FB pixel

FIDO Alliance paper details extending PKI security with authentication standards

 

The FIDO Alliance has released a new white paper in support of the U.S. Commission on Enhancing National Cybersecurity’s recommendations for all agencies to use strong authentication across all government systems.

Titled “Leveraging FIDO Standards to Extend the PKI Security Model in United States Government Agencies,” the paper describes the use of FIDO solutions to improve cybersecurity within the government environment and act as a complement to traditional PKI.

Developed by FIDO’s Public Policy and Privacy Working Group (P3WG), the paper outlines the many benefits of a FIDO-inclusive method of providing other authentication solutions that are both easier to use and to integrate with legacy applications.

These authentication solutions still provide the same core security associated with asymmetric public key cryptography

Though the Derived PIV Credential (DPC) program allows the issuance of a separate PKI certificate by proving possession of a PIV Card, the DPC workflow detailed in NIST 800-157 can be used to issue a FIDO public/private key pair, linked to the same identity record associated with the PIV card.

The main difference is that the key pair is part of a “lightweight” key pair instead of a “full” public key infrastructure.

For individuals in the government ecosystem that are not required to obtain a PIV, FIDO offers an alternative method that is more affordable, management and easier to use.

Using this method would ensure that individuals have a strong authentication based on public key cryptography.

The paper emphasizes that PIV is still the highest standard for authentication in the U.S. government, and will remain an essential aspect of the federal enterprise.

But as agencies work towards fulfilling the Commission’s recommendations, facilitating a method that extends PIV solutions with FIDO can improve the security across the Federal enterprise and help the U.S. to more effectively secure digital assets.

FIDO asserts that while eliminating password-based breaches by 2021 would be a significant challenge, it is not an entirely impossible goal.

Previously reported, the new FIDO Certified showcase provides deploying organizations with a one-stop shop to learn about the companies and products that can bring FIDO Authentication to their users.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

Sri Lanka’s biometric hardware market to grow with SL-UDI

Sri Lanka’s biometric hardware market is poised for growth with the implementation of Sri Lanka Unique Digital Identity (SL-UDI) by…

 

DHS’s compliance with AI privacy, civil liberties requirements lacking, IG says

The Department of Homeland Security (DHS) has made strides in developing policies and frameworks to govern its AI use, including…

 

Age assurance in shops reduces lineups, eases staff burdens and improves security

Age assurance technologies are increasingly being deployed for point-of-sale use cases, and proving effective at curtailing the sale of restricted…

 

Amazon firm: fired worker deserved it. Less so on its cop FR ban

The wrongful-firing lawsuit filed against Amazon Web Services in the UK has gained a new life. An October dismissal of…

 

Only 0.1% of people can tell a deepfake, says iProov

Only a tiny fraction of people – 0.1 percent – can accurately distinguish between real and fake content such as…

 

Ukraine tests compatibility with EUDI Wallet

Ukraine has successfully tested its compatibility with the European Union Digital Identity (EUDI) Wallet, allowing its citizens to use digital…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events