Date Published: November 2020
Comments Due:
Email Questions to:
Author(s)
National Institute of Standards and Technology
Announcement
This Standard defines common credentials and authentication mechanisms offering varying degrees of security for both logical and physical access applications. The draft revision proposes changes to FIPS 201-2, Standard for Personal Identity Verification of Federal Employees and Contractors, including:
- expanding specification on the use of additional PIV credentials known as derived PIV credentials,
- procedures for supervised remote identity proofing,
- the use of federation as a means for a relying system to interoperate with PIV credentials issued by other agencies,
- alignment with the current practice/policy of the Federal Government, and
- specific changes requested by federal agencies and implementers.
Request for Comments
The draft of FIPS 201-3 is available for review and comment on the NIST Pages website at https://pages.nist.gov/FIPS201 and as a printable PDF.
Comments on FIPS 201-3 must be received on or before February 1, 2021. Comments should be submitted on the project repository at https://github.com/usnistgov/FIPS201/issues. Comments may alternatively be sent to piv_comments@nist.gov preferably using the comment template.
All submissions, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. NIST reserves the right to publish relevant comments, unedited and in their entirety. Relevant comments received by the deadline will be published electronically at https://github.com/usnistgov/FIPS201 without change or redaction, so commenters should not include information they do not wish to be posted. Personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Do not submit confidential business information or otherwise sensitive or protected information. Comments that contain profanity, vulgarity, threats, or other inappropriate language or content will not be posted or considered.
Authentication of an individual’s identity is a fundamental component of physical and logical access control. An access control decision must be made when an individual attempts to access security-sensitive buildings, information systems, and applications. An accurate determination of an individual’s identity supports making sound access control decisions.
This document establishes a standard for a Personal Identity Verification (PIV) system that meets the control and security objectives of Homeland Security Presidential Directive-12 [HSPD-12]. It is based on secure and reliable forms of identity credentials issued by the Federal Government to its employees and contractors. These credentials are used by mechanisms that authenticate individuals who require access to federally controlled facilities, information systems, and applications. This Standard addresses requirements for initial identity proofing, infrastructure to support interoperability of identity credentials, and accreditation of organizations and processes issuing PIV credentials.
Authentication of an individual’s identity is a fundamental component of physical and logical access control. An access control decision must be made when an individual attempts to access security-sensitive buildings, information systems, and applications. An accurate determination of an...
See full abstract
Authentication of an individual’s identity is a fundamental component of physical and logical access control. An access control decision must be made when an individual attempts to access security-sensitive buildings, information systems, and applications. An accurate determination of an individual’s identity supports making sound access control decisions.
This document establishes a standard for a Personal Identity Verification (PIV) system that meets the control and security objectives of Homeland Security Presidential Directive-12 [HSPD-12]. It is based on secure and reliable forms of identity credentials issued by the Federal Government to its employees and contractors. These credentials are used by mechanisms that authenticate individuals who require access to federally controlled facilities, information systems, and applications. This Standard addresses requirements for initial identity proofing, infrastructure to support interoperability of identity credentials, and accreditation of organizations and processes issuing PIV credentials.
Hide full abstract
Keywords
authentication; authenticator; biometrics; credential; cryptography; derived PIV credentials; digital identity; Federal Information Processing Standards (FIPS); HSPD-12; federation; identification; identity proofing; integrated circuit card; Personal Identity Verification; PIV; PIV account; public key infrastructure; verification
Control Families
Access Control; Identification and Authentication; Planning; System and Communications Protection
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
