Text Size
Increase text size
Increase text size

Glossary

Active Attack: An attack on the authentication protocol where the Attacker transmits data to the Claimant or Verifier. Examples of active attack include a man-in-the-middle, impersonation, and session hijacking.

 

Address of Record: The official location where an individual can be found. The address of record always includes the residential street address of an individual and may also include the mailing address of the individual. In very limited circumstances, an Army Post Office box number, Fleet Office box number or the street address of next of kin or of another contact individual can be used when a residential street address for the individual is not available.

 

Access Control: The process of granting or denying specific requests: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., disaster zone, state buildings, military establishments). A function or a system that restricts access to authorized persons only.

 

Access Control List: A list of (identifier, permissions) pairs associated with a resource or asset. As an expression of security policy, a person may perform an operation on a resource or asset if and only if the person's identifier is present in the access control list (explicitly or implicitly) and the permission in the (identifier, permissions) pair include the permission to perform the requested operation.

 

Agency: A division of government with a specific function offering a particular kind of assistance. Agencies are defined as jurisdictional (having statutory responsibility for incident management) or as assisting or cooperating (providing resources or other assistance).

 

Approved: FIPS approved of NIST recommended. An algorithm or technique that is either 1) specified in a FIPS or NIST Recommendation, or 2) adopted in a FIPS or NIST Recommendation.

 

Applicant: An individual applying for a PIV card, and who, as determined by the agency, has an identified need to be issued with a PIV card. It is the Applicant's responsibility to provide accurate and truthful information to the agency. The Applicant may be a current or prospective state or local hire, a state or local employee, or a contractor.

 

Application: A hardware/software system implemented to satisfy a particular set of requirements. In this context, an application incorporates a system used to satisfy a subset of requirements related to the verification or identification on an end user's identity so that the end user's identifier can be used to facilitate the end user's interaction with the system.

 

Architecture: A highly structured specification of an acceptable approach within a framework for solving a specific problem. An architecture contains descriptions of all the components of a selected, acceptable solution while allowing certain details of specific components to be variable to satisfy related constraints (e.g., costs, local environment, user acceptability).

 

Assertion: A statement from a Verifier to a Relying Party that contains identity information about a subscriber. Assertion may also contain verified attributes.

 

Assurance: In the context of OMB 04-04 and NIST SP 800-63, assurance is defined as the degree of confidence 1) in the vetting process used to establish the identity of an individual to whom the credential was issued, and 2) that the individual who uses the credential is the individual to whom the credential was issued.

 

Asymmetric Keys: Two related keys. A public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification.

 

Attack: An attempt to obtain a Subscribers token or to fool a Verifier into believing that an unauthorized individual possess a Claimant's token.

 

Attacker: A party who acts with malicious intent to assault an information system.

 

Asymmetric Signature: A data object produced by a digital signature method, such as RSA or Elliptic Curve Digital Signature Algorithm (ECDSA), that when verified, provides strong evidence of the origin and integrity of the signed data object.

 

Authentication: A process that establishes the identity of a person or computational process, often as a prerequisite to allowing access to physical or logical (i.e., information) resources.

 

Authentication Protocol: A defined sequence of messages between Claimant and Verifier that demonstrates that the Claimant has control of a valid token to establish his/her identity, and optionally, demonstrates to the Claimant that he or she is communicating with the intended Verifier.

 

Authenticity: The property that data originated from its purported source.

 

Authorization: A process that associates permission to access a resource or asset with a personal and the person's identifier.

 

Bit: Short for binary digit.  A bit is the smallest unit of data in a computer and has a single binary value of either 0 or 1.

 

Biometric: A measurable, physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an Applicant. Facial images, fingerprints, and iris scan samples are all examples of biometrics.

 

Capture: The method of taking a biometric sample from an end user.

 

Cardholder: An individual possessing an issued PIV Card.

 

Certificate: A data object containing a subject identifier and a PKI public key, and other information, that is digitally signed by a Certification Authority. Certificates convey trust in the relationship of the subject identifier to the public key.

 

Certification: The process of verifying the correctness of a statement or claim and issuing a certificate as to its correctness.

 

Certification Authority: A trusted entity that issues and revokes public key certificates.

 

Certificate Revocation List (CRL): A list of evoked public key certificates created and digitally signed by a Certification Authority. See [RFC 3280].

