Presentation is loading. Please wait.

Presentation is loading. Please wait.

Special Publication 800-73: Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.

Published byMadlyn Blankenship Modified over 8 years ago

Similar presentations

Presentation on theme: "Special Publication 800-73: Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006."— Presentation transcript:

1 Special Publication 800-73: Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006

2 PIV Special Publications SP800-73: Interfaces for Personal Identity Verification SP800-76: Biometric Data Specification for Personal Identity Verification SP800-78: Cryptographic Algorithms and Key Sizes for Personal Identity Verification SP800-79: Issuer Organization Accreditation Guidance (comment draft 17 June)

3 Special Publication 800-73 “Interfaces for Personal Identity Verification” 8 April 2005 Technical specifications for PIV card interface, client API, and data model Based on evolution of GSC concepts: o Unified card interface o Technology neutral (VM card, file system card) o Standards compliant (ISO)

4 SP800-73 Document Structure Part 1: Architectural model Part 2: Transition specification Part 3: Endpoint specification

5 SP800-73 Part 2 Optional transition path for agencies with existing GSC-IS deployments Provided by Government Smart Card Interagency Advisory Board Based on commonality of data model Will be superceded by endpoint systems at the close of each agency’s deployment

6 SP800-73 Part 3 Endpoint PIV card application specification Tighter than GSC-IS and transition of necessity, to support PIV interoperability Mandatory full deployment of Part 3 cards at the end of Phase II Reference implementation available Conformance test program SP800-85

7 Part 3 Card Architecture PIV card behavior is defined at the card interface (“black box”) Internal implementation details are not addressed Independent of card platform o file system vs. object based o Native OS vs. Virtual Machine vs. ?

8 Card Management Framework GSC-IAB Policy Group recommendation o No requirement for interoperability of card management systems across agencies o Common initial state for mandatory data objects Some ‘credential initialization and administration’ functions included at card edge interface o PUT DATA o GENERATE ASYMMETRIC KEYPAIR NISTIR 7284: PIV Card Management Report

9 PIV Card Data Model (I) Five mandatory objects o Card Capability Container o Cardholder Unique Identifier (CHUID) o PKI Certificate for PIV Authentication o Cardholder Fingerprint (formerly 2) o Security Object (ICAO signed hash table)

10 PIV Card Data Model (II) Five optional data objects: o Cardholder Facial Image o Printed Information o PKI Certificate for Digital Signature o PKI Certificate for Key Management o PKI Certificate for Card Authentication

11 Namespace Management PIV Registered Application Provider Identifier ‘A0 00 00 03 08’ Object Identifiers at the PIV Client API o PIV subarc of the Computer Security Object Register BER-TLV tags at the card interface Namespace management white paper on PIV website

12 Physical Access Control All PIV cards contain a CHUID as defined in [PACSv2.2] PIV card functionality is restricted to CHUID retrieval in contactless mode o Optional Card Authentication Key may also be used All agencies must be able to read and parse the CHUID at a minimum – expiration date check

13 SP800-73-1 Update Proposed changes o Incorporate Errata o Biometrics – SP800-76 o Remove PIN protection on certificates o Stability – No major architectural changes! Public comment period closed March 1

14 Additional Topics PIV Data Set Generator Migration to ISO 24727 Contactless interoperability

15 Contact Details james.dray@nist.gov: GSC Chief Architect teresa.schwarzhoff@nist.gov: GSC Standards Program Manager william.barker@nist.gov: PIV Program Manager PIV Website: http://csrc.nist.gov/piv-project

Download ppt "Special Publication 800-73: Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006."

Similar presentations

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.

For Joe Broghamer Philip S. Lee May 5, 2005 Implementing PIV Specifications HSPD-12 Workshop.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
CardTech/SecureTech 2002 Government Smart Card Government Smart Card Smart Card Standards and the Government Smart Card Interoperability Specification.

CardTech/SecureTech 2002 Government Smart Card Government Smart Card Smart Card Standards and the Government Smart Card Interoperability Specification.
Card and Reader Overview Gerald Smith Sr. Consultant ID Technology Partners.

Card and Reader Overview Gerald Smith Sr. Consultant ID Technology Partners.
Current Technology and the TWIC Program Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology.

Current Technology and the TWIC Program Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology.
FIPS 201 Framework: Special Pubs 800-73,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.

FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.
Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.
Mobile Devices in the DoD

Mobile Devices in the DoD
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
The 4BF The Four Bridges Forum Federated PACS A Physical Access Use Case for Bridges FIPS 201/PIV-I PACS Interoperability April 28 th, 2009.

The 4BF The Four Bridges Forum Federated PACS A Physical Access Use Case for Bridges FIPS 201/PIV-I PACS Interoperability April 28 th, 2009.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.

1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
Personal Identity Verification Program

Personal Identity Verification Program
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
European Electronic Identity Practices Country Update of …………… Speaker: Date:

European Electronic Identity Practices Country Update of …………… Speaker: Date:
Enterprise PACS Best Practices

Enterprise PACS Best Practices

Similar presentations

Ads by Google