Date Published: July 2015
Supersedes:
SP 800-79-1 (06/18/2008)
Author(s)
Hildegard Ferraiolo (NIST), Ramaswamy Chandramouli (NIST), Nabil Ghadiali (National Gallery of Art), Jason Mohler (Electrosoft Services), Scott Shorter (Electrosoft Services)
The purpose of this SP is to provide appropriate and useful guidelines for assessing the reliability of issuers of PIV Cards and Derived PIV Credentials. These issuers store personal information and issue credentials based on OMB policies and on the standards published in response to HSPD-12 and therefore are the primary target of the assessment and authorization under this guideline. The reliability of an issuer is of utmost importance when one organization (e.g., a Federal agency) is required to trust the identity credentials of individuals that were created and issued by another Federal agency. This trust will only exist if organizations relying on the credentials issued by a given organization have the necessary level of assurance that the reliability of the issuing organization has been established through a formal authorization process.
The purpose of this SP is to provide appropriate and useful guidelines for assessing the reliability of issuers of PIV Cards and Derived PIV Credentials. These issuers store personal information and issue credentials based on OMB policies and on the standards published in response to HSPD-12 and...
See full abstract
The purpose of this SP is to provide appropriate and useful guidelines for assessing the reliability of issuers of PIV Cards and Derived PIV Credentials. These issuers store personal information and issue credentials based on OMB policies and on the standards published in response to HSPD-12 and therefore are the primary target of the assessment and authorization under this guideline. The reliability of an issuer is of utmost importance when one organization (e.g., a Federal agency) is required to trust the identity credentials of individuals that were created and issued by another Federal agency. This trust will only exist if organizations relying on the credentials issued by a given organization have the necessary level of assurance that the reliability of the issuing organization has been established through a formal authorization process.
Hide full abstract
Keywords
assessment; authorization; controls; derived PIV credentials; issuer; Personal Identity Verification; PIV card
Control Families
Assessment, Authorization and Monitoring
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
