Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Hildegard Ferraiolo (Fed)

Displaying 26 - 50 of 64

Improved Security and Mobility Through Updated Interfaces for PIV Cards

July 21, 2015

Author(s)

Hildegard Ferraiolo, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-73-4: Interfaces for Personal Identity Verification and NIST SP 800-78-4: Cryptographic Algorithms and Key Sizes for Personal Identity Verification. SP 800-73-4 has been updated to align

Cardholder Authentication for the PIV Digital Signature Key

June 18, 2015

Author(s)

William Polk, Hildegard Ferraiolo, David Cooper

FIPS 201-2 requires explicit user action by the Personal Identity Verification (PIV) cardholder as a condition for use of the digital signature key stored on the card. This document clarifies the requirement for explicit user action to encourage the

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

May 28, 2015

Author(s)

Tim Polk, Donna F. Dodson, William Burr, Hildegard Ferraiolo, David Cooper

[Superseded by SP 800-78-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957979] This document contains the technical specifications needed for the mandatory and optional cryptographic keys specified in FIPS 201 as well as the

Interfaces for Personal Identity Verification

May 29, 2015

Author(s)

David Cooper, Hildegard Ferraiolo, Ketan L. Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler

[Superseded by SP 800-73-4 (May 2015, w/updates as of 2/8/2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920323] FIPS 201 defines the requirements and characteristics of a government-wide interoperable identity credential. FIPS 201

Release of NIST Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials

December 30, 2014

Author(s)

Hildegard Ferraiolo, Larry Feldman, Gregory A. Witte

NIST has recently released Special Publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials. Itto provide the technical details for a system by which mobile devices such as smart phones and tables are provisioned

Guidelines for Derived Personal Identity Verification (PIV) Credentials

December 19, 2014

Author(s)

Hildegard Ferraiolo, David A. Cooper, Salvatore Francomacaro, Andrew R. Regenscheid, Jason Mohler, Sarbari Gupta, William E. Burr

This recommendation provides technical guidelines for the implementation of standards-based, secure, reliable, interoperable PKI-based identity credentials that are issued by Federal departments and agencies to individuals who possess and prove control

NIST and Computer Security

April 4, 2014

Author(s)

William E. Burr, Hildegard Ferraiolo, David A. Waltermire

The US National Institute of Standards and Technology's highly visible work in four key areas--cryptographic standards, role-based access control, identification card standards, and security automation--has and continues to shape computer and information

Personal Identity Verification (PIV) of Federal Employees and Contractors

September 4, 2013

Author(s)

National Institute of Standards and Technology (NIST), Hildegard Ferraiolo, David Cooper, Salvatore Francomacaro, Ketan Mehta, Annie W. Sokol

[Superseded by FIPS 201-3 (January 2022) https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934136] This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. The

A Credential Reliability and Revocation Model for Federated Identities

November 29, 2012

Author(s)

Hildegard Ferraiolo

A large number of Identity Management Systems (IDMSs) are being deployed worldwide that use different technologies for the population of their users. With the diverse set of technologies, and the unique business requirements for organizations to federate

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

December 31, 2010

Author(s)

William Polk, Donna F. Dodson, William E. Burr, Hildegard Ferraiolo, David Cooper

[Superseded by SP 800-78-4 (May 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918499] This document contains the technical specifications needed for the mandatory and optional cryptographic keys specified in FIPS 201 as well as the

PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)

July 28, 2010

Author(s)

Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L. Mehta

[Superseded by SP 800-85A-4 (April 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920340] The objective of this document is to provide test requirements and test assertions that could be used to validate the compliance/conformance of

Interfaces for Personal Identity Verification

February 19, 2010

Author(s)

Ramaswamy Chandramouli, David A. Cooper, James F. Dray Jr., Hildegard Ferraiolo, Scott Guthery, William I. MacGregor, Ketan Mehta

[Superseded by SP 800-73-4 (May 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918402] FIPS 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, defines procedures for the PIV lifecycle activities including

Use of ISO/IEC 24727

August 14, 2009

Author(s)

Hildegard Ferraiolo, Teresa T. Schwarzhoff, William I. MacGregor, Hung Dang, Ketan Mehta

This document describes the use of ISO/IEC 24727 in enabling client-applications to access identity credentials issued by different credential issuers.