NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
NIST FIPS 201 Personal Identity Verification (PIV)
Federal Information Processing Standards Publication 201
on Monday 06 February 2006 print the content item {PDF=create pdf file of the content item^plugin:content.49}
in NIST.gov Publications > Federal Information Processing Standards (FIPS)

This standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. The overall goal is to achieve appropriate security assurance for multiple applications by efficiently verifying the claimed identity of individuals seeking physical access to Federally controlled government facilities and electronic access to government information systems.

Download the complete NIST FIPS 201

Please use the NIST.org Forum to ask questions or discuss this document.

The below NIST FIPS 201 Publication description is from NIST.gov, edited.

Description:

Homeland Security Presidential Directive 12 (HSPD 12), dated August 27, 2004, entitled “Policy for a Common Identification Standard for Federal Employees and Contractors,” directed the promulgation of a Federal standard for secure and reliable forms of identification for Federal employees and contractors. It further specified secure and reliable identification that—

  • Is issued based on sound criteria for verifying an individual employee’s identity
  • Is strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation
  • Can be rapidly authenticated electronically
  • Is issued only by providers whose reliability has been established by an official accreditation process.


The directive stipulated that the standard include graduated criteria, from least secure to most secure, to ensure flexibility in selecting the appropriate level of security for each application. As promptly as possible, but in no case later than eight months after the date of promulgation, executive departments and agencies are required to implement the standard for identification issued to Federal employees and contractors in gaining physical access to controlled facilities and logical access to controlled information systems.

This standard is applicable to identification issued by Federal departments and agencies to Federal employees and contractors (including contractor employees) for gaining physical access to Federally controlled facilities and logical access to Federally controlled information systems except for “national security systems”.

The PIV standard consists of two parts—PIV-I and PIV-II. PIV-I satisfies the control objectives and meets the security requirements of HSPD 12, while PIV-II meets the technical interoperability requirements of HSPD 12. PIV-II specifies implementation and use of identity credentials on integrated circuit cards for use in a Federal personal identity verification system.

PIV Cards must be personalized with identity information for the individual to whom the card is issued, in order to perform identity verification both by humans and automated systems. Humans can use the physical card for visual comparisons, whereas automated systems can use the electronically stored data on the card to conduct automated identity verification.

Federal departments and agencies may self-accredit, or use other accredited issuers, to issue identity credentials for Federal employees and contractors until a government-wide PIV-II accreditation process is established. The standard also covers security and interoperability requirements for PIV Cards.

---
The FIPS 201 document was created by the National Institute of Standards and Technology and is public domain (not subject to copyright).


FIPS PUB # 201


Translate to: {GOOGLETRANS}
Google Ads




Headlines

»CVE-2014-4677
The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 201 ...
»CVE-2014-9916
Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 allow remote attackers to inj ...
»CVE-2015-4056 (intelligent_operations)
The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cry ...
»CVE-2015-4057
The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext ...
»CVE-2016-10109
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of ...
»CVE-2016-10227 (nwa3560-n_firmware, usg50_firmware)
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial o ...
»CVE-2016-1245
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based bu ...
»CVE-2016-2226
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers ...
»CVE-2016-3013 (websphere_mq)
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data ...
»CVE-2016-3052 (websphere_mq)
IBM WebSphere MQ 8.0, under nonstandard configurations, sends password data in cleartext over the ne ...
»CVE-2016-4041
Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV req ...
»CVE-2016-4042
Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive cont ...
»CVE-2016-4043
Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restri ...
»CVE-2016-4487
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segm ...
»CVE-2016-4488
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segm ...


Date published: 2017-02-25T06:00:01Z
Details

»Apple Releases Security Update
Original release date: February 21, 2017 Apple has released a security update to address a vu ...
»OpenSSL Releases Security Update
Original release date: February 16, 2017 OpenSSL version 1.1.0e has been released to address ...
»Cisco Releases Security Update
Original release date: February 15, 2017 Cisco has released a security update to address a vu ...
»FBI Releases Article on Romance Scams
Original release date: February 14, 2017 The Federal Bureau of Investigation (FBI) has releas ...
»Adobe Releases Security Updates
Original release date: February 14, 2017 Adobe has released security updates to address vulne ...
»Apple Releases Security Update
Original release date: February 14, 2017 Apple has released a security updates to address a v ...
»Enhanced Analysis of GRIZZLY STEPPE
Original release date: February 10, 2017 The Department of Homeland Security (DHS) has releas ...
»ISC Releases Security Updates for BIND
Original release date: February 08, 2017 | Last revised: February 09, 2017 The Internet Syste ...
»Cisco Clock Signal Component Failure Advisory
Original release date: February 06, 2017 Cisco has released a hardware advisory for a clock s ...
»CERT/CC Reports a Microsoft SMB Vulnerability
Original release date: February 03, 2017 CERT Coordination Center (CERT/CC) has released info ...


