Jump to content

FIPS 201

From Wikipedia, the free encyclopedia
An example diagram of a Personal Identity Verification (PIV) card issued by various United States government agencies. Not all fields are used by all agencies.

FIPS 201 (Federal Information Processing Standard Publication 201) is a United States federal government standard that specifies Personal Identity Verification (PIV) requirements for Federal employees and contractors.

In response to HSPD-12, the NIST Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors to access Federal facilities and information systems. FIPS 201 was developed to satisfy the technical requirements of HSPD-12, approved by the Secretary of Commerce, and issued on February 25, 2005.

This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors.[1] FIPS 201 specifies that an identity credential must be stored on a smart card. SP 800-73, a NIST special publication, contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials.[2]

FIPS 201 was replaced by FIPS 201-2[3] on September 5, 2013,[4] and by FIPS 201-3 in January 2022.[5]

Deputy Secretary of the Interior P. Lynn Scarlett demonstrating a PIV card in 2006

The Government Smart Card Interagency Advisory Board has indicated that to comply with FIPS 201 PIV II, US government agencies should use smart card technology.

See also

[edit]

References

[edit]
  1. ^ Technology, National Institute of Standards and (2013-09-05). "Personal Identity Verification (PIV) of Federal Employees and Contractors". doi:10.6028/NIST.FIPS.201-3. {{cite journal}}: Cite journal requires |journal= (help)
  2. ^ Cooper, David A.; Ferraiolo, Hildegard; Mehta, Ketan L.; Francomacaro, Salvatore; Chandramouli, Ramaswamy; Mohler, Jason (December 2010). "Interfaces for Personal Identity Verification – Part 1: PIV Card Application Namespace, Data Model and Representation". National Institute of Standards and Technology. Section 1.1, Paragraph 2. doi:10.6028/NIST.SP.800-73-4. NIST is responsible for developing standards and guidelines ... but such standards and guidelines shall not apply to national security systems. {{cite journal}}: Cite journal requires |journal= (help)
  3. ^ "Personal Identity Verification (PIV) of Federal Employees and Contractors". 2013. doi:10.6028/NIST.FIPS.201-2. S2CID 113957449. {{cite journal}}: Cite journal requires |journal= (help)
  4. ^ Federal Register Volume 78, Issue 172 (September 5, 2013) https://www.govinfo.gov/app/details/FR-2013-09-05/2013-21491
  5. ^ Personal Identity Verification of Federal Employees and Contractors https://csrc.nist.gov/Projects/piv/piv-standards-and-supporting-documentation
[edit]