This presentation is smartcard and reader centric view of FIPS 201 / PIV program for Federal agencies for physical and logical access. FIPS 201 is a standard developed to comply by 12th presidential directive (HSPD-12).
6. PIV Timeline Anshuman Sinha <anshuman.sinha2@gmail.com> 2004 2005 2006 Feb FIPS 201 HSPD-12 Aug ‘ 04 NPIVP Test Aug More Test Facilities Nov Biometry Specs. Dec ‘ 05 FIPS 201-1 June PIV Card / Reader IOP July Oct ‘ 06 PIV Target
16. PIV Card Data Model Mandatory Data Optional Data Anshuman Sinha <anshuman.sinha2@gmail.com> Description Interface Access Rule Card Capabilities Container Contact Always Read Card Holder Unique Id Contact and Contactless Always Read X.509 for PIV Authentication Contact and Contactless Always Read Card Holder Finger Print I Contact PIN Printed Information Buffer Contact PIN Card Holder Facial Image Contact PIN X.509 for Digital Signature Contact PIN X.509 for Key Management Contact Always Read X.509 for Card Authentication Contact Always Read Security Object Contact Always Read
17.
18.
19.
20. PIV II Graduations - Physical Access Anshuman Sinha <anshuman.sinha2@gmail.com> Assurance Levels PIV Auth Mechanism Some Confidence VIS, CHUID High Confidence BIO Very High Confidence BIO-A , PKI
21. PIV II Graduations - Logical Access Anshuman Sinha <anshuman.sinha2@gmail.com> Assurance Levels Local Auth Mechanism Remote Auth Mechanism Some Confidence CHUID PKI High Confidence BIO Very High Confidence BIO-A, PKI
22.
23.
24. PIV II CHUID Auth Anshuman Sinha <anshuman.sinha2@gmail.com>
25. PIV II BIO AUTH Anshuman Sinha <anshuman.sinha2@gmail.com>
26. PIV II PKI AUTH Anshuman Sinha <anshuman.sinha2@gmail.com>
27. PIV II – Reader Design Goals Anshuman Sinha <anshuman.sinha2@gmail.com> Assurance Levels PIV Auth Mechanism Readers Some Confidence VIS, CHUID Design 1 High Confidence BIO Design 2 Very High Confidence BIO-A , PKI Design 3
28.
29.
30.
31. PIV II - Card End Point Card [Single Chip Dual Interface] Transition Card [Dual Chip Dual Interface] Transition II Card [Dual Chip Dual Interface] PIV II Applet CAC Applet PIV II Applet CAC Applet Anshuman Sinha <anshuman.sinha2@gmail.com>
32.
33. Assurance Levels Anshuman Sinha <anshuman.sinha2@gmail.com> Assurance Levels PIV Physical Auth Mechanism PIV Logical Auth Mechanism Some Confidence VIS, CHUID CHUID High Confidence BIO BIO Very High Confidence BIO-A , PKI BIO-A, PKI