Beyond the U.S., organizations and corporations are starting to recognize the value of identity standards and federated identity. HSPD-12 and the ensuing FIPS 201 standards have laid a great foundation. Now is the time to take FIPS 201 to the next level and enable entities outside the federal government to utilize these standards.
Two key areas of development are needed.
First, to eliminate duplication, a scalable credential number system needs to be developed to enable any group to obtain an organizational identifier that is controlled by an internationally recognized authority.
Then organizations will need to be allocated numbering space where they can issue a globally unique ID number to their personnel. Although this may be a small technical issue, defining who and what organizations govern the numbering space will be a more significant challenge. Currently, there are some good models to look at, such as the work that has been done for IPv6 addresses and bank routing numbers.
The second key issue facing the FIPS-201 data model is the need for a mutual authentication and secure channel protocol between the card and the receiving system.
Both mutual authentication and secure channel protocol enable contactless biometrics and stored value while enhancing privacy. Mutual authentication has been at the core of closed smart card systems for many years, yet this requirement poses a number of technical challenges in open system architectures.
How do you register a system with a card and a card with the system? Who should be able to register a credential to a system–the end user or card administrator? These will be tough policies and technological challenges that need to be answered.
Getting past these two hurdles will enable the FIPS 201 standard to be applied to any ID management system and, more importantly, support federation between identity systems that follow the standards.
There will be other issues that need to be addressed, such as rating and balancing background checks and match-on-card biometrics. Another concern will be what form factor should the next identity tokens take on as in the card versus the NFC-enabled phone? Addressing these two issues will make FIPS 201 a sound foundation for international acceptance.
Roehr is also chair of Smart Card Alliance’s Physical Access Council
About the AVISIAN Publishing Expert Panel
At the close of each year, AVISIAN Publishing’s editorial team selects a group of key leaders from various sectors of the ID technology market to serve as Expert Panelists. Each individual is asked to share their unique insight into what lies ahead. During the month of December, these panelist’s predictions are published daily at the appropriate title within the AVISIAN suite of ID technology publications: SecureIDNews.com, ContactlessNews.com, CR80News.com, RFIDNews.org, FIPS201.com, NFCNews.com, ThirdFactor.com, and DigitalIDNews.com. ![[end]](/resources/bullet/archive-4.gif)
