Difference between revisions of "Derived Credential"
From MgmtWiki
(→Problems) |
(→Solutions) |
||
| Line 11: | Line 11: | ||
==Solutions== | ==Solutions== | ||
| + | The US federal government relies on PIV [[Smart Card]]s to securely authenticate and identify employees and contractors when granting access to federal facilities and information systems for existing personal computer applications as well as for access control to buildings. That need is not going away so the existing PIV cards will continue to be issued. The [[Derived Credential]] specification has bee issued to help move this capability to small portable devices that cannot handle smart cards.<ref>NIST SP 1800-12, ''Derived PIV Credentials,'' https://www.nccoe.nist.gov/projects/building-blocks/piv-credentials</ref> | ||
==References== | ==References== | ||
Revision as of 15:47, 2 August 2018
Full Title or Meme
A credential that is derived from some other credential in order to use in a different environment.
Context
Credentials that were only provided in protected Smart Cards are now needed in other locations, like Smart Phones
Problems
- The is a constant churn in the technology that Users can carry with them.
- Many credentials have already been issued with yesterday's technology.
- The new technology cannot accommodate the older credential.
Solutions
The US federal government relies on PIV Smart Cards to securely authenticate and identify employees and contractors when granting access to federal facilities and information systems for existing personal computer applications as well as for access control to buildings. That need is not going away so the existing PIV cards will continue to be issued. The Derived Credential specification has bee issued to help move this capability to small portable devices that cannot handle smart cards.[1]
References
- ↑ NIST SP 1800-12, Derived PIV Credentials, https://www.nccoe.nist.gov/projects/building-blocks/piv-credentials
