Published: October 25, 2016
Citation: IEEE Security & Privacy vol. 14, no. 5, (Sept.-Oct. 2016) pp. 14-21
Author(s)
Mary Theofanos (NIST), Simson Garfinkel (NIST), Yee-Yin Choong (NIST)
More than 5.4 million Personal Identity Verification (PIV) and Common Access Cards (CAC) have been deployed to US government employees and contractors. These cards allow physical access to federal facilities, but their use to authenticate logical access to government information systems is uneven, with deployment rates across agencies ranging from 0 to 95 percent. Surveys of US Departments of Defense and Commerce employees show that using these smart cards for two-factor authentication results in improved usability and security. The authors argue that public-key infrastructure-based systems are likely to provide more secure and more usable authentication than other two-factor approaches, including combining strong passwords with a physical token such as a cell phone or time-based hardware identity device.
More than 5.4 million Personal Identity Verification (PIV) and Common Access Cards (CAC) have been deployed to US government employees and contractors. These cards allow physical access to federal facilities, but their use to authenticate logical access to government information systems is uneven,...
See full abstract
More than 5.4 million Personal Identity Verification (PIV) and Common Access Cards (CAC) have been deployed to US government employees and contractors. These cards allow physical access to federal facilities, but their use to authenticate logical access to government information systems is uneven, with deployment rates across agencies ranging from 0 to 95 percent. Surveys of US Departments of Defense and Commerce employees show that using these smart cards for two-factor authentication results in improved usability and security. The authors argue that public-key infrastructure-based systems are likely to provide more secure and more usable authentication than other two-factor approaches, including combining strong passwords with a physical token such as a cell phone or time-based hardware identity device.
Hide full abstract
Keywords
security; privacy; PIV; HSPD-12; CAC; smart card; two-factor authentication; usable security
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
