Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: David Cooper (Fed)

Displaying 26 - 50 of 67

Derived PIV Application and Data Model Test Guidelines

June 6, 2016

Author(s)

David Cooper, Hildegard Ferraiolo, Ramaswamy Chandramouli, Nabil Ghadiali, Jason Mohler, Steven Brady

NIST Special Publication (SP) 800-157 contains technical guidelines for the implementation of standards-based, secure, reliable, interoperable Public Key Infrastructure (PKI)-based identity credentials that are issued for mobile devices by federal

Best Practices for Privileged User PIV Authentication

April 21, 2016

Author(s)

Hildegard Ferraiolo, David Cooper, Andrew R. Regenscheid, Karen Scarfone, Murugiah P. Souppaya

The Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) on October 30, 2015, requires that federal agencies use Personal Identity Verification (PIV) credentials for authenticating privileged users

PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 compliance)

April 13, 2016

Author(s)

David Cooper, Hildegard Ferraiolo, Ramaswamy Chandramouli, Jason Mohler

NIST Special Publication (SP) 800-73 contains the technical specifications to interface with the smart card to retrieve and use the Personal Identity Verification (PIV) identity credentials. This document, SP 800-85A, contains the test assertions and test

Interfaces for Personal Identity Verification [including updates as of 02-08-2016]

February 11, 2016

Author(s)

David Cooper, Hildegard Ferraiolo, Ketan Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler

[Superseded by SP 800-73pt1-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957973 SP 800-73pt2-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957975 SP 800-73pt3-5 (July 2024): https://tsapps.nist.gov

Cardholder Authentication for the PIV Digital Signature Key

June 18, 2015

Author(s)

William Polk, Hildegard Ferraiolo, David Cooper

FIPS 201-2 requires explicit user action by the Personal Identity Verification (PIV) cardholder as a condition for use of the digital signature key stored on the card. This document clarifies the requirement for explicit user action to encourage the

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

May 28, 2015

Author(s)

Tim Polk, Donna F. Dodson, William Burr, Hildegard Ferraiolo, David Cooper

[Superseded by SP 800-78-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957979] This document contains the technical specifications needed for the mandatory and optional cryptographic keys specified in FIPS 201 as well as the

Interfaces for Personal Identity Verification

May 29, 2015

Author(s)

David Cooper, Hildegard Ferraiolo, Ketan L. Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler

[Superseded by SP 800-73-4 (May 2015, w/updates as of 2/8/2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920323] FIPS 201 defines the requirements and characteristics of a government-wide interoperable identity credential. FIPS 201

Guidelines for Derived Personal Identity Verification (PIV) Credentials

December 19, 2014

Author(s)

Hildegard Ferraiolo, David A. Cooper, Salvatore Francomacaro, Andrew R. Regenscheid, Jason Mohler, Sarbari Gupta, William E. Burr

This recommendation provides technical guidelines for the implementation of standards-based, secure, reliable, interoperable PKI-based identity credentials that are issued by Federal departments and agencies to individuals who possess and prove control

Personal Identity Verification (PIV) of Federal Employees and Contractors

September 4, 2013

Author(s)

National Institute of Standards and Technology (NIST), Hildegard Ferraiolo, David Cooper, Salvatore Francomacaro, Ketan Mehta, Annie W. Sokol

[Superseded by FIPS 201-3 (January 2022) https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934136] This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. The

NIST Test Personal Identity Verification (PIV) Cards

July 12, 2012

Author(s)

David A. Cooper

In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, NIST has developed a set of test PIV Cards and a supporting public key infrastructure. This set of test cards includes not

BIOS Protection Guidelines

April 29, 2011

Author(s)

David Cooper, William Polk, Andrew Regenscheid, Murugiah Souppaya

This document provides guidelines for preventing the unauthorized modification of Basic Input/Output System (BIOS) firmware on PC client systems. Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

December 31, 2010

Author(s)

William Polk, Donna F. Dodson, William E. Burr, Hildegard Ferraiolo, David Cooper

[Superseded by SP 800-78-4 (May 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918499] This document contains the technical specifications needed for the mandatory and optional cryptographic keys specified in FIPS 201 as well as the

Maintaining and Using Key History on Personal Identity Verification (PIV) Cards

June 18, 2010

Author(s)

David A. Cooper

NIST Special Publication 800-73-3 introduces the ability to store retired Key Management Keys within the Personal Identity Verification (PIV) Card Application on a PIV Card. This paper complements SP 800-73-3 by providing some of the rationale for the