The purpose of the 3-day workshop is to provide a high-level tutorial of the six part standard, ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces, a multi-part standard for interoperable identification, authentication, and signature services for credentials and applications.

The workshop will also provide sessions on the use of ISO/IEC 24727 to include an overview of NIST IR 7611, Use of ISO/IEC 24727 -- Service Access Layer Interface for Identity (SALII): Support for Development and use of Interoperable Identity Credentials, which describes ISO/IEC 24727 from the perspective of the Federal Information Processing Standard (FIPS) 201 – Personal Identity Verification (PIV) of Federal Employees and Contractors.

The National Institute of Standards and Technology, in conjunction with national and international standards bodies, is an active participant in the development of the multi-part international standard entitled “ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces”.  The standard has been adopted by several international identity credential initiatives.  ISO/IEC 24727 provides application programming interfaces and identification, authentication, and signature services for interoperability.  Although the architecture can be used with other technologies, the focus of the standard is smart card technology.  The standard enables client applications to discover card and application capabilities and securely authenticate using normative authentication protocols.  The standard consists of six parts:

• ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces – Part 1: Architecture
• ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces – Part 2: Generic card interface
• ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces – Part 3: Application interface
• ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces – Part 4: API Administration
• ISO/IEC 24727 - Identification cards – Integrated circuit card programming interfaces – Part 5: Testing
• ISO/IEC 24727 - Identification cards –Integrated circuit card programming interfaces – Part 6: Registration authority procedures for the authentication protocols for interoperability

PRESENTATIONS:

Day 1 - December 1:

9:00-9:15 Welcome     NIST

9:15-10:15 Keynote Address: “Cloud Computing: From Identity to Intimacy”, Bertrand DuCastel, Schlumberger Fellow

10:30-11:00 Introduction and Concepts of Identification Systems, Tim Jurgensen, Identity Alliance

11:00-11:30 ISO/IEC 24727 and IDMS Standards – Background, Development, Application, Terry Schwarzhoff, NIST

12:30-1:15 ISO/IEC 24727 – General Terminology  (Handout), Tim Jurgensen

1:15-2:30 Architecture of ISO/IEC 24727,  Mike Neumann, Agile Set

2:45-4:00 ISO/IEC 24727-3 API, Mike Neumann

4:00-4:30 Access Control in ISO/IEC 24727, Alex Gagel, Queensland Department of Transport and Main Roads

Day 2 - December 2:

9:00-9:30 Other Identification Standards and Relationship to ISO/IEC 24727, Sal Francomacaro, NIST

9:30-10:15 ISO/IEC 24727-2 Generic Card Interface, Bill MacGregor, NIST

10:30-11:30 ISO/IEC 24727- 4 API Administration (Handout), Tim Jurgensen

11:30-12:30 NISTIR 7611: Using ISO/IEC 24727 and Reference Implementation, Ketan Mehta, Hung Dang, Booz Allen Hamilton

1:30-2:15 ISO/IEC 24727-5 Testing. Alex Gagel

2:15-2:45 ISO/IEC 24727-6 Registration Authority, Alex Gagel

3:00-4:30 Use Case: ISO/IEC 24727 and the Queensland Driver License, Alex Gagel

Day 3 - December 3:

9:00-10:00 Use Case: A Standards Based, Open Smartcard Middleware: a Commercial Implementation, Alexander Winnen, Giesecke & Devrient

10:15-11:15 A.M. ISO/IEC 24727 Corrigenda and Amendments on the Horizon, Mike Neumann

11:15-12:30 General Q&A Session and Closing Remarks, Terry Schwarzhoff, NIST