The PIV-I Standard
Along the way, an identity management standard was identified by several states and the Working Group members as a tool that can enhance Cyber security via “validated identity based information sharing” using the federally approved PIV (Personal Identity Verification) and PIV-I (Personal Identity Verification – Interoperable) standards. (See chart below)
NOTE: PIV-I can be used as a credential for physical access or as a simple CYBER identity card for logical access.
This pilot will focus on logical access only, not credentialing and physical access.
1) Federal / State Government
PIV-I is a simple, relatively low cost trusted identity and credentialing standard developed by the Federal Government for non-Federal issuers (states/local/companies). Non-Federal entities that elect to conform to the PIV-I standard will be trusted by and interoperable with Federal agencies at very high assurance levels. The Cyber Security Division (CSD) within the DHS Science & Technology (S&T) Directorate, the FEMA Office of the National Capital Region Coordination (NCRC), the FEMA Office of the Chief Security Officer (OCSO), and the FEMA Office of the Chief Information Officer (OCIO) had partnered to convene the PIV-I/FRAC Technology Transition Working Group. This working group focused on exploring PIV-I (Personal Identity Verification – Interoperable) credentials as the standard that enables interoperability between Federal and mutual aid (State, Local and private sector) emergency response/recovery officials (F/EROs).
2) Private Sector
Additionally, the Transglobal Secure Collaboration Participation, Inc. (TSCP) is a 501(C)(6) non-profit technical trade association, established as a collaborative forum of worldwide stakeholders in the IT industry to address security issues within the federation and collaboration space. TSCP is the only government and industry partnership that has created a trust framework utilizing PIV-standards and solutions for secure electronic transmission and sharing of sensitive information internationally and across government and industry boundaries. TSCP specializes in the development of IT roadmaps, specifications, operating rules and trust frameworks where related applications are tested in their PIV-I production solutions lab environment and put into production within the TSCP community. TSCP specifications and related solutions have been widely implemented, and as such, they have had the ability to influence vendor roadmaps by having their specifications incorporated into government agency acquisition cycles.
3) State Government
At the same time the Commonwealth of Virginia was working on a pilot project with the private sector critical infrastructure owners and operators using PIV-I cards to share information between the participants. A number of other states are including the PIV-I standard for their credentialing needs in Texas, Pennsylvania, Colorado, Rhode Island, District of Columbia to name a few.
Along the way, an identity management standard was identified by several states and the Working Group members as a tool that can enhance Cyber security via “validated identity based information sharing” using the federally approved PIV (Personal Identity Verification) and PIV-I (Personal Identity Verification – Interoperable) standards. (See chart below)
- PIV Standard – to be used ONLY by federal agencies
- PIV-I Standard – to be used by states and non-federal organizations & private sector
NOTE: PIV-I can be used as a credential for physical access or as a simple CYBER identity card for logical access.
This pilot will focus on logical access only, not credentialing and physical access.
1) Federal / State Government
PIV-I is a simple, relatively low cost trusted identity and credentialing standard developed by the Federal Government for non-Federal issuers (states/local/companies). Non-Federal entities that elect to conform to the PIV-I standard will be trusted by and interoperable with Federal agencies at very high assurance levels. The Cyber Security Division (CSD) within the DHS Science & Technology (S&T) Directorate, the FEMA Office of the National Capital Region Coordination (NCRC), the FEMA Office of the Chief Security Officer (OCSO), and the FEMA Office of the Chief Information Officer (OCIO) had partnered to convene the PIV-I/FRAC Technology Transition Working Group. This working group focused on exploring PIV-I (Personal Identity Verification – Interoperable) credentials as the standard that enables interoperability between Federal and mutual aid (State, Local and private sector) emergency response/recovery officials (F/EROs).
2) Private Sector
Additionally, the Transglobal Secure Collaboration Participation, Inc. (TSCP) is a 501(C)(6) non-profit technical trade association, established as a collaborative forum of worldwide stakeholders in the IT industry to address security issues within the federation and collaboration space. TSCP is the only government and industry partnership that has created a trust framework utilizing PIV-standards and solutions for secure electronic transmission and sharing of sensitive information internationally and across government and industry boundaries. TSCP specializes in the development of IT roadmaps, specifications, operating rules and trust frameworks where related applications are tested in their PIV-I production solutions lab environment and put into production within the TSCP community. TSCP specifications and related solutions have been widely implemented, and as such, they have had the ability to influence vendor roadmaps by having their specifications incorporated into government agency acquisition cycles.
3) State Government
At the same time the Commonwealth of Virginia was working on a pilot project with the private sector critical infrastructure owners and operators using PIV-I cards to share information between the participants. A number of other states are including the PIV-I standard for their credentialing needs in Texas, Pennsylvania, Colorado, Rhode Island, District of Columbia to name a few.