درباره ما
ANSI INCITS 504-1
Information Technology - Generic Identity Command Set - Part 1: Card Application Command Set
Organization:
ANSI - American National Standards Institute
Year: 2013
Abstract: This part of the multi-part GICS standard defines a command set for base functionality addressing:
• Identity credential storage (Namespace standardization)
• Authentication protocols
• Biometric verification1
• Confidentiality protocols
• Digital signatures
In the context of the GICS, this part is based on ISO/IEC 24727-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-73-3. Any additional commands are drawn from ISO/IEC 7816-4, -8, and -9.
The GICS standard defines a command set and a base functionality that offers the possibility to create, personalize, and use a compliant PIV and PIV-I card-application according NIST SP 800-73-3.
The standard defines a set of extensions to the SP 800-73-3 so that card-application issuers may have added flexibility in extending their data model while allowing relying parties to interoperably use the cards from different issuers. These extensions would favor the penetration of GICS standard at three levels. Manufactures will be able to minimize design and implementation costs; card issuers will manage a simple platform based on a successful and largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The following set of extensions to SP 800-73-3 is addressed in this document:
• Data model extension –The GICS standard allows formulation of different data elements and objects. Various data types are defined allowing card applications to store data according to their needs. The data size, data identifiers, and data access control rules are flexible to meet client-application needs.
• Authentication protocols –The PIV application currently supports Personal Identification Number (PIN) authentication (card authenticating card holder), Internal Authentication (reader authenticating card), External Authentication (card authenticating issuer), Signing, and Encryption. This standard adds Mutual Authentication, Key Agreement, and Secure Messaging protocols.
• GICS and ISO/IEC 24727: GICS standard allows interoperation with middleware compliant with ISO/IEC 24727. At a minimum, the discoverability mechanism (boot strap) based on the Card Capability Description (CCD) and / or Application Capability Description (ACD), as defined in ISO/IEC 24727, is supported by this standard.
• FIPS 140-2 certifications – The GICS standard is designed to allow card-applications constructed on this standard to minimize impact on FIPS 140-2 certification.
Purpose
The purpose of this part of the GICS standard is to define a set of data structures and commands for the general-purpose use of multiple identity credentials resident on a single platform.
1 Note that the document does not completely specify biometric verification but only includes tags for biometric data for future use.
• Identity credential storage (Namespace standardization)
• Authentication protocols
• Biometric verification1
• Confidentiality protocols
• Digital signatures
In the context of the GICS, this part is based on ISO/IEC 24727-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-73-3. Any additional commands are drawn from ISO/IEC 7816-4, -8, and -9.
The GICS standard defines a command set and a base functionality that offers the possibility to create, personalize, and use a compliant PIV and PIV-I card-application according NIST SP 800-73-3.
The standard defines a set of extensions to the SP 800-73-3 so that card-application issuers may have added flexibility in extending their data model while allowing relying parties to interoperably use the cards from different issuers. These extensions would favor the penetration of GICS standard at three levels. Manufactures will be able to minimize design and implementation costs; card issuers will manage a simple platform based on a successful and largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The following set of extensions to SP 800-73-3 is addressed in this document:
• Data model extension –The GICS standard allows formulation of different data elements and objects. Various data types are defined allowing card applications to store data according to their needs. The data size, data identifiers, and data access control rules are flexible to meet client-application needs.
• Authentication protocols –The PIV application currently supports Personal Identification Number (PIN) authentication (card authenticating card holder), Internal Authentication (reader authenticating card), External Authentication (card authenticating issuer), Signing, and Encryption. This standard adds Mutual Authentication, Key Agreement, and Secure Messaging protocols.
• GICS and ISO/IEC 24727: GICS standard allows interoperation with middleware compliant with ISO/IEC 24727. At a minimum, the discoverability mechanism (boot strap) based on the Card Capability Description (CCD) and / or Application Capability Description (ACD), as defined in ISO/IEC 24727, is supported by this standard.
• FIPS 140-2 certifications – The GICS standard is designed to allow card-applications constructed on this standard to minimize impact on FIPS 140-2 certification.
Purpose
The purpose of this part of the GICS standard is to define a set of data structures and commands for the general-purpose use of multiple identity credentials resident on a single platform.
1 Note that the document does not completely specify biometric verification but only includes tags for biometric data for future use.
Collections
:
-
Statistics
ANSI INCITS 504-1
Show full item record
| contributor author | ANSI - American National Standards Institute | |
| date accessioned | 2017-09-04T17:18:41Z | |
| date available | 2017-09-04T17:18:41Z | |
| date copyright | 2013.04.24 | |
| date issued | 2013 | |
| identifier other | ZLLBDFAAAAAAAAAA.pdf | |
| identifier uri | http://yse.yabesh.ir/std;jsein/handle/yse/141975 | |
| description abstract | This part of the multi-part GICS standard defines a command set for base functionality addressing: • Identity credential storage (Namespace standardization) • Authentication protocols • Biometric verification1 • Confidentiality protocols • Digital signatures In the context of the GICS, this part is based on ISO/IEC 24727-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-73-3. Any additional commands are drawn from ISO/IEC 7816-4, -8, and -9. The GICS standard defines a command set and a base functionality that offers the possibility to create, personalize, and use a compliant PIV and PIV-I card-application according NIST SP 800-73-3. The standard defines a set of extensions to the SP 800-73-3 so that card-application issuers may have added flexibility in extending their data model while allowing relying parties to interoperably use the cards from different issuers. These extensions would favor the penetration of GICS standard at three levels. Manufactures will be able to minimize design and implementation costs; card issuers will manage a simple platform based on a successful and largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The following set of extensions to SP 800-73-3 is addressed in this document: • Data model extension –The GICS standard allows formulation of different data elements and objects. Various data types are defined allowing card applications to store data according to their needs. The data size, data identifiers, and data access control rules are flexible to meet client-application needs. • Authentication protocols –The PIV application currently supports Personal Identification Number (PIN) authentication (card authenticating card holder), Internal Authentication (reader authenticating card), External Authentication (card authenticating issuer), Signing, and Encryption. This standard adds Mutual Authentication, Key Agreement, and Secure Messaging protocols. • GICS and ISO/IEC 24727: GICS standard allows interoperation with middleware compliant with ISO/IEC 24727. At a minimum, the discoverability mechanism (boot strap) based on the Card Capability Description (CCD) and / or Application Capability Description (ACD), as defined in ISO/IEC 24727, is supported by this standard. • FIPS 140-2 certifications – The GICS standard is designed to allow card-applications constructed on this standard to minimize impact on FIPS 140-2 certification. Purpose The purpose of this part of the GICS standard is to define a set of data structures and commands for the general-purpose use of multiple identity credentials resident on a single platform. 1 Note that the document does not completely specify biometric verification but only includes tags for biometric data for future use. | |
| language | English | |
| title | ANSI INCITS 504-1 | num |
| title | Information Technology - Generic Identity Command Set - Part 1: Card Application Command Set | en |
| type | standard | |
| page | 118 | |
| status | Active | |
| tree | ANSI - American National Standards Institute:;2013 | |
| contenttype | fulltext |