Capabilities:
Global Partners
FIPS 201 - Personal Identity Verification
In response to Homeland Security Presidential Directive (HSPD) 12, the US National Institute of Standards and Technology’s (NIST) Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems. Federal Information Processing Standard (FIPS) 201-1, published March 2006, was developed to satisfy the requirements of HSPD 12.
FIPS 201 relies on three primary ‘Special Publications’ issued by NIST which specify the required technical specifications:
- NIST Special Publication 800-73-1, Interfaces for Personal Identity Verification, which specifies the interface and data elements required for a PIV card;
- NIST Special Publication 800-76-1, Biometric Data Specification for Personal Identity Verification, specifies the technical acquisition and formatting requirements for biometric data to be utilized in a PIV system; and
- NIST Special Publication 800-78-1, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, which specifies the allowed cryptographic algorithms and key sizes to be implemented and used in a PIV system.
PIV requirements are still relatively new and may be difficult to interpret correctly. The EWA-Canada IT Security Evaluation & Testing Facility is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) to perform testing of PIV card applications and PIV middle ware and offers a full range of evaluation and related consulting services:
- PIV Testing
- Cryptographic Algorithm Validation
- FIPS 140-2 Validation and Re-Validation
Note: A FIPS 140-2 validation is required for the smart card and PIV card application after the PIV card application is validated.
Please Contact Us for further information.