Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

NIST

Plug-and-Play Biometrics

September 1, 2012
By Rita Boland
  A U.S. paratrooper uses a handheld identity detection device to scan an Afghan man's iris while on patrol in Afghanistan's Ghazni province.
  A U.S. paratrooper uses a handheld identity detection device to scan an Afghan man's iris while on patrol in Afghanistan's Ghazni province.

Government scientists have introduced a command and control protocol designed to bring interoperability to the world of biometrics. Manufacturers now can experiment with the open design in their products, offering more flexible, less expensive technologies for authenticating identities.

This National Institute of Standards and Technology (NIST) project enables the sharing of data among biometrics sensors over wired or wireless networks via Web services (WS). Called the WS-Biometric Devices, or WS-BD, the protocol allows developers to create connections among biometric capture devices and clients connected on a network or through the Internet. “We did a lot of work to make it modality-agnostic,” Kevin Mangold, a computer scientist at NIST, explains. “You can use the same interface for ... pretty much any biometric you can think of.”

Departments: 
Cyber
read more

Better 
Security Is in the Cards

September 1, 2012
By Max Cacas
Patrick Grother is a computer scientist with the NIST Information Technology Laboratory, in charge of the biometric portion of the FIPS 201 update.  
Patrick Grother is a computer scientist with the NIST Information Technology Laboratory, in charge of the biometric portion of the FIPS 201 update.  

The Personal Identity Verification cards used by every federal worker and contractor are being revised to address the technology advances that have occurred since the card standards were published in 2005. Changes are expected to reflect improvements in identity verification using biometrics and to address integration of mobile devices as well as to manage credentials in a more cost effective manner.

Each Personal Identity Verification (PIV) card carries an integrated circuit chip that stores encrypted electronic information about the cardholder, a unique personal identification number, a printed photograph and two electronically stored fingerprints. Along with being used to control access to facilities, some federal agencies use PIV cards with readers to control access to computers and networks. The Federal Information Processing Standards 201 (FIPS 201) ensures that the PIV card will be interoperable across the government.

The update to FIPS 201, which defines the operation of the PIV cards, is being managed by the Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST). NIST expects to publish the final draft of the standard, which will be called FIPS 201- in the spring of 2013. The standard is currently in the comment period.

Departments: 
Cyber
Defense
read more

NIST Reviews Security Guidelines

September 28, 2011
By Henry Kenyon

The National Institute of Standards and Technology (NIST) has released the initial public draft of the first revision of the Guide for Conducting Risk Assessments (Special Publication 800-30). This revision shifts the focus of the guidelines from management to assessment, and NIST Special Publication 800-39 now replaces Special Publication 800-30 as the authoritative source of comprehensive risk management guidance.

read more
Subscribe to RSS - NIST