FIPS 201 PIV

From CryptoDox, The Online Encyclopedia on Cryptography and Information Security

Jump to: navigation, search

FIPS 201 (Federal Information Processing Standards Publication 201) is a United States federal standard that specifies Personal Identity Verification (or PIV) requirements for Federal employees and contractors.

FIPS 201 incorporates three technical publications specifying several aspects of the required administrative procedures and technical specifications that may change as the standard is implemented and used.

  • NIST Special Publication 800-73, “Interfaces for Personal Identity Verification” specifies the interface and data elements of the PIV card;
  • NIST Special Publication 800-76, Biometric Data Specification for Personal Identity Verification” specifies the technical acquisition and formatting requirements for biometric data of the PIV system; and
  • NIST Special Publication 800-78, “Cryptographic Algorithms and Key Sizes for Personal Identity Verification” specifies the acceptable cryptographic algorithms and key sizes to be implemented and used for the PIV system.

In addition, a number of guidelines, reference implementations, and conformance tests have been identified as being needed to: implement and use the PIV system; protect the personal privacy of all subscribers of the PIV system; authenticate identity source documents to obtain the correct legal name of the person applying for a PIV "card"; electronically obtain and store required biometric data (e.g., fingerprints, facial images) from the PIV system subscriber; create a PIV "card" that is "personalized" with data needed by the PIV system to later grant access to the subscriber to Federal facilities and information systems; assure appropriate levels of security for all applicable Federal applications; and provide interoperability among Federal organizations using the standards. These activities will be pursued as resources permit.

See Also

External Links