NIST logo

Publication Citation: Interfaces For Personal Identity Verification, 2006 Edition

NIST Authors in Bold

Author(s): James F. Dray Jr; Scott Guthery; Teresa T. Schwarzhoff;
Title: Interfaces For Personal Identity Verification, 2006 Edition
Published: March 15, 2006
Abstract: FIPS 201, Personal Identity Verification for Federal Employees and Contractors, specifies that the identity credentials must be stored on a smart card. Special Publication 800-73 contains technical specifications for smart card interfaces used to retrieve and use identity credentials. These specifications reflect the design goals of interoperability and PIV Card functions. The goals are addressed by specifying PIV data model, communication interface, and application programming interface (API). SP 800-73 enumerates requirements where the standards include options and branches and also constrains implementers' interpretation of the standards. Such restrictions are designed to ease implementation, facilitate interoperability, and ensure performance, in a manner tailored for PIV applications. Specifications include the PIV data model, API, and card interface requirements necessary to comply with the mandated use cases for interoperability across deployments or agencies. Interoperability is defined as the use of PIV identity credentials such that client APIs, compliant card applications and compliant integrated circuit cards can be used interchangeably by information processing systems across Federal agencies. SP 800-73 does not address the back-end processes that must be performed to attain full identity assertion. The document describes two realizations of the client-application programming and card command interfaces for personal identity verification: the transitional interfaces and the end-point interfaces. Transitional interfaces may be used by agencies with an existing identity card program as an optional step in evolving to the end-point interfaces. End-point interfaces are used by agencies without an existing identity card program and by agencies that elect to evolve to the end-point interface in one step rather than two. SP 800-73 is divided into three parts as follows: Part 1, providing the specification for that which is common to both the transitional and end-point interfaces and guidance on strategies for migrating from the transitional interfaces to the end-point interfaces; Part 2, describing the subsets of GSC-ISv2.1 that comprise the transitional interfaces to the PIV data model; and Part 3, describing in detail the end-point interfaces to the PIV data model.
Citation: NIST SP - 800-73-1
Keywords: Computer security, personal identity verification, smart card, authentication
Research Areas: Biometrics