 

Challenge-Response Protocol: An authentication protocol where the Verifier sends the Claimant a challenge (usually a random value or a nonce) that the Claimant combines with a secret (such as by hashing the challenge and a shared secret together, or by applying a private key operation to the challenge) to generate a response that is sent to the Verifier. The Verifier can independently verify the response generated by the Claimant (such as by re-computing the hash of the challenge and the shared secret and comparing to the response, or performing a public ky operation on the response) and establish that the Claimant possesses and controls the secret.
 

Check-In: The process through which resources first report to an incident. Check-in locations include the incident command post, Resources Unit, incident base, camps, staging areas, or directly on the site.

 

CHUID: The Cardholder Unique Identifier is defined to simplify interoperability and to extend capabilities over magnetic stripe technology for Physical Access Control System applications. The CHUID container is an Elementary File (EF) that is a required part of the data model for both separate or combined contact and contactless technology FASC cards.

 

Claimant: A party whose identity is to be verified using an authentication protocol.

 

Cloning: A process to create a verbatim copy of a PIV Card, or a partial copy sufficient to perform one or more authentication mechanisms as if it were the original card.

 

Contact Card: The functional use by which the smart card is able to transfer data to a smart card reader. In a contact scenario, the cardholder inserts the card into the slot of the contact reader. When inserted appropriately, the contact plate (visible metallic plate) of the smart card aligns with the electronic contacts inside the reader, and data is transmitted across this connection.

 

Contact Reader: A smart card reader that communicates with the Integrated Circuit chip in a smart card using electrical signals on wires touching the smart card' contact pad. The PIV contact interface is standardized by ISO/IEC 7816-3.

 

Contactless Card: The functional use by which the smart card is able to transfer data to a smart card reader. Contactless scenarios are those in which the smart card transfers data with the reader without the two making contact. This transaction occurs when the cardholder presents the card within a close proximity (up to 15 cm) from the reader. The data is conveyed across this distance via electro-magnetic fields.

 

Contactless Reader: A smart card reader that communicates with the Integrated Circuit chip in a smart card using radio frequency (RF) signaling. The PIV contact interface is standardized by ISO/IEC 14443.

 

Controller (or Control Panel): A device that communicates with multiple readers, actuators, and the Head End System. The readers provide cardholder information to the Controller, which it uses to make access control decisions and send commands to actuators. The Controller communicates with the Head End System to receive changes in access permissions, and to send audit records and other log information.

 

Counterfeiting: The creation of a fake ID card that can perform one or more authentication mechanisms, without copying a legitimate card (see cloning).

 

Credential: Evidence attesting to one's right to credit or authority; in this standard, it is the PIV Card and data elements associated with an individual that authoritatively binds an identity (and, optionally, additional attributes) to that individual.

 

Credential Validation: The process of determining if a credential is valid, i.e., it was legitimately issued, its activation date has been reached, it has not expired, and it has not been terminated, suspended, or revoked by the issuing authority.

 

Credentials Service Provider (CSP): A trusted entity that issues or registers Subscriber tokens and issues electronic credentials to Subscribers. The CSP may encompass Registration Authorities and Verifiers that it operates. A CSP maybe an independent third party or may issue credentials for its own use.

 

Cryptographic Key: A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. For the purposes of this document, key requirements shall coincide the minimum requirements stated in table 2 of NIST SP[800-57] part 1. See also: Asymmetric Keys, Symmetric Key.

 

Cryptographic Token: A token where the secret is a cryptographic key.

 

Data Integrity: The property that data has not been altered by an unauthorized entity.

 

Digital Signature: An asymmetric key operation where the private key is used to digitally sign an electronic document and the public key is used to verify the signature. Digital signatures provide authentication and integrity protection.

 

Emergency Support Function (ESF): A grouping of government and certain private-sector capabilities into an organizational structure to provide the support, resources, program implementation and services that are most likely to be need to save lives, protect property and the environment, restore essential services and critical infrastructure, and help victims and communities return to normal, when feasible, following domestic incidents. The ESFs serve as the primary operational-level mechanism to provide assistance to State, local or tribal governments or to federal departments or agencies conducting missions of primary federal responsibility.

 

Emergency Response Provider: Includes federal, state, local and tribal emergency public safety, law enforcement, emergency response, emergency medical (including hospital medical facilities), and related personnel, agencies, and authorities. Also known as Emergency Responder.

 

Event: A planned, non-emergency activity. An incident command system can be used as the management system for a wide range of events, e.g., parades, concerts, or sporting events.

