Cart
0
Product
Products
(empty)
No products
To be determined
Shipping
$0.00
Total
Product successfully added to your shopping cart
Quantity
Total
There are 0 items in your cart.
There is 1 item in your cart.
Total products
Total shipping
To be determined
Total
Sale!
View larger
View larger
ANSI/INCITS 504-1
New product
ANSI/INCITS 504-1 2013 Edition, April 24, 2013 Information Technology - Generic Identity Command Set - Part 1: Card Application Command Set
More info
Description / Abstract:
This part of the multi-part GICS standard defines a command set
for base functionality addressing:
• Identity credential storage (Namespace standardization)
• Authentication protocols
• Biometric verification1
• Confidentiality protocols
• Digital signatures
In the context of the GICS, this part is based on ISO/IEC 24727-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-73-3. Any additional commands are drawn from ISO/IEC 7816-4, -8, and -9.
The GICS standard defines a command set and a base functionality that offers the possibility to create, personalize, and use a compliant PIV and PIV-I card-application according NIST SP 800-73-3.
The standard defines a set of extensions to the SP 800-73-3 so that card-application issuers may have added flexibility in extending their data model while allowing relying parties to interoperably use the cards from different issuers. These extensions would favor the penetration of GICS standard at three levels. Manufactures will be able to minimize design and implementation costs; card issuers will manage a simple platform based on a successful and largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The following set of extensions to SP 800-73-3 is addressed in this document:
• Data model extension –The GICS standard allows formulation of different data elements and objects. Various data types are defined allowing card applications to store data according to their needs. The data size, data identifiers, and data access control rules are flexible to meet client-application needs.
• Authentication protocols –The PIV application currently supports Personal Identification Number (PIN) authentication (card authenticating card holder), Internal Authentication (reader authenticating card), External Authentication (card authenticating issuer), Signing, and Encryption. This standard adds Mutual Authentication, Key Agreement, and Secure Messaging protocols.
• GICS and ISO/IEC 24727: GICS standard allows interoperation with middleware compliant with ISO/IEC 24727. At a minimum, the discoverability mechanism (boot strap) based on the Card Capability Description (CCD) and / or Application Capability Description (ACD), as defined in ISO/IEC 24727, is supported by this standard.
• FIPS 140-2 certifications – The GICS standard is designed to allow card-applications constructed on this standard to minimize impact on FIPS 140-2 certification.
Purpose
The purpose of this part of the GICS standard is to define a set of data structures and commands for the general-purpose use of multiple identity credentials resident on a single platform.
1 Note that the document does not completely specify biometric verification but only includes tags for biometric data for future use.
• Identity credential storage (Namespace standardization)
• Authentication protocols
• Biometric verification1
• Confidentiality protocols
• Digital signatures
In the context of the GICS, this part is based on ISO/IEC 24727-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-73-3. Any additional commands are drawn from ISO/IEC 7816-4, -8, and -9.
The GICS standard defines a command set and a base functionality that offers the possibility to create, personalize, and use a compliant PIV and PIV-I card-application according NIST SP 800-73-3.
The standard defines a set of extensions to the SP 800-73-3 so that card-application issuers may have added flexibility in extending their data model while allowing relying parties to interoperably use the cards from different issuers. These extensions would favor the penetration of GICS standard at three levels. Manufactures will be able to minimize design and implementation costs; card issuers will manage a simple platform based on a successful and largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The following set of extensions to SP 800-73-3 is addressed in this document:
• Data model extension –The GICS standard allows formulation of different data elements and objects. Various data types are defined allowing card applications to store data according to their needs. The data size, data identifiers, and data access control rules are flexible to meet client-application needs.
• Authentication protocols –The PIV application currently supports Personal Identification Number (PIN) authentication (card authenticating card holder), Internal Authentication (reader authenticating card), External Authentication (card authenticating issuer), Signing, and Encryption. This standard adds Mutual Authentication, Key Agreement, and Secure Messaging protocols.
• GICS and ISO/IEC 24727: GICS standard allows interoperation with middleware compliant with ISO/IEC 24727. At a minimum, the discoverability mechanism (boot strap) based on the Card Capability Description (CCD) and / or Application Capability Description (ACD), as defined in ISO/IEC 24727, is supported by this standard.
• FIPS 140-2 certifications – The GICS standard is designed to allow card-applications constructed on this standard to minimize impact on FIPS 140-2 certification.
Purpose
The purpose of this part of the GICS standard is to define a set of data structures and commands for the general-purpose use of multiple identity credentials resident on a single platform.
1 Note that the document does not completely specify biometric verification but only includes tags for biometric data for future use.