Date Published: June 2008
Supersedes:
SP 800-79 (07/01/2005)
Author(s)
Ramaswamy Chandramouli (NIST), Dennis Bailey (Electrosoft Services), Nabil Ghadiali, Dennis Branstad (NIST)
The purpose of this publication is to provide appropriate and useful guidelines for accrediting the reliability of issuers of Personal Identity Verification cards that are established to collect, store, and disseminate personal identity credentials and issue smart cards, based on the standards published in response to Homeland Security Presidential Directive 12 (HSPD-12). These issuers, who are the target of assessment and accreditation, are called Personal Identity Verification Card Issuers or PCIs. The reliability of PCIs is of utmost importance when one organization (e.g., a Federal agency or Federal contractor) is required to trust the identity credentials and cards of individuals that were created and issued, respectively, by another organization. This trust will only exist if organizations relying on the credentials and cards issued by a given organization have the necessary level of assurance that the reliability of the issuing organization has been established through a formal accreditation process.
This publication provides an assessment and accreditation methodology for verifying that issuers of PIV credentials and cards are reliably adhering to standards and implementation directives developed under HSPD-12.
The purpose of this publication is to provide appropriate and useful guidelines for accrediting the reliability of issuers of Personal Identity Verification cards that are established to collect, store, and disseminate personal identity credentials and issue smart cards, based on the standards...
See full abstract
The purpose of this publication is to provide appropriate and useful guidelines for accrediting the reliability of issuers of Personal Identity Verification cards that are established to collect, store, and disseminate personal identity credentials and issue smart cards, based on the standards published in response to Homeland Security Presidential Directive 12 (HSPD-12). These issuers, who are the target of assessment and accreditation, are called Personal Identity Verification Card Issuers or PCIs. The reliability of PCIs is of utmost importance when one organization (e.g., a Federal agency or Federal contractor) is required to trust the identity credentials and cards of individuals that were created and issued, respectively, by another organization. This trust will only exist if organizations relying on the credentials and cards issued by a given organization have the necessary level of assurance that the reliability of the issuing organization has been established through a formal accreditation process.
This publication provides an assessment and accreditation methodology for verifying that issuers of PIV credentials and cards are reliably adhering to standards and implementation directives developed under HSPD-12.
Hide full abstract
Keywords
accreditation; credentials; HSPD-12; PCI; Personal Identity Verification; PIV; security assessment
Control Families
Assessment, Authorization and Monitoring