Date published: not known
Details

»The SHA-1 hashing algorithm has been 'shattered'
Researchers from Google and CWI Amsterdam have created the first kn ...
»Throwback Thursday: Once a researcher...
VB was saddened to learn this week of the passing of one of the pio ...
»VB2017: What is happening in the threat landscape and what are we doing against it? Submit a proposal in the VB2017 CFP!
Have you analysed a new online threat? Do you know a new way to def ...
»VB2016 paper: APT reports and OPSEC evolution, or: these are not the APT reports you are looking for
APT reports are great for gaining an understanding of how advanced ...
»Security for your ears: recommended infosec podcasts
Industry veteran Mikko Hyppönen recently urged would-be security re ...
»VB2016 video: Getting duped: piggybacking on webcam streams for surreptitious recordings
In a presentation at VB2016, Patrick Wardle, Director of Research a ...
»We shouldn't forget those most vulnerable in our digital world
Virus Bulletin Editor Martijn Grooten calls for the security commun ...
»Throwback Thursday: A troubled world
In early 1991, the world was a troubled place and conflict and viol ...
»VB2016 video: Nymaim: the Untold Story
Until very recently, the Nymaim banking trojan was a serious proble ...


Date published: not known
Details
Main Menu
· Home
Current Security News
 
US-CERT Current Activity

» Apple Releases Security Update
[21 Feb 2017 01:35pm]

» OpenSSL Releases Security Update
[16 Feb 2017 07:23pm]

» Cisco Releases Security Update
[15 Feb 2017 12:20pm]

» FBI Releases Article on Romance Scams
[14 Feb 2017 09:01pm]

» Adobe Releases Security Updates
[14 Feb 2017 08:57am]

» Apple Releases Security Update
[14 Feb 2017 06:25am]

» Enhanced Analysis of GRIZZLY STEPPE
[10 Feb 2017 07:24pm]

» ISC Releases Security Updates for BIND
[08 Feb 2017 05:29pm]

» Cisco Clock Signal Component Failure Advisory
[06 Feb 2017 04:40pm]

» CERT/CC Reports a Microsoft SMB Vulnerability
[03 Feb 2017 01:48am]

***
US-CERT Alerts

» TA16-336A: Avalanche (crimeware-as-a-service infrastructure)
[30 Nov 2016 10:00pm]

» TA16-288A: Heightened DDoS Threat Posed by Mirai and Other Botnets
[14 Oct 2016 05:59pm]

» TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations
[06 Sep 2016 04:29pm]

» TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities
[05 Jul 2016 08:50am]

» TA16-144A: WPAD Name Collision Vulnerability
[23 May 2016 05:38am]

» TA16-132A: Exploitation of SAP Business Applications
[11 May 2016 05:31am]

» TA16-105A: Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced
[14 Apr 2016 01:48pm]

» TA16-091A: Ransomware and Recent Variants
[31 Mar 2016 04:00pm]

» TA15-337A: Dorkbot
[03 Dec 2015 04:40pm]

» TA15-314A: Compromised Web Servers and Web Shells - Threat Awareness and Guidance
[10 Nov 2015 06:12pm]

***
Computerworld Security

» Google discloses unpatched IE flaw after Patch Tuesday delay
[24 Feb 2017 11:44am]

» FCC puts the brakes on ISP privacy rules it passed in October
[24 Feb 2017 11:43am]

» Cloudflare bug exposed passwords, other sensitive website data
[24 Feb 2017 09:47am]

» The SHA1 hash function is now completely unsafe
[23 Feb 2017 03:35pm]

» Ransomware 'customer support' chat reveals criminals' ruthlessness
[23 Feb 2017 03:14pm]

» 8 steps to regaining control over shadow IT
[23 Feb 2017 01:17pm]

» Breaking and protecting devops tool chains
[23 Feb 2017 11:33am]

» Bruce Schneier and the call for "public service technologists"
[23 Feb 2017 11:32am]

