FIPS 201: Difference between revisions

Content deleted Content added

Inline

Revision as of 14:29, 22 July 2020

FIPS 201 (Federal Information Processing Standard Publication 201) is a United States federal government standard that specifies Personal Identity Verification (PIV) requirements for Federal employees and contractors.

In response to HSPD-12, the NIST Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems. FIPS 201 was developed to satisfy the technical requirements of HSPD-12, approved by the Secretary of Commerce, and issued on February 25, 2005.

This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors.^[1] FIPS 201 specifies that an identity credential must be stored on a smart card. SP 800-73, a NIST special publication, contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials.^[2]

FIPS 201 was replaced by FIPS 201-2^[3] on September 5, 2013.^[4]

The Government Smart Card Interagency Advisory Board has indicated that to comply with FIPS 201 PIV II, US government agencies should use smart card technology.

References

^ Technology, National Institute of Standards and (2013-09-05). "Personal Identity Verification (PIV) of Federal Employees and Contractors". {{cite journal}}: Cite journal requires |journal= (help)
^ Cooper, David A.; Ferraiolo, Hildegard; Mehta, Ketan L.; Francomacaro, Salvatore; Chandramouli, Ramaswamy; Mohler, Jason (December 2010). "Interfaces for Personal Identity Verification – Part 1: PIV Card Application Namespace, Data Model and Representation". National Institute of Standards and Technology. Section 1.1, Paragraph 2. doi:10.6028/NIST.SP.800-73-4. NIST is responsible for developing standards and guidelines ... but such standards and guidelines shall not apply to national security systems. {{cite journal}}: Cite journal requires |journal= (help)
^ "Personal Identity Verification (PIV) of Federal Employees and Contractors". 2013. doi:10.6028/NIST.FIPS.201-2. {{cite journal}}: Cite journal requires |journal= (help)
^ Federal Register Volume 78, Issue 172 (September 5, 2013) https://www.govinfo.gov/app/details/FR-2013-09-05/2013-21491

External links

"Interagency Advisory Board". IDManagement.gov. Archived from the original on 2011-08-11. Retrieved 2011-06-17.
"HSPD-12 — Homeland Security Presidential Directive 12: Policy for a Common Identification Standard for Federal Employees and Contractors". Department of Homeland Security. Retrieved 2011-06-17.
"About Personal Identity Verification (PIV) of Federal Employees and Contractors". National Institute of Standards and Technology Computer Security Resource Center. Retrieved 2011-06-17.
"Federal PKI Policy Authority (FPKIPA)". IDManagement.gov. Archived from the original on 2011-06-08. Retrieved 2011-06-17.
"FIPS 201 Evaluation Program". General Services Administration. Retrieved 2019-12-06.
Official website

[1] Technology, National Institute of Standards and (2013-09-05). "Personal Identity Verification (PIV) of Federal Employees and Contractors". {{cite journal}}: Cite journal requires |journal= (help)

[2] Cooper, David A.; Ferraiolo, Hildegard; Mehta, Ketan L.; Francomacaro, Salvatore; Chandramouli, Ramaswamy; Mohler, Jason (December 2010). "Interfaces for Personal Identity Verification – Part 1: PIV Card Application Namespace, Data Model and Representation". National Institute of Standards and Technology. Section 1.1, Paragraph 2. doi:10.6028/NIST.SP.800-73-4. NIST is responsible for developing standards and guidelines ... but such standards and guidelines shall not apply to national security systems. {{cite journal}}: Cite journal requires |journal= (help)

[3] "Personal Identity Verification (PIV) of Federal Employees and Contractors". 2013. doi:10.6028/NIST.FIPS.201-2. {{cite journal}}: Cite journal requires |journal= (help)

[4] Federal Register Volume 78, Issue 172 (September 5, 2013) https://www.govinfo.gov/app/details/FR-2013-09-05/2013-21491

[1]

[2]

[3]

[4]

@@ Line 4: / Line 4: @@
 In response to HSPD-12, the [[National Institute of Standards and Technology|NIST]] Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems. FIPS 201 was developed to satisfy the technical requirements of HSPD-12, approved by the [[United States Secretary of Commerce|Secretary of Commerce]], and issued on February 25, 2005.
+This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors.<ref>{{Cite journal|last=Technology|first=National Institute of Standards and|date=2013-09-05|title=Personal Identity Verification (PIV) of Federal Employees and Contractors|url=https://csrc.nist.gov/publications/detail/fips/201/2/final|language=en}}</ref>  FIPS 201 specifies that an identity credential must be stored on a smart card. SP 800-73, a NIST special publication, contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials.<ref>
-FIPS 201 together with [[National Institute of Standards and Technology|NIST]] SP 800-78 (Cryptographic Algorithms and Key Sizes for PIV) are required{{Citation needed|reason=SP 800-78-3 says it is voluntary, not required|date=June 2011}} for U.S. Federal Agencies, but do not apply to US National Security systems.<ref>
 {{cite journal
  |last1=Cooper |first1=David A.

Revision as of 14:29, 22 July 2020

See also

References

External links