NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
NIST SP 800-73 Interfaces for Personal Identity Verification
Companion Document to FIPS 201
on Monday 06 February 2006 print the content item {PDF=create pdf file of the content item^plugin:content.50}
in NIST.gov Publications > Special Publications - SP 800 series

The Homeland Security Presidential Directive HSPD-12 called for a common identification standard to be adopted governing the interoperable use of identity credentials to allow physical and logical access to Federal government locations and systems. The Personal Identity Verification (PIV) of Federal Employees and Contractors, Federal Information Processing Standard 201 (FIPS 201) was developed to establish standards for identity credentials. This document, Special Publication 800-73 (SP 800-73), specifies interface requirements for retrieving and using the identity credentials from the PIV Card and is a companion document to FIPS 201.

Download the entire NIST SP 800-73 PDF

You may use the NIST.org Forum to ask questions or discuss this document.

Below is a short description of SP 800-73 from NIST.gov, edited:

FIPS 201 defines procedures for the PIV lifecycle activities including identity proofing, registration, PIV Card issuance, and PIV Card usage. FIPS 201 also specifies that the identity credentials must be stored on a smart card. This document contains technical specifications to interface with the smart card to retrieve and use the identity credentials. These specifications reflect the design goals of interoperability and PIV Card functions. The goals are addressed by specifying a PIV data model, communication interface, and application programming interface. Moreover, this specification enumerates requirements where the standards include options and branches. This document goes further by constraining implementers' interpretation of the normative standards. Such restrictions are designed to ease implementation, facilitate interoperability, and ensure performance, in a manner tailored for PIV applications.

This document specifies the PIV data model, Application Programming Interface (API), and card interface requirements necessary to comply with the mandated use cases, as defined in Section 6 of FIPS 201 and further elaborated in Section 1.7 below, for interoperability across deployments or agencies. Interoperability is defined as the use of PIV identity credentials such that client-application programs, compliant card applications and compliant integrated circuit cards (ICC) can be used interchangeably by all information processing systems across Federal agencies. The specification defines PIV data element identifiers, structure, and format. This specification also describes the client-application programming interface and the card command interface for use of the PIV Card. This document does not address the back-end processes that must be performed to attain full identity assertion.

---
The SP 800-73 document was created by the National Institute of Standards and Technology and is public domain (not subject to copyright).


NIST Special Publication # 800-73


Translate to: {GOOGLETRANS}
Google Ads




Headlines

»CVE-2014-9903 (linux_kernel)
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses ...
»CVE-2014-9904 (linux_kernel)
The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the ...
»CVE-2015-7473 (websphere_mq)
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager c ...
»CVE-2015-7987 (airport_base_station_firmware, iphone_os, mac_os_x, mdnsresponder, watchos)
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write t ...
»CVE-2015-7988 (airport_base_station_firmware, iphone_os, mac_os_x, mdnsresponder, watchos)
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to e ...
»CVE-2016-0224
SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows re ...
»CVE-2016-0229
Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allo ...
»CVE-2016-0233
SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows re ...
»CVE-2016-0259 (websphere_mq)
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authori ...
»CVE-2016-0277 (domino)
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9 ...
»CVE-2016-0278 (domino)
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9 ...
»CVE-2016-0279 (domino)
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9 ...
»CVE-2016-0301 (domino)
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9 ...
»CVE-2016-0758 (linux_kernel)
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain pri ...
»CVE-2016-1188 (garoon)
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail mess ...


Date published: 2016-06-28T04:50:00Z
Details

»IRS Announces Safeguards to Protect Taxpayer Information
Original release date: June 24, 2016 The Internal Revenue Service (IRS) has issued two news r ...
»WordPress Releases Security Update
Original release date: June 22, 2016 WordPress 4.5.2 and prior versions are affected by sever ...
»Apple Releases Security Update
Original release date: June 21, 2016 Apple has released a security update to address a vulner ...
»Google Releases Security Update for Chrome
Original release date: June 17, 2016 Google has released Chrome version 51.0.2704.103 to addr ...
»Adobe Releases Security Updates
Original release date: June 16, 2016 Adobe has released security updates to address vulnerabi ...
»Cisco Releases Security Updates
Original release date: June 15, 2016 Cisco has released security updates to address vulnerabi ...
»VMware Releases Security Updates
Original release date: June 15, 2016 VMware has released security updates to address a vulner ...
»Microsoft Releases June 2016 Security Bulletin
Original release date: June 14, 2016 Microsoft has released 16 updates to address vulnerabili ...
»Adobe Releases Security Updates
Original release date: June 14, 2016 Adobe has released security updates to address vulnerabi ...
»VMware Releases Security Updates
Original release date: June 10, 2016 VMware has released security updates to address vulnerab ...


