 |
|
New NIST publications describe standards for identity credentials and authentication systems
September 10, 2009Two publications from the National Institute of Standards and Technology (NIST) describe new capabilities for authentication systems using smart cards or other personal security devices within and outside federal government applications. A report describes a NIST-led international standard, ISO/IEC 24727, which defines a general-purpose identity application programming interface (API). The other is a draft publication on refinements to the Personal Identity Verification (PIV) specification.
NIST is responsible for developing specifications for PIV cards required for the government under Homeland Security Presidential Directive 12. These smart cards have embedded chips that hold information and biometric data such as specific types of patterns in fingerprints called "minutiae" along with a unique identifying number. The goal is to develop methods that allow each worker to have a PIV card that works with PIV equipment at all government agencies and with all card-reader equipment regardless of the manufacturer.
Because there is growing interest in using secure identity credentials like PIV cards for multiple applications beyond the federal workplace, NIST provided its smart card research expertise in the development of an international standard-ISO/IEC 24727 - Identification cards - Integrated circuit card programming interfaces-that provides a set of authentication protocols and services common to identity management frameworks.
The new NIST report, Use of ISO/IEC 24727 is an introduction to that standard. It describes the standard's general-purpose identity application programming interface, the "Service Access Layer Interface for Identity (SALII)", which allows cards and readers to communicate and operate with applications seamlessly. The report also describes a proof-of-concept experiment demonstrating that existing PIV cards and readers can work interoperably with ISO/IEC 24727. The applications tested included logging on to Windows or Linux systems, signing and encrypting email, and performing Web authentications.
NIST Interagency Report 7611 Use of ISO/IEC 24727 may be downloaded at http://csrc.nist.gov/publications/nistir/ir7611/nistir7611_use-of-isoiec24727.pdf.
NIST researchers also are involved in improving PIV components and providing guidelines that the private sector and municipalities can use with a similar smart ID card. They have drafted an update to an earlier publication that contains the technical specifications for interfacing with the PIV card to retrieve and use identity credentials.
Special Publication 800-73-3, Interfaces for Personal Identity Verification, provides specifications for PIV-Interoperable and PIV-Compatible cards issued by non-federal issuers, which may be used with the federal PIV system. It also provides specifications designed to ease implementation, facilitate interoperability and ensure performance of PIV applications in the federal workplace. The new publication specifies a PIV data model, card edge interface and application programming interface. The report also provides editorial changes to clarify information in the earlier version. (For background, see "Updated Specification Issued for PIV Card Implementations," NIST Tech Beat, Oct. 14, 2008 [http://www.nist.gov/public_affairs/techbeat/tb2008_1014.htm].)
National Institute of Standards and Technology (NIST)
The new NIST report, Use of ISO/IEC 24727 is an introduction to that standard. It describes the standard's general-purpose identity application programming interface, the "Service Access Layer Interface for Identity (SALII)", which allows cards and readers to communicate and operate with applications seamlessly. The report also describes a proof-of-concept experiment demonstrating that existing PIV cards and readers can work interoperably with ISO/IEC 24727. The applications tested included logging on to Windows or Linux systems, signing and encrypting email, and performing Web authentications.
NIST Interagency Report 7611 Use of ISO/IEC 24727 may be downloaded at http://csrc.nist.gov/publications/nistir/ir7611/nistir7611_use-of-isoiec24727.pdf.
NIST researchers also are involved in improving PIV components and providing guidelines that the private sector and municipalities can use with a similar smart ID card. They have drafted an update to an earlier publication that contains the technical specifications for interfacing with the PIV card to retrieve and use identity credentials.
Special Publication 800-73-3, Interfaces for Personal Identity Verification, provides specifications for PIV-Interoperable and PIV-Compatible cards issued by non-federal issuers, which may be used with the federal PIV system. It also provides specifications designed to ease implementation, facilitate interoperability and ensure performance of PIV applications in the federal workplace. The new publication specifies a PIV data model, card edge interface and application programming interface. The report also provides editorial changes to clarify information in the earlier version. (For background, see "Updated Specification Issued for PIV Card Implementations," NIST Tech Beat, Oct. 14, 2008 [http://www.nist.gov/public_affairs/techbeat/tb2008_1014.htm].)
National Institute of Standards and Technology (NIST)
Wake-up call: Draft security pub looks at cell phones, PDAs
In recent years cell phones and PDAs-"Personal Digital Assistants"-have exploded in power, performance and features. They now often boast expanded memory, cameras, Global Positioning System receivers and the ability to record and store multimedia files and transfer them over wireless networks-in addition to the cell phone system-using WiFi, infrared and Bluetooth communications. Oh, yes, and make phone calls.
