Date Published: January 2016
Author(s)
Michael Bartock (NIST), Jeffrey Cichonski (NIST), Murugiah Souppaya (NIST), Paul Fox (Microsoft), Mike Miller (Microsoft), Ryan Holley (Intercede), Karen Scarfone (Scarfone Cybersecurity)
This report documents proof of concept research for Derived Personal Identity Verification (PIV) Credentials. Smart card-based PIV Cards cannot be readily used with most mobile devices, such as smartphones and tablets, but Derived PIV Credentials (DPCs) can be used instead to PIV-enable these devices and provide multi-factor authentication for mobile device users. This report captures existing requirements related to DPCs, proposes an architecture that supports these requirements, and then demonstrates how such an architecture could be implemented and operated.
This report documents proof of concept research for Derived Personal Identity Verification (PIV) Credentials. Smart card-based PIV Cards cannot be readily used with most mobile devices, such as smartphones and tablets, but Derived PIV Credentials (DPCs) can be used instead to PIV-enable these...
See full abstract
This report documents proof of concept research for Derived Personal Identity Verification (PIV) Credentials. Smart card-based PIV Cards cannot be readily used with most mobile devices, such as smartphones and tablets, but Derived PIV Credentials (DPCs) can be used instead to PIV-enable these devices and provide multi-factor authentication for mobile device users. This report captures existing requirements related to DPCs, proposes an architecture that supports these requirements, and then demonstrates how such an architecture could be implemented and operated.
Hide full abstract
Keywords
authentication; credentials; derived credentials; Derived PIV Credential (DPC); electronic authentication; electronic credentials; mobile devices; Personal Identity Verification (PIV); smart cards
Control Families
Access Control; Configuration Management; Identification and Authentication; System and Communications Protection