 

Extensible Mark-up Language (XML): Extensible Markup Language, abbreviated XML, describes a class of data objects called XML documents and partially describes the behavior of computer programs which process them.

 

Federal Agency Smart Credential Number (FASC-N): As required by FIPS 201, the primary identifier on the PIV card for physical access control. The FASC-N is a fixed length (25 byte) data object, defined in FIPS 201 and NIST SP 800-73, and included in several data objects on a PIV card.

 

Federal Agency Smart Credential Number (FASC-N) Identifier: The result of the concatenation of the system code, agency code, and credential number from the FASC-N. The FASC-N identifier is the minimal length identifier that uniquely identifies a PIV card. It is 14 digits when represented in decimal and 37 bits when represented in binary.

 

Federal Information Processing Standards (FIPS): A standard for adoption and use by federal departments and agencies that has been developed within the Information Technology Laboratory and published by NIST, a part of the U.S. Department of Commerce. A FIPS covers some topic in information technology to achieve a common level of quality or some level or interoperability.

 

FIPS Compliant: A standard that specifies the architecture and technical requirements for a state and local common identification credential that meets the predominance of standards established by FIPS 201, while taking state and local needs into account. A standard that provides interoperable credentials with FIPS-compliant credentials. Also called FIPS "mapped".

 

Framework: A structured description of a topic of interest, including a detailed statement of the problem(s) to be solved and the goal(s) to be achieved. An annotated outline of all the issues that must be addressed while developing acceptable solutions to the problem(s). A description and analysis of the constraints that must be satisfied by an acceptable solution and detailed specifications of acceptable approaches to solving the problem(s).

 

Guessing Entropy: A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an Attacker has as much difficulty guessing the average password as in guessing an nbit random quantity. The Attacker is assumed to know the actual password frequency distribution.

 

Hash Function: A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties:

  1. (One-way) It is computationally infeasible to find any input that maps to any pre-specified output, and
  2. (Collision resistant) It is computationally infeasible to find any two distinct inputs that map to the same output.

 

Head End System (or Access Control Server): A system including application software, database, a head end server, and one or more networked personal computers. The head end server is typically used to enroll and individual's name, create a unique ID number, and assign access privileges and an expiration date. The server is also used to maintain this information and refresh the controller with the latest changes.

 

Identification: The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items.

 

Identifier: Unique data used to represent a person's identity and associated attributes. A name or a card number are examples of identifiers.

 

Identity: The set of physical and behavioral characteristics by which an individual is uniquely recognizable.

 

Identity Binding: Binding of the vetted claimed identity to the individual (through biometrics) according to the issuing authority. Represented by an identity assertion from the issuer that is carried by a PIV credential.

 

Identity Credential: a credential that contains one or more identifiers for its subject, a person.

 

Identity Management System (IDMS): Identity management system comprised of one or more systems or applications that manages the identity verification, validation and PIV credential issuance process.

 

Identity Proofing: The process of providing sufficient information (e.g., identity history, credentials, documents) to a PIV Registrar when attempting to establish an identity.

 

Identity Registration: The process of making a person's identity known to the PIV system, associating a unique identifier with that identity, and collecting and recording the person's relevant attributes into the system.

 

Identity Verification: The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card or system and associated with the identity being claimed.

 

Incident: An occurrence or event, natural or human-caused, which requires an emergency response to protect life or property. Incidents can include major disasters, emergencies, terrorist attacks, terrorist threats, wild land and urban fires, floods, hazardous material spills, earthquakes, tornadoes, public health and medical emergencies, and other occurrences requiring an emergency response.

 

Initial Response: Resources initially committed to an incident.

 

Interoperability: The quality of allowing any facility or information system to verify a cardholder's identity using the credentials on the PIV card, regardless of the PIV card issuer.

 

Issuance: The process by which an issuing authority obtains and verifies information about a person, assigns one or more unique identifiers to the person, prepares information to be placed in or on a credential, produces a physical or data object credentials, and delivers the finished credential to its subject.

 

Issuer: The entity that performs PIV Card personalization operations and issues the PIV Card to the Applicant after all identity proofing, background checks, and related approvals have been completed by the Registrar. The Issuer is also responsible for maintaining records and controls for PIV Card stock to ensure that stock is only used to issue valid credentials. The Issuer may delegate the actual deliverance of the Applicant's PIV card to the Registrar.

