What is the rationale behind the selection of smart card, fingerprint, and PKI technologies?
The presidential directive required a standard for secure and effective identification and authentication of federal employees and contractors but did not specify how to achieve it. DoC/NIST proposed using a single form factor (credit-card-sized printable badge) containing one or more integrated circuit chips in order to create a portable means to store and process data in a secure manner. Many organizations already have adopted smart card standards and technology for identity verification. Cryptography can be used to provide data integrity and confidentiality protection for data communications and storage. A Public Key Infrastructure can provide the support system needed to deploy and protect the cryptographic keys. Of the several potential means of personal biometric marker verification (e.g., DNA, iris scans, hand geometry, handwritten signatures, facial images, or fingerprints), fingerprints were chosen as being the least invasive and most cost-effective, reliable, repeatable, and