Date published: not known
Details

»BSides Denver to take place the day after VB2016
VB2016, the 26th International Virus Bulletin conference, is an exc ...
»VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF Format
In their VB2015 paper, Peter Kálnai and Jaromír Hořejší look at the ...
»Throwback Thursday: Hyppönen, that Data Fellow / Finnish Sprayer
This week, well known and universally respected industry guru Mikko ...
»VB2015 paper: Economic Sanctions on Malware
Financial pressure can be a proactive and potentially very effectiv ...
»Virus Bulletin's job site for recruiters and job seekers
Virus Bulletin has relaunched its security job vacancy service and ...
»Throwback Thursday: One_Half: The Lieutenant Commander?
In October 1994, a new multi-partite virus appeared, using some of ...
»Advertisements on Blogspot sites lead to support scam
Support scam pop-ups presented through malicious advertisements sho ...
»To make Tor work better on the web, we need to be honest about it
Many websites put barriers in front of visitors who use the Tor net ...
»Paper: How It Works: Steganography Hides Malware in Image Files
A new paper by CYREN researcher Lordian Mosuela takes a close look ...


Date published: not known
Details
Main Menu
· Home
Current Security News
 
US-CERT Current Activity

» IRS Announces Safeguards to Protect Taxpayer Information
[24 Jun 2016 05:02pm]

» WordPress Releases Security Update
[22 Jun 2016 06:42am]

» Apple Releases Security Update
[21 Jun 2016 06:56am]

» Google Releases Security Update for Chrome
[16 Jun 2016 11:32pm]

» Adobe Releases Security Updates
[16 Jun 2016 07:55pm]

» Cisco Releases Security Updates
[15 Jun 2016 06:32pm]

» VMware Releases Security Updates
[15 Jun 2016 10:40am]

» Microsoft Releases June 2016 Security Bulletin
[14 Jun 2016 11:38am]

» Adobe Releases Security Updates
[14 Jun 2016 11:08am]

» VMware Releases Security Updates
[10 Jun 2016 11:37am]

***
US-CERT Alerts

» TA16-144A: WPAD Name Collision Vulnerability
[23 May 2016 05:38am]

» TA16-132A: Exploitation of SAP Business Applications
[11 May 2016 05:31am]

» TA16-105A: Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced
[14 Apr 2016 01:48pm]

» TA16-091A: Ransomware and Recent Variants
[31 Mar 2016 04:00pm]

» TA15-337A: Dorkbot
[03 Dec 2015 04:40pm]

» TA15-314A: Compromised Web Servers and Web Shells - Threat Awareness and Guidance
[10 Nov 2015 06:12pm]

» TA15-286A: Dridex P2P Malware
[13 Oct 2015 05:23am]

» TA15-240A: Controlling Outbound DNS Access
[28 Aug 2015 11:31am]

» TA15-213A: Recent Email Phishing Campaigns – Mitigation and Response Recommendations
[01 Aug 2015 04:01pm]

» TA15-195A: Adobe Flash and Microsoft Windows Vulnerabilities
[14 Jul 2015 05:13pm]

***
Computerworld Security

» Hacker looks to sell 10M patient records on black market
[27 Jun 2016 02:24pm]

» Google’s Sundar Pichai has been hacked; which CEO will be next?
[27 Jun 2016 11:53am]

» Bart ransomware shows it can be effective without sophisticated encryption
[27 Jun 2016 11:17am]

» Report: Security teams plagued by poorly managed identity data
[27 Jun 2016 09:02am]

» IRS kills electronic filing PIN feature due to repeated attacks
[27 Jun 2016 07:47am]

» What Apple users need to know about differential privacy
[27 Jun 2016 07:26am]

» Hacker selling 655,000 patient records from 3 hacked healthcare organizations
[27 Jun 2016 07:13am]

» Intel is said to mull sale of its security business
[27 Jun 2016 04:27am]

» The EU and U.S. reach data-transfer deal, report says
[24 Jun 2016 09:45am]