» Police arrest man suspected of building million-router German botnet
[23 Feb 2017 10:06am]

» Eleven-year-old root Linux kernel flaw found and patched
[23 Feb 2017 08:49am]

» Amid cyberattacks, ISPs try to clean up the internet
[23 Feb 2017 07:26am]

» A hard drive's LED light can be used to covertly leak data
[23 Feb 2017 04:40am]

» What to expect from the Trump administration on cybersecurity
[22 Feb 2017 12:39pm]

» New macOS ransomware spotted in the wild
[22 Feb 2017 12:09pm]

» What’s up with Windows patching, Microsoft?
[22 Feb 2017 09:36am]

***
Microsoft Security Advisories

» 4010983 - Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service - Version: 1.0
[27 Jan 2017 11:00am]

» 3214296 - Vulnerabilities in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege - Version: 1.0
[10 Jan 2017 11:00am]

» 3181759 - Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege - Version: 1.0
[13 Sep 2016 11:00am]

» 3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0
[13 Sep 2016 11:00am]

» 3179528 - Update for Kernel Mode Blacklist - Version: 1.0
[09 Aug 2016 11:00am]

» 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
[18 May 2016 11:00am]

» 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
[10 May 2016 11:00am]

» 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1
[22 Apr 2016 11:00am]

» 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
[10 Feb 2016 11:00am]

» 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0
[09 Feb 2016 11:00am]

» 3123479 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 1.0
[12 Jan 2016 11:00am]

» 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0
[12 Jan 2016 11:00am]

» 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
[12 Jan 2016 11:00am]

» 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0
[05 Jan 2016 11:00am]

» 3057154 - Update to Harden Use of DES Encryption - Version: 1.1
[08 Dec 2015 11:00am]

***
WIRED

» Killing Kim Jong Nam With VX Nerve Agent Crossed a ‘Red Line’
[24 Feb 2017 05:39pm]

» Massive Bug May Have Leaked User Data From Millions of Sites. So … Change Your Passwords
[24 Feb 2017 10:53am]

» Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online
[24 Feb 2017 10:00am]

» A Super-Common Crypto Tool Turns Out to Be Super-Insecure
[23 Feb 2017 06:00am]

» Now Anyone Can Deploy Google’s Troll-Fighting AI
[23 Feb 2017 05:00am]

» Malware Lets a Drone Steal Data by Watching a Computer’s Blinking LED
[22 Feb 2017 05:00am]

» An Arms Dealer Says Life Under Trump Is a ‘Win-Win’
[20 Feb 2017 05:00am]

» Smart City Tech Would Make Military Bases Safer
[19 Feb 2017 07:30am]

» The Former Secretary of Defense Outlines the Future of Warfare
[19 Feb 2017 05:00am]

» Security News This Week: Yahoo Got Hacked Again. No, Seriously
[18 Feb 2017 08:00am]

***
Network World Security

» I come to bury SHA1, not to praise it
[24 Feb 2017 12:58pm]

» Google discloses unpatched IE vulnerability after Patch Tuesday delay
[24 Feb 2017 11:44am]

» FCC puts the brakes on ISP privacy rules it just passed in October
[24 Feb 2017 11:43am]

» Cisco unveils Hierarchy of Needs for the digital enterprise
[24 Feb 2017 11:29am]

» 5 open source security tools too good to ignore
[21 Feb 2017 07:12am]

» Review: Samsung SmartCam PT network camera
[15 Feb 2017 07:00am]

» Review: Arlo Pro cameras offer true flexibility for home security
[09 Feb 2017 07:01am]

» Face-off: Oracle vs. CA for identity management
[26 Jan 2017 10:30am]

» 6 steps to secure a home security camera
[23 Jan 2017 04:00am]

» REVIEW: Home security cameras fall short on security
[23 Jan 2017 04:00am]

» Review: Microsoft Windows Defender comes up short
[03 Jan 2017 10:48am]

» Inside 3 top threat hunting tools
[19 Dec 2016 04:00am]

» Review: Threat hunting turns the tables on attackers
[19 Dec 2016 04:00am]

» Google discloses unpatched IE vulnerability after Patch Tuesday delay
[24 Feb 2017 11:44am]

» FCC puts the brakes on ISP privacy rules it just passed in October
[24 Feb 2017 11:43am]

***


More IT Security
News Feeds
More Sponsors

Advertise on this site
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}