 

Kerberos: A widely used authentication protocol developed at MIT. In classic Kerberos, users share a secret password with a Key Distribution Center (KDC). The user, Alice, who wishes to communicate with another user, Bob, authenticates to the KDC and is furnished a (ticket) by the KDC to use to authenticate with Bob. When Kerberos authentication is based on passwords, the protocol is known to be vulnerable to off-line dictionary attacks by eavesdroppers who capture the initial user-to-KDC exchange.

 

Least Privilege: The minimum level of data, functions, and capabilities necessary to perform a user's duties. Application of this principle limits the damage that can result from accident, error, or unauthorized use of an IT system.

 

Logical Access Control System (LACS): An electronic system that controls the ability of principals (i.e., people and processes with identities known to the LACS) to perform operations on objects within the boundary of a protected information system.

 

Man-in-the-Middle Attack (MitM): An attack on the authentication protocol run in which the Attacker positions himself in between the Claimant and Verifier so that he can intercept and alter data traveling between them.

 

Message Authentication Code (MAC): A cryptographic checksum on data that uses a symmetric key to detect both accidental and intentional modifications of the data.

 

Min-entropy:  A measure of the difficulty that an Attacker has to guess the most commonly chosen password used in a system. In this document, entropy is stated in bits. When a password has n-bits of min-entropy then an Attacker requires as many trials to find a user with that password as is needed to guess an n-bit random quantity. The Attacker is assumed to know the most commonly used password(s).

 

Mobilization: The process and procedures used by all organizations -- federal, state, local and tribal -- for activating, assembling and transporting all resources that have been requested to respond to or support an incident.

 

Multi-Factor Authentication: Authentication based on more than one factor. In some contexts, each factor is a different authenticator. In other contexts, each factor is one of "something you know, something you have, something you are" (i.e., memorized fact, token, or biometric) and thus the number of factors is 1, 2, or 3.

 

Multi-Jurisdictional Incident: An incident requiring action from multiple agencies that each have jurisdiction to manage certain aspects of an incident. In the Incident Command System, these incidents will be managed under Unified Command.

 

Network: An open communications medium, typically the Internet, that is used to transport messages between the Claimant and other parties. Unless otherwise stated no assumptions are made about the security of the network; it is assumed to be open and subject to active (e.g., impersonation, man-in-the-middle, session hijacking) and passive (e.g., eavesdropping) attack at any point between the parties (Claimant, Verifier, CSP or Relying Party).

 

Nonce: A value used in security protocols that is never repeated with the same key. For example, challenges used in challenge-response authentication protocols generally must not be repeated until authentication keys are changed, or there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.

 

Nongovernmental Organization (NGO): An entity with an association that is based on interests of its members, individuals, or institutions and that is not created by a government, but may work cooperatively with government. Such organizations serve a public purpose, not a private benefit. Examples of NGOs include faith-based charity organizations and the American Red Cross.

 

Off-line Attack: An attack where the Attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is able to analyze in a system of his/her own choosing.

 

On-line Attack: An attack against an authentication protocol where the Attacker either assumes the role of a Claimant with a genuine Verifier or actively alters the authentication channel. The goal of the attack may be to gain authenticated access or learn authentication secrets.

 

Online Guessing Attack: An attack in which an Attacker performs repeated logon trials by guessing possible values of the token authenticator.

 

PACS Enrollment: The process of adding information about the cardholder into the PACS server. The information added during enrollment is then utilized to perform authentication and authorization of an individual at an access point.

 

Passive Attack: An attack against an authentication protocol where the Attacker intercepts data traveling along the network between the Claimant and Verifier, but does not alter the data (i.e. eavesdropping).

 

Password: A secret that a Claimant memorizes and uses to authenticate his or her identity. Passwords are typically character strings.

 

Path Validation: The process of determining that a chain of asymmetric signatures, beginning with a signed object and continuing through the sequence of signing certificates to a trust anchor certificates, is complete and all certificates are valid. Successful path validation provides strong evidence than an asymmetric signature is trustworthy.

 

Personal Identification Number (PIN): A password consisting only of decimal digits.

 

Personal Identity Verification (PIV) Card: A physical artifact (e.g., identity card, "smart" card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint representation) so that the claimed identity of the cardholder can be verified against the stored credentials by another person (human readable and verifiable) or an automated process (computer readable and verifiable). A Tier 1 PIV card is an example of a PIV card.

 

Physical Access Control System (PACS): An electronic system that controls the ability of people or vehicles to enter a protected area, by means of authentication and authorization at access control points.