» Lenovo patches two high-severity flaws in PC support tool
[24 Jun 2016 08:18am]

» U.S. court rules that FBI can hack into a computer without a warrant
[24 Jun 2016 04:36am]

» Lessons and observations from the GoToMyPC incident
[23 Jun 2016 10:06pm]

» Why Russian hackers were likely behind the DNC breach
[23 Jun 2016 02:31pm]

» GozNym Trojan targets business accounts at major U.S. banks
[23 Jun 2016 12:58pm]

» AWS and Azure clouds gain security OK from feds
[23 Jun 2016 09:38am]

***
Microsoft Security Advisories

» 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
[18 May 2016 11:00am]

» 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
[10 May 2016 11:00am]

» 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1
[22 Apr 2016 11:00am]

» 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
[10 Feb 2016 11:00am]

» 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0
[09 Feb 2016 11:00am]

» 3123479 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 1.0
[12 Jan 2016 11:00am]

» 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0
[12 Jan 2016 11:00am]

» 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
[12 Jan 2016 11:00am]

» 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0
[05 Jan 2016 11:00am]

» 3057154 - Update to Harden Use of DES Encryption - Version: 1.1
[08 Dec 2015 11:00am]

» 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0
[08 Dec 2015 11:00am]

» 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0
[30 Nov 2015 11:00am]

» 3108638 - Update for Windows Hyper-V to Address CPU Weakness - Version: 1.0
[10 Nov 2015 11:00am]

» 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 2.0
[13 Oct 2015 11:00am]

» 3042058 - Update to Default Cipher Suite Priority Order - Version: 1.1
[13 Oct 2015 11:00am]

***
WIRED

» Meet OurMine, the ‘Security’ Group Hacking CEOs and Celebs
[27 Jun 2016 03:46pm]

» So Hey You Should Stop Using Texts for Two-Factor Authentication
[26 Jun 2016 05:00am]

» Security News This Week: Brexit Edition (Hey, at Least Bitcoin Is OK)
[25 Jun 2016 05:00am]

» A Bug in Chrome Makes It Easy to Pirate Movies
[24 Jun 2016 05:00am]

» Hey, Congress, Here’s How You Use Periscope
[22 Jun 2016 02:52pm]

» House Dems Take to Twitter to Let You See Their Gun-Control Sit-In
[22 Jun 2016 11:08am]

» After Orlando, the Homemade AR-15 Industry Surges
[22 Jun 2016 05:00am]

» Security News This Week: Anonymous Hacks ISIS Twitter With Gay Pride
[19 Jun 2016 05:00am]

» Silk Road Prosecutors Argue Ross Ulbricht Doesn’t Deserve a New Trial
[18 Jun 2016 03:53pm]

» Orlando Shows the Limits of Facebook’s Terror Policing
[17 Jun 2016 06:38am]

***
Network World Security

» FBI expansion of surveillance powers meets obstacle
[28 Jun 2016 12:17am]

» A hacker wants to sell 10 million patient records on the black market
[27 Jun 2016 02:24pm]

» DHS wants to predict how malware will morph
[27 Jun 2016 11:59am]

» Google’s Sundar Pichai has been hacked - which CEO will be next?
[27 Jun 2016 11:47am]

» Buyer’s Guide to 9 multi-factor authentication products
[06 Jun 2016 04:00am]

» 5 trends shaking up multi-factor authentication
[06 Jun 2016 04:00am]

» 9-vendor authentication roundup: The good, the bad and the ugly
[06 Jun 2016 04:00am]

» Review: Hot new tools to fight insider threats
[31 May 2016 04:00am]

» 3 top tools to fight insider threats
[31 May 2016 04:00am]

» SIEM review: Splunk, ArcSight, LogRhythm and QRadar
[09 May 2016 02:00pm]

» What users love (and hate) about 4 leading firewall solutions
[25 Apr 2016 01:48pm]

» 10 no-cost home security mobile apps worth a download
[01 Apr 2016 06:39am]

» 7 VPN services for hotspot protection
[14 Mar 2016 04:00am]

» A hacker wants to sell 10 million patient records on the black market
[27 Jun 2016 02:24pm]

» DHS wants to predict how malware will morph
[27 Jun 2016 11:59am]

***


More IT Security
News Feeds
More Sponsors

Advertise on this site
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}