How can agencies assess their existing infrastructure to tell if they are FIPS 201 complaint?
FIPS 201 is a Federal Information Processing Standard, and therefore is itself the authoritative reference for conformance. The standard extends, however, to additional, more specific documents. The PIV infrastructure consists of three broad subsystems: the front-end subsystem, the card issuance and management subsystem, and the access control subsystem. The front-end subsystem includes PIV Cards, card readers, biometric devices, and terminal equipment. SP800-85 describes conformance tests for PIV Cards and middleware, and these are implemented by the NPIVP testing laboratories. The card issuance and management subsystem includes user enrollment workstations and equipment, the PKI infrastructure used to produce certificates, PIV workflow and records management elements, and PIV Card personalization and delivery elements. SP800-79 describes the commissioning and accreditation processes for card issuance and management subsystems. The access control subsystem includes logical and physica
Related Questions
- I have an existing RAC database on a hardware cluster. Can I install the Infrastructure using CFC on the same hardware cluster?
- Who are some of the agencies involved in existing partnerships? Are they only from American and European countries?
- How much of VSNLs existing infrastructure comes into play in DLD?