BIOSEK, evaluation methodology of different biometric systems
BIOSEK, is the design and set-up of an evaluation methodology and comparison of different biometric systems in real environments. The aim of this project is to design and set-up a laboratory which includes biometrics systems for authentication, and to develop a methodology to evaluate and compare them in order to give interested institutions and companies the possibility of high quality consultancy in the area, as well as to promote the medium and longterm research on these technologies. Outcomes of the project: ? Establish clear criteria to evaluate and compare the biometrics systems (existing and prototypes). ? Create a systematic methodology for evaluation and audit as an extension of a
More Authentication Systems Current Events and Authentication Systems News Articles
 |
Kerberos: A Network Authentication System by Brian Tung (Author) Provides a clear explanation of network security principles and basic concepts, while taking you through each element of the Kerberos system. Covers important information for developing Kerberized applications. Softcover. DLC: Computer networks--Security measures. |
|
Image Authentication System Image Tamper Detection Software by Epson | |
|
EkeyUSA Item# 130195 TOCAhome 3 white by EkeyUSA Systems TOCAhome 3 white -consist of 1 Fingerprint Reader,1 Control Panel w/ 1 relay,1 VAC power supply. Personal access problems are solved with ekeyTOCA products! The convenience of completely keyless entry, added security, and peace of mind replaces worries associated with the use of keys, PINs, and access cards. Situations such as loss, stolen, unauthorized copies made, shared codes becoming known, buddy punching, etc. Not to mention the time and money saved from managing numbers of keys, codes, and cards. TOCAhome 3 black are stand alone (no computer required) fingerprint biometric access control systems consisting of a weather resistant reader and a control panel. Desired users are entered and deleted at the control panel. An enrolled user swipes his/her finger at the reader. If the key... | |
 |
Advances in Biometric Person Authentication: International Workshop on Biometric Recognition Systems, IWBRS 2005, Beijing, China, October 22 23, 2005, ... Vision, Pattern Recognition, and Graphics) by Stan Z. Li (Editor), Zhenan Sun (Editor), Tieniu Tan (Editor), Sharath Pankanti (Editor), GĂ©rard Chollet (Editor), Zhang, David (Editor) This book constitutes the refereed proceedings of the International Workshop on Biometric Recognition Systems, IWBRS 2005, held in Beijing, China in October 2005 within the scope of ICCV 2005, the International Conference on Computer Vision. This workshop combines the annual Chinese Conference on Biometric Recognition (Sinobiometrics 2005). The 32 revised full papers were carefully reviewed and selected from 130 submissions. The papers address the problems of automatic and reliable authentication of individuals in face, iris, fingerprint, palmprint, speaker, writing and other biometrics, and contribute new ideas to research and development of reliable and practical solutions for biometric authentication. |
|
Fujitsu Implements PalmSecure Biometric Palm Vein Authentication System for Electronic Medical Record Access at Hospital Operated by National Institute ... Sciences.: An article from: JCN Newswires by Gale Reference Team (Author) This digital document is an article from JCN Newswires, published by Thomson Gale on February 27, 2007. The length of the article is 1076 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser. Citation Details Title: Fujitsu Implements PalmSecure Biometric Palm Vein Authentication System for Electronic Medical Record Access at Hospital Operated by National Institute of Radiological Sciences. Author: Gale Reference Team Publication: JCN Newswires (Magazine/Journal) Date: February 27, 2007 Publisher: Thomson Gale Page: NA Distributed by Thomson... | |
|
SONICWALL AUTHENTICATION SVC by Sonic Systems, Inc. | |
|
User Authentication Systems and Role-Based Security For ITT Technical Institute by Inc. Pearson Education (Author) | |
|
AUTHENEX ASAS TO SUPPORT MICROSOFT ISA SERVER.(Authenex Strong Authentication System supports Microsoft's Internet Security and Acceleration Server 2000): ... article from: Federal Computer Market Report by Millin Publishing, Inc. (Publisher) This digital document is an article from Federal Computer Market Report, published by Millin Publishing, Inc. on May 13, 2002. The length of the article is 550 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser. Citation Details Title: AUTHENEX ASAS TO SUPPORT MICROSOFT ISA SERVER.(Authenex Strong Authentication System supports Microsoft's Internet Security and Acceleration Server 2000) Publication: Federal Computer Market Report (Newsletter) Date: May 13, 2002 Publisher: Millin Publishing, Inc. Volume: 26 Issue: 9 Page: 8 Distributed by Thomson... | |
|
SonicWALL Authentication Service For SonicWALL SOHO Products by Sonic Systems, Inc. FOR SOHO2 | |
 |
EkeyUSA Item# 100231 Round Cover - Stainless Steel by EkeyUSA Systems Round Cover - Stainless Steel |
| © 2009 BrightSurf.com |