Smart Card Alliance Publishes White Paper on Commercial Identity Verification (CIV) Credentials for Enterprises
Princeton Junction, N.J., October 24, 2011–Enterprises looking at options for secure physical and IT access now have a new resource from the Smart Card Alliance Physical Access Council, which just released a white paper on “The Commercial Identity Verification (CIV) Credential–Leveraging FIPS 201 and the PIV Specifications: Is the CIV Credential Right for You?” The white paper defines the CIV credential and describes benefits, best practices and technical requirements for establishing a secure, reliable, electronically verifiable identity program based on broadly-deployed standards.
Download the white paper here: /publications-the-commercial-identity-verification-civ-credential-leveraging-fips-201-and-the-piv-specifications.
“A huge benefit for enterprises today is that they don’t have to reinvent the wheel in order to implement a secure and trusted IT and physical access security system. The U.S. federal government has already created the standards and policies, and the products and systems are readily available,” said Lars Suneborn, Hirsch Electronics and the Chair of the Physical Access Council. “We created this white paper to provide guidance on how enterprises can implement a standards-based identity credentialing program within their own organizations through the use of the CIV credential.”
Commercial Identity Verification, or CIV, credentials are based on the same technology and specifications as Personal Identity Verification (PIV) and PIV-Interoperable (PIV-I) smart card credentials used today by government agency employees and contractors to access government buildings and facilities, to log on to computers, and to access controlled websites. PIV and PIV-I credentials require that credentials are cross-certified so they can be used and trusted across all federal agencies. CIV credentials would not carry this requirement, so any enterprise can create, issue, and use CIV credentials according to requirements established within that enterprise’s unique corporate environment.
The white paper provides an overview of PIV, PIV-I and CIV Credentials, and explores these topics:
- Definition of the CIV credential similarities to and differences from PIV-I and PIV credentials
- Corporate benefits of adopting the CIV credential
- Planning considerations
- Implementation considerations and best practices
- CIV credential use cases
“This white paper illustrates how a corporate enterprise can leverage the FIPS 201 and PIV standards to create a CIV credentialing program for use commercially that will improve efficiency and reduce resources while sustaining and maintaining physical and IT security,” said Randy Vanderhoof, executive director of the Smart Card Alliance.
Participants involved in the development of this white paper included: ActivIdentity; AMAG Technology; Bioscrypt/L-1 Identity Solutions; Booz Allen Hamilton; Codebench, Inc.; Datacard Group; Datawatch Systems Inc.; Diebold; E & M Technologies; HID Global; HP Enterprise Services; IDenticard; Identification Technology Partners; Identive Group (Hirsch Electronics / SCM Microsystems); IDmachines; Intellisoft; NagraID Security; NXP Semiconductors; Roehr Consulting; SAIC; Tyco Software House; Unisys; U.S. Department of State; XTec, Inc.
PIV, PIV-I, and CIV credentials will be further explored at the 10th Annual Smart Card Alliance Government Conference, November 2–4, 2011 at the Ronald Reagan International Trade Center in Washington, DC, with pre-conference workshops on November 1st. Details on the agenda, pricing, sponsors and exhibitors, and registration can be found on the Smart Card Alliance Web site.
About the Physical Access Council
The Smart Card Alliance Physical Access Council is focused on accelerating widespread acceptance, use, and application of smart card technology for physical access control. The Council brings together leading users and technologists from both the public and private sectors in an open forum and works on activities that are important to the physical access industry and address key issues that end user organizations have in deploying new physical access system technology. The Physical Access Council includes participants from across the smart card and physical access control system industry, including end users; smart card chip, card, software, and reader vendors; physical access control system vendors; and integration service providers.
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.
Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.securetechalliance.org.