FIPS 201 and its Associated Special Publications
Revision 2 of FIPS 201 and its Associated Special Publications Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov IAB meeting, December 4, 2013 FIPS 201-2
More informationTo be covered: S&T Intro TTWG. Research/Pilots. Scope Goals Report
Personal Identity Verification- Interoperability/ First Responder Authentication Credential (PIV-I/FRAC) I/FRAC) Technology Transition Work Group (TTWG) Karyn Higa-Smith Research Program Manager Cyber
More informationNational Cybersecurity Challenges and NIST. Matthew Scholl Chief Computer Security Division
National Cybersecurity Challenges and NIST Matthew Scholl Chief Computer Security Division National Archives The Importance of Standards Article I, Section 8: The Congress shall have the power to fix the
More informationRecommendation on the Credential Numbering Scheme for the FIPS 201 PIV Card Global Unique Identifier
Recommendation on the Credential Numbering Scheme for the FIPS 201 PIV Card Global Unique Identifier A Smart Card Alliance Physical Access Council White Paper Publication Date: March 2009 Publication Number:
More informationEstablishing Trust Across International Communities
Establishing Trust Across International Communities 6 Feb 2013 info@federatedbusiness.org www.federatedbusiness.org Proprietary - British Business Federation Authority 1 Strategic Drivers - Industry 1.
More informationMobile Devices as Identity Carriers. Pre Conference Workshop October 14 th 2013
Mobile Devices as Identity Carriers Pre Conference Workshop October 14 th 2013 Mobile Market Worldwide Smartphones Market by OS (in thousands of units) 1,400,000 1,200,000 1,000,000 800,000 600,000 400,000
More informationDoD & FiXs : Identity Superiority
DoD & FiXs : Identity Superiority Implementing common authentication now & into the future. The Federation for Identity and Cross-Credentialing Systems (FiXs) www.fixs.org FiXs - The Federation for Identity
More informationpivclass FIPS-201 Reader Operation and Output Selections APPLICATION NOTE , F.0 February Barranca Parkway Irvine, CA 92618
15370 Barranca Parkway Irvine, CA 92618 pivclass FIPS-201 Reader Operation and Output Selections APPLICATION NOTE 6090-905, F.0 February 2014. Contents 1 Overview... 4 2 CHUID Definition... 4 3 FASC-N
More informationVersion 3.4 December 01,
FIXS OPERATING RULES Version 3.4 December 01, 2015 www.fixs.org Copyright 2015 by the Federation for Identity and Cross-Credentialing Systems, Inc. All Rights Reserved Printed in the United States of America
More informationThe Open Protocol for Access Control Identification and Ticketing with PrivacY
The Open Protocol for Access Control Identification and Ticketing with PrivacY For Secure Contactless Transactions and Enabling Logical and Physical Access Convergence October 2010 Actividentity 2 OPACITY
More informationPhysical Access End-to-End Security
Physical Access End-to-End Security Smart Card Alliance Smart Cards in Government-2003 July 16, 2003 Physical Access 3:45 PM Robert Merkert Director, Strategic Accounts All Company and/or product names
More informationINNOMETRIKS INC. Rhino Quick Start Guide
INNOMETRIKS INC Rhino Quick Start Guide Rhino Quick Start Guide Innometriks Inc Fallbrook, Ca. 92028 Phone 760-207-6908 Sales: Sales@innometriksinc.com General Information: Info@innometriksinc.com Customer
More informationInteragency Advisory Board Meeting Agenda, July 28, 2010
Interagency Advisory Board Meeting Agenda, July 28, 2010 1. Opening Remarks 2 Research Collaboration in the Cloud: How NCI and Research Partners Are Improving Business Processes using Digital Identities
More informationNATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Standardization of Entity Authentication Assurance 5th ETSI Security Workshop 20-2222 January 2010 ETSI, Sophia Antipolis, France Erika McCallister, Esq.,
More informationAchieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients
Achieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients This document is provided as is with no warranties whatsoever, including any warranty of merchantability,
More informationInteragency Advisory Board Meeting Agenda, August 25, 2009
Interagency Advisory Board Meeting Agenda, August 25, 2009 1. Opening Remarks 2. Policy, process, regulations, technology, and infrastructure to employ HSPD-12 in USDA (Owen Unangst, USDA) 3. Policy and
More informationChanges to SP (SP ) Ketan Mehta NIST PIV Team NIST ITL Computer Security Division
Changes to SP 800-73 (SP 800-73-4) Ketan Mehta NIST PIV Team NIST ITL Computer Security Division mehta_ketan@nist.gov Smart Card Alliance, Government Conference October 30, 2014 Draft SP 800-73-4 Removed
More informationhidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION
HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused
More informationUsing the Prototype TWIC for Access A System Integrator Perspective
Using the Prototype TWIC for Access A System Integrator Perspective AAPA Port Security Seminar and Exhibition, Seattle, WA July 19, 2006 Management and Technology Consultants The Challenge How do I manage
More informationDissecting NIST Digital Identity Guidelines
Dissecting NIST 800-63 Digital Identity Guidelines KEY CONSIDERATIONS FOR SELECTING THE RIGHT MULTIFACTOR AUTHENTICATION Embracing Compliance More and more business is being conducted digitally whether
More informationPIV Data Model Test Guidelines
This publication is available free of charge from http://csrc.nist.gov/publications/ Draft NIST Special Publication 800-85B-4 PIV Data Model Test Guidelines Ramaswamy Chandramouli Hildegard Ferraiolo Ketan
More informationDoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics
DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics IDENTITY Mary Dixon February 12, 2003 1 A Short Review and Update 2 DoD is issuing 4 million smart cards to: Active Duty Military
More informationAssuring Identity. The Identity Assurance Framework CTST Conference, New Orleans, May-09
Assuring Identity The Identity Assurance Framework CTST Conference, New Orleans, May-09 Brett McDowell, Executive Director, Liberty Alliance email@brettmcdowell +1-413-652-1248 1 150+ Liberty Alliance
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More informationThe Benefits of Strong Authentication for the Centers for Medicare and Medicaid Services
The Benefits of Strong Authentication for the Centers for Medicare and Medicaid Services This document was developed by the Smart Card Alliance Health and Human Services Council in response to the GAO
More informationDFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017
DFARS 252.204-7012 Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017 As with most government documents, one often leads to another. And that s the case with DFARS 252.204-7012.
More informationSmart Cards & Credentialing in the Federal Government
Smart Cards & Credentialing in the Federal Government Smart Card Alliance 13 Feb 2003 Salt Lake City Bill Holcombe GSA Office of Governmentwide Policy New Urgency for Credentialing Solutions Post 9/11
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationOverview of cryptovision's eid Product Offering. Presentation & Demo
Presentation & Demo Benjamin Drisch, Adam Ross cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 General Requirements Government of Utopia Utopia Electronic
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationIdentiv FICAM Readers
Identiv FICAM Readers Ordering Guide August 2017 Table of Contents Overview.....1 Basic FICAM Implementation.....3 Migration Strategies... 4 Perimeter Access... 4 Update Readers and Controllers... 4 Ad
More informationDHS ID & CREDENTIALING INITIATIVE IPT MEETING
DHS ID & CREDENTIALING INITIATIVE IPT MEETING October 14, 2004 Part 02 of 02 IMS/CMS Functional Specification General Issuance Requirements Issue a GSC-IS 2.1 compliant dual chip hybrid ICC/DESFire v0.5
More information