 

Pharming: An attack in which an Attacker corrupts an infrastructure service such as DNS (Domain Name Service) causing the Subscriber to be misdirected to a forged Verifier/Relying Party, and revealing sensitive information, downloading harmful software or contributing to a fraudulent act.

 

Phishing: An attack in which the Subscriber is lured (usually through an email) to interact with a counterfeit Verifier, and tricked into revealing information that can be used to masquerade as that Subscriber to the real Verifier.

 

PIV: Personal Identity Verification

 

PIV System:  A system composed of components and processes that support a common (smart card-based) platform for identity authentication across departments and agencies for access to multiple types of physical and logical access environments.

 

Possession and Control of a Token: The ability to activate and use the token in an authentication protocol.

 

Practice Statement: A formal statement of the practices followed by an authentication entity (e.g., RA, CSP, or Verifier); typically the specific steps taken to register and verify identities, issue credentials and authenticate Claimants.

 

Private Key: One key of a public key cryptography key pair, the other being the Public Key. What a private key encrypts, only the matching public key can decrypt, and vice versa. The secret part of an asymmetric key pair that is typically used to digitally sign or decrypt data.

 

Proof of Possession (PoP) Protocol: A protocol where a Claimant proves to a Verifier that he/she possesses and controls a token (e.g., a key or password).

 

Protected Channel: A session wherein messages between two participants are encrypted and integrity is protected using a set of shared secrets; A participant is said to be authenticated if the other participant can link possession of the session keys by the first participant to a long term cryptographic token and verify the identity associated with that token.

 

Public Key: One key of a public key cryptography key pair, the other being the Private Key. Given only the public key, it is computationally infeasible to derive the matching private key. The public part of an asymmetric key pair that is typically used to verify signatures or encrypt data.

 

Public Key Certificate: A digital document issued and digitally signed by the private key of a Certification Authority that binds the name of a Subscriber to a public key. The certificate indicates that the Subscriber identified in the certificate has sole control and access to the private key.

 

Public Key Infrastructure (PKI): A service infrastructure implementing a trust model for transactions using private keys and public key certificates, based on the concepts of Public Key Encryption (PKE) and Certification Authorities (CA).

 

Pseudonym: A Subscriber name that has been chosen by the Subscriber that is not verified as meaningful by identity proofing.

 

Registration: The process through which a party applies to become a Subscriber of a CSP and an RA validates the identity of that party on behalf of the CSP.

 

Registration Authority (RA): A trusted entity that establishes and vouches for the identity of a Subscriber to a CSP. The RA may be an integral part of a CSP, or it may be independent of a CSP, but it has a relationship to the CSP(s).

 

Replay Attack: An attack in which the Attacker is able to replay previously captured messages (between a legitimate Claimant and a Verifier) to masquerade as that Claimant to the Verifier or vice versa.

 

Reader: A device that reads an ID card and passes the 'identifying information' to the controller, often using the Wiegand protocol, magnetic stripe, contactless (13.56 MHz), or proximity (125 kHz) technologies. Multi-technology card readers are commercially available.

 

Registrar: The entity responsible for identity proofing of an Applicant and ensuring the successful  completion of the background checks. The Registrar provides the final approval for the issuance of a PIV card to the Applicant. In many agencies, the Registrar may be the Human Resources or Security section. The Registrar's role may also be outsourced to an accredited organization to perform identity proofing and background checking processes.

 

Relying Party: An entity that depends upon the trust model of the system to correctly produce the results of authentication.

 

Revocation: The process by which an issuing authority renders and issued credential useless. For example, a PKI certification authority may revoke certificates it issues. Typically, a PKI certificate is revoked if its corresponding private key is known to be, or suspected to be, compromised.

 

Role-based Security: The assignment of security rights to IT systems and data based on role or job function.

 

Salt: A non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an Attacker.

 

SAML Authentication Assertion: A SAML assertion that conveys information about a successful act of authentication that took place for a subject.

 

Secret Key: A key used by a symmetric key algorithm to encrypt, decrypt, sign or verify information. In a symmetric key infrastructure (SKI), the sender and receiver of encrypted information mush share the same secret key.

 

Secure Sockets Layer (SSL): An authentication and security protocol widely implemented in browsers and web servers. SSL has been superseded by the newer Transport Layer Security (TLS) protocol; TLS 1.0 is effectively SSL version 3.1.

 

Security Assertion Mark-up Language (SAML): An XML-based security specification developed by OASIS for exchanging authentication (and authorization) information between trusted entities over the Internet.

