Software Helps Developers Get Started with PIV Cards

Jul 10, 2008
Software Helps Developers Get Started with PIV Cards
The NIST demonstration software provides examples of incorporating Personal Identity Verification cards to control access to government computers. As shown, an employee will have to swipe her PIV card that holds her unique identifying information before she can access her computer. Credit: Department of Defense

The National Institute of Standards and Technology has developed two demonstration software packages that show how Personal Identity Verification (PIV) cards can be used with Windows and Linux systems to perform logon, digital signing and verification, and other services. The demonstration software, written in C++, will assist software developers, system integrators and computer security professionals as they develop products and solutions in response to Homeland Security Presidential Directive 12 and the FIPS 201-1 standard.

"We wanted to provide IT professionals with a model of one way that PIV cards can be used to support authentication to federal information systems," explains Donna Dodson, deputy director of the NIST Computer Security Division. "Our objective was not to say 'do the steps this way,' but to show an example of how you might proceed."

Homeland Security Presidential Directive 12 calls for government employees and contractors to use secure identity credentials to access federal facilities and computers. NIST worked with industry to develop the standards for the PIV cards that will be used for those purposes. Each card contains a unique number, two of the employee's biometric fingerprint templates, and cryptographic keys stored on an electronic chip embedded in the card's plastic body.

While each federal agency will implement the use of PIV cards on its own schedule, NIST computer scientists developed the software to demonstrate that PIV cards can work with common computer activities such as system logon. The typical process of keying in user name and password will be replaced with the user inserting his/her PIV card in a reader and entering a personal identification number (PIN). This secure logon could eliminate the need for passwords for other applications and could provide access to secure databases to which the user is authorized.

The PIV Crypto Service Provider (CSP) demonstrates Windows XP Logon with PIV cards. The Public Key Cryptography Standard #11 module was developed to operate in the Fedora Core 5 environment and to implement Linux Logon, signing and encrypting email (following the S/MIME standard) and Web site authentication (following the SSL/TLS standard), configured in Linux OS, Thunderbird and Firefox applications.

The software is available at csrc.nist.gov/groups/SNS/piv/download.html

Source: National Institute of Standards and Technology

Explore further: Catch the northern lights with your mobile

add to favorites email to friend print save as pdf

Related Stories

Uganda seizes massive ivory and pangolin haul

23 minutes ago

Ugandan wildlife officers have seized a huge haul of elephant ivory and pangolin scales, representing the deaths of hundreds of endangered animals, police said Sunday.

Navy wants to increase use of sonar-emitting buoys

13 minutes ago

The U.S. Navy is seeking permits to expand sonar and other training exercises off the Pacific Coast, a proposal raising concerns from animal advocates who say that more sonar-emitting buoys would harm whales and other creatures ...

Standalone wireless info display device an easy fit

6 hours ago

A Latvian team has come up with a good-looking WiFi display device, connecting to the Internet using WiFi, which runs on a high-capacity built-in battery and tracks what's important to you. This is a standalone ...

Recommended for you

Catch the northern lights with your mobile

17 hours ago

Updates on the best opportunities to spot the Northern Lights in the UK are now available on a mobile phone app developed in association with scientists at Lancaster University.

App improves the safety of blind pedestrians in cities

Jan 22, 2015

Siemens is developing a system that helps blind and visually impaired people walk safely through cities. In cooperation with the Technical University of Braunschweig and several partners, Siemens is working ...

Nadella: Microsoft aspires to get consumers 'loving Windows'

Jan 22, 2015

Microsoft upped its bid to capture the hearts and minds of technology consumers Wednesday with Windows 10, announcing everything from free upgrades for the majority of Windows users to support for nascent holographic dis ...

WhatsApp adds messaging from Web

Jan 21, 2015

The popular mobile messaging application WhatsApp, acquired by Facebook last year for nearly $22 billion, unveiled a new service Wednesday for sending messages from a Web browser.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.