Software Helps Developers Get Started with PIV Cards

Jul 10, 2008
Software Helps Developers Get Started with PIV Cards
The NIST demonstration software provides examples of incorporating Personal Identity Verification cards to control access to government computers. As shown, an employee will have to swipe her PIV card that holds her unique identifying information before she can access her computer. Credit: Department of Defense

The National Institute of Standards and Technology has developed two demonstration software packages that show how Personal Identity Verification (PIV) cards can be used with Windows and Linux systems to perform logon, digital signing and verification, and other services. The demonstration software, written in C++, will assist software developers, system integrators and computer security professionals as they develop products and solutions in response to Homeland Security Presidential Directive 12 and the FIPS 201-1 standard.

"We wanted to provide IT professionals with a model of one way that PIV cards can be used to support authentication to federal information systems," explains Donna Dodson, deputy director of the NIST Computer Security Division. "Our objective was not to say 'do the steps this way,' but to show an example of how you might proceed."

Homeland Security Presidential Directive 12 calls for government employees and contractors to use secure identity credentials to access federal facilities and computers. NIST worked with industry to develop the standards for the PIV cards that will be used for those purposes. Each card contains a unique number, two of the employee's biometric fingerprint templates, and cryptographic keys stored on an electronic chip embedded in the card's plastic body.

While each federal agency will implement the use of PIV cards on its own schedule, NIST computer scientists developed the software to demonstrate that PIV cards can work with common computer activities such as system logon. The typical process of keying in user name and password will be replaced with the user inserting his/her PIV card in a reader and entering a personal identification number (PIN). This secure logon could eliminate the need for passwords for other applications and could provide access to secure databases to which the user is authorized.

The PIV Crypto Service Provider (CSP) demonstrates Windows XP Logon with PIV cards. The Public Key Cryptography Standard #11 module was developed to operate in the Fedora Core 5 environment and to implement Linux Logon, signing and encrypting email (following the S/MIME standard) and Web site authentication (following the SSL/TLS standard), configured in Linux OS, Thunderbird and Firefox applications.

The software is available at csrc.nist.gov/groups/SNS/piv/download.html

Source: National Institute of Standards and Technology

Explore further: Mobile app could speed O'Hare passport lines

Related Stories

Ears, grips and fists take on mobile phone user ID

4 hours ago

A research project has been under way to explore a biometric authentication system dubbed Bodyprint, with interesting test results. Bodyprint has been designed to detect users' biometric features using the ...

More than 2,200 confirmed dead in Nepal earthquake

4 hours ago

A powerful aftershock shook Nepal on Sunday, making buildings sway and sending panicked Kathmandu residents running into the streets a day after a massive earthquake left more than 2,200 people dead.

Magnitude 6.7 aftershock hits Nepal, causes panic

4 hours ago

A powerful aftershock shook Nepal on Sunday, making buildings sway and sending panicked Kathmandu residents running into the streets a day after a massive earthquake left at least 1,900 people dead.

Nepal quake: Nearly 1,400 dead, Everest shaken (Update)

15 hours ago

Tens of thousands of people were spending the night in the open under a chilly and thunderous sky after a powerful earthquake devastated Nepal on Saturday, killing nearly 1,400, collapsing modern houses and ...

Russian hackers read Obama emails, report says

15 hours ago

Emails to and from President Barack Obama were read by Russian hackers last year in a breach of the White House's unclassified computer system, The New York Times said Saturday.

Recommended for you

Google's Waze app to alert kidnappings in LA

Apr 22, 2015

Alerts about hit-and-runs and kidnappings in Los Angeles will soon pop up on traffic app Waze, along with road closure information, the West Coast city's mayor said.

How the first smart shopping mall in Europe works

Apr 21, 2015

Researchers from Zendos TecnologĂ­a and the IMDEA Networks Institute have developed an innovative tool to analyze the behavior of customers and visitors to shopping malls. The result is a technological platform called Ubicua ...

Energy-tracking app encourages sustainable behaviors

Apr 21, 2015

For a generation motivated by technology and fast-moving information, a professor at the University of Wisconsin-Madison has created an energy-tracking app to make reducing day-to-day energy usage more accessible.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.