FIPS-201 hits the street
GCN Insider | TRENDS & TECHNOLOGIES that affect the way government does IT
- By Brad Grimes
- Jul 06, 2006
With a fall deadline looming for federal agencies to start issuing Personal Identity Verification cards in compliance with Homeland Security Presidential Directive 12, the question on many minds is: When will the General Services Administration start approving products and services that adhere to the necessary standards? In this case, the National Institute of Standards and Technology's FIPS-201 standards.VeriSign Inc.
of Mountain View, Calif., said recently that its Shared Service Provider Public Key Infrastructure
technology had received GSA approval, opening the door for agencies to use it in their PIV deployments.
George Schu, VeriSign's public sector head and a former Navy officer, said the company was the first FIPS-201-certified shared-services provider, building on its base of managed security solutions for government. In February 2004, the Federal Identity Credentialing Committee established requirements and a process for certifying vendors to provide PKI and smart-card issuing services for federal agencies. FICC spelled out a common identity credential for physical and logical access to Federal facilities and IT systems. In July 2004 VeriSign was the first provider certified by FICC. The company said its government-approved shared services mirror the managed PKI system it's been offering to other customers for about a decade.