FIPS 201-2
Title: Personal Identity Verification (PIV) of Federal Employees and Contractors
Category: Credential Requirements Specification
Date: 7/9/2012
Creator: NIST
URL: http://csrc.nist.gov/publications/drafts/fips201-2/draft_nist-fips-201-2_revised.pdf
Description: Specifies the architectural and technical requirements for the Personal Identity Verification (PIV) card
system for Federal employees and contractors. The document provides requirements in the area of identity
proofing, registration and issuance, as well as credential lifecycle and management requirements. Further
NIST documents incorporated by reference are SP 800-73, Interfaces for PIV; SP 800-76, Biometric Data
Specification for PIV; SP 800-78, Cryptographic Algorithms and Key Sizes for PIV; SP 800-79, Guidelines
for the Accreditation of PIV Card Issuers; SP 800-87, Codes for the Identification of Federal and
Federally-Assisted Organizations; SP 800-96, PIV Card to Reader Interoperability Guidelines; SP 800-156,
Representation of PIV Chain-of-Trust for Import and Export; and SP 800-157, Guidelines for PIV Derived
Credentials.
Privacy: Protection of personal privacy is an explicit objective of the PIV system, directly from HSPD-12. Agencies or
departments issuing PIV cards are required to assign a privacy official, conduct Privacy Impact
Assessments, identify information collected including its purpose, protection and disclosure policy, restrict
access to PII and define consequences for violating the privacy policies. Technology must permit continuous
auditing of compliance with privacy policies. The standard permits card issuers to maintain a documentary
chain-of-trust for collected identification data, this will contain PII which must be protected and disposed
according to agency policy.
Security:
Interoperability: The purpose of the standard is to promote interoperability among PIV system components, across
departments and agencies and across installations.
Terms: Access Control, Applicant, Application, Architecture, Asymmetric Keys, Authentication, Biometric,
Biometric Information, Capture, Cardholder, Card Management System, Certificate Revocation List,
Certification,
Certification Authority, Chain-of-trust, Comparison, Component, Conformance Testing, Credential,
Cryptographic Key, Authentication Assurance Level,
Federal Agency Smart Credential Number,
Federal Information Processing Standards, Hash Function,
Identification, Identifier, Identity, Identity Proofing,
Identity Registration, Identity Verification, Interoperability,
Issuer, Match, Model, Off-card, On-card, On-card Comparison, Online Certificate Status Protocol, Path Validation,
Personally Identifiable Information,
Personal Identification Number, Personal Identity Verification Card,
PIV Assurance Level, Private Key,
Pseudonyms, Public Key, Public Key Infrastructure,
Pki-card Authentication Key, PKI-PIV Authentication Key, Recommendation, Symmetric Key, Validation