NIST drafts rules to certify ID card makers
Draft guidelines have been released to help agencies verify that organizations issuing governmentwide identification cards are up to the job.
The new cards were mandated in Homeland Security Presidential Directive 12. More detailed objectives for the Personal ID Verification (PIV) Card were laid out in Federal Information Processing Standard 201, and specifications for the standard are spelled out in a series of special publications from the National Institute of Standards and Technology.
A requirement of HSPD 12 is that card issuers be accredited. NIST publication SP 800-79 provides guidelines for certifying and accrediting card-issuing organizations.
Agencies must have plans in place for implementing HSPD 12 this year and have until October 2007 to begin issuing the cards. Each agency will be responsible for certifying and accrediting the issuer of its cards.
Comments on the draft guidelines should be e-mailed by July 10 to PIVaccreditation@nist.gov
To read the draft guidelines, go to www.gcn.com
and enter 438 in the GCN.com/box.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.