 

Sensitive Data: Any data of which the compromise with respect to confidentiality, integrity, and/or availability could be adversely affect state interests, the conduct of agency programs, or the privacy to which individuals are entitled.

 

Separation of Duties: Assignment of responsibilities such that no one individual or function has control of an entire process. Implied in this definition is the concept that no one person should have complete control. Separation of duties is a technique for maintaining and monitoring accountability and responsibility for IT system and data.

 

Session Hijack Attack: An attack in which the Attacker is able to insert himself or herself between a Claimant and a Verifier subsequent to a successful authentication exchange between the latter two parties. The Attacker is able to pose as a Subscriber to the Verifier or vice versa to control session data exchange.

 

Shared Secret: A secret used in authentication that is known to the Claimant and the Verifier.

 

Skimming: Surreptitiously obtaining data from a contactless smart card, using a hidden reader that powers, commands, and reads from the card within the maximum read distance.

 

Sniffing: Surreptitiously obtaining data from a contactless smart card, using a hidden reader that receives RF signals from a legitimate reader and smart card when they perform a transaction. Sniffing is a form of electronic eavesdropping. Sniffing is possible at greater distances than skimming.

 

Social Engineering: A process or technique, similar to a confidence game, used to obtain information from a person without raising suspicion. The act of deceiving an individual into revealing sensitive information by associating with the individual to gain confidence and trust.

 

Sponsor: The individual who can act on behalf of a department or agency who substantiates the need for a PIV Card to be issued to the Applicant, and provides sponsorship to the Applicant. The Sponsor requests the issuance of a PIV Card to the Applicant. The Sponsor is only responsible for requesting that a PIV card be issued.

 

Standard: A published statement on a topic specifying the characteristics, usually measurable, that must be satisfied or achieved to comply with the standard.

 

Strategy: The general direction selected to accomplish objectives set.

 

Subject: The person whose identity is bound in a particular credential.

 

Subscriber: A party who receives a credential or token from a CSP.

 

Symmetric Key: A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt and decrypt, or create a message authentication code and to verify the code.

 

Termination: The action of an identity credential issuer that causes the credential to become invalid.

 

Tier 1: The highest assurance level credential for first responders in Colorado. These credentials strongly authenticate the identity of the credential holder, the credential itself, and the identity attributes of the credential holder. Tier 1 credentials are fully FIPS 201 compliant, smart-card (contact and contactless chip) based credentials.

 

Tier 2: These credentials offer a medium level of assurance regarding the identity of the credential holder, the credential itself, and the identity attributes of the credential holder. All of the processes and procedures of the FIPS 201 standard are followed; however, the technology used on the card for authentication is a barcode instead of a smart chip.

 

Token Authenticator: The value that is provided to the protocol stack to prove that the Claimant possesses and controls the token. Protocol messages sent to the Verifier are dependant upon the token authenticator, but they may or may not explicitly contain it.

 

Transport Layer Security (TLS): An authentication and security protocol widely implemented in browsers and web servers. TLS is defined by [RFC 2246] and [RFC 3546]. TLS is similar to the older Secure Sockets Layer (SSL) protocol, and TLS 1.0 is effectively SSL version 3.1. NIST SP 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations specifies how TLS is to be used in government applications.

 

Tunneled Password Protocol: A protocol where a password is sent through a protected channel to a cryptographically authenticated Verifier. For example, the TLS protocol is often used with a Verifier's public key certificate to (1) authenticate the Verifier to the Claimant, (2) establish an encrypted session between the Verifier and Claimant, and (3) transmit the Claimant's password to the Verifier. The encrypted TLS session protects the Claimant's password from eavesdroppers.

 

Validation: The process of demonstrating that the system under consideration meets in all respects the specification of that system.

 

Verification: The process of determining if a security assertion, is true, particularly the process of determining if a data object possesses a digital signature produced by the purported signer.

 

Verified Name: A Subscriber name that has been verified by identity proofing.

 

Verifier: An entity that verifies the Claimant's identity by verifying the Claimant's possession of a token using an authentication protocol. To do this, the Verifier may also need to validate credentials that link the token and identity and check their status.

 

Verifier Impersonation Attack: A scenario where the Attacker impersonates the Verifier in an authentication protocol, usually to capture information that can be used to masquerade as that Claimant to the real Verifier.

 

Zero-Knowledge Password Protocol: A password based authentication protocol that allows a claimant to authenticate to a Verifier without revealing the password to the Verifier. Examples of such protocols are EKE, SPEKE and SRP.