DOCSLIB.ORG

NIST SP 800-103 Draft, an Ontology of Identity Credentials Part 1: Background and Formulation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
NIST SP 800-103 Draft, an Ontology of Identity Credentials Part 1: Background and Formulation RETIRED DRAFT July 5, 2016 The attached DRAFT document (provided here for historical purposes): Draft NIST Special Publication (SP) 800-103, An Ontology of Identity Credentials, Part 1: Background and Formulation (posted for public comment on October 6, 2006) has been RETIRED. Information on other NIST cybersecurity publications and programs can be found at: http://csrc.nist.gov/. The following information was originally posted with the attached DRAFT document: October 6, 2006 NIST is pleased to announce the release of Draft of the Special Publication 800-103 (SP 800- 103), An Ontology of Identity Credentials, Part 1: Background and Formulation. The SP 800-103 is available for a six week public comment period. This document provides the broadest possible range of identity credentials and supporting documents insofar as they pertain to identity credential issuance. Priority is given to examples of primary and secondary identity credentials issued within the United States. Part 2 of this document will provide an Extensible Markup Language (XML) schemas, as a framework for retention and exchange of identity credential information. Please send your comments to [email protected] with "Comments on SP800- 103" in the subject line. The comment period closes at 5:00 EST on Wednesday, November 15th, 2006. NIST Special Publication 800-103 An Ontology of Identity Credentials Draft Part 1: Background and Formulation William MacGregor William Dutcher Jamil Khan I N F O R M A T I O N S E C U R I T Y Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD, 20899-8930 October 2006 U.S. Department of Commerce Carlos M. Gutierrez, Secretary Technology Administration Robert C. Cresanti, Under Secretary of Commerce for Technology National Institute of Standards and Technology William. Jeffrey, Director Draft Special Publication 800-103 An Ontology of Identity Credentials Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of non-national security-related information in Federal information systems. This special publication 800-series reports on ITL’s research, guidelines, and outreach efforts in information system security, and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-103, 70 pages (October 2006) Draft 2 Draft Special Publication 800-103 An Ontology of Identity Credentials Acknowledgements The authors, William MacGregor of the National Institute of Standards and Technology (NIST) and William Dutcher and Jamil Khan of Booz Allen Hamilton, wish to thank their colleagues who reviewed drafts of this document and contributed to its development. Draft 3 Draft Special Publication 800-103 An Ontology of Identity Credentials Table of Contents 1. INTRODUCTION..............................................................................................................................................7 1.1 AUTHORITY.................................................................................................................................................7 1.2 ONTOLOGY OF IDENTITY DEFINED ..............................................................................................................7 1.3 PURPOSE......................................................................................................................................................8 1.4 SCOPE..........................................................................................................................................................8 1.5 AUDIENCE AND ASSUMPTIONS ....................................................................................................................9 1.6 DOCUMENT OVERVIEW ...............................................................................................................................9 2. OVERVIEW OF IDENTITY CONCEPTS ...................................................................................................10 2.1 IDENTITY STAKEHOLDER VIEWPOINTS......................................................................................................11 2.2 IDENTITY CREDENTIALS............................................................................................................................12 2.3 QUALITIES OF IDENTITY CREDENTIALS .....................................................................................................12 2.4 PRIMARY, SECONDARY AND TERTIARY IDENTITY CREDENTIALS..............................................................14 2.5 OWNERS OF IDENTITY CREDENTIALS ........................................................................................................15 2.6 TYPES OF IDENTITY CREDENTIALS ............................................................................................................15 3. THE STRUCTURE OF CREDENTIALS .....................................................................................................16 3.1 LOGICAL AND PHYSICAL STRUCTURES OF AN IDENTITY CREDENTIAL ......................................................16 3.2 REQUIREMENTS FOR LOGICAL STRUCTURE...............................................................................................17 3.3 REQUIREMENTS FOR PHYSICAL STRUCTURE .............................................................................................22 3.4 INCONSISTENCY OF INFORMATION ............................................................................................................23 4. SURVEY OF IDENTITY CREDENTIALS ..................................................................................................24 4.1 I-9 DOCUMENTS ........................................................................................................................................26 5. IDENTITY CREDENTIAL STANDARDS AND ORGANIZATIONS ......................................................28 5.1 NATIONAL CENTER FOR HEALTH STATISTICS – VITAL STATISTICS STANDARDS ......................................28 5.2 INTERNATIONAL CIVIL AVIATION ORGANIZATION....................................................................................28 5.2.1 Machine Readable Travel Documents .................................................................................................28 5.2.2 The New Technologies Working Group...............................................................................................29 5.3 THE INITIATIVE FOR OPEN AUTHENTICATION ...........................................................................................29 5.3.1 Personal Strong Authentication...........................................................................................................29 5.4 THE INTERNET ENGINEERING TASK FORCE...............................................................................................29 5.4.1 vCard ...................................................................................................................................................30 5.5 THE AMERICAN ASSOCIATION OF MOTOR VEHICLE ADMINISTRATORS ....................................................31 5.5.1 DL/ID Security Framework .................................................................................................................31 5.6 ORGANIZATION FOR THE ADVANCEMENT OF STRUCTURED INFORMATION STANDARDS...........................31 5.6.1 Standard Generalized Markup Language Open ..................................................................................31 5.7 LIBERTY ALLIANCE, OASIS − FEDERATED ID ........................................................................................32 5.8 LEGISLATIVE BEARINGS ON IDENTITY STANDARDS ..................................................................................32 5.8.1 Real ID Act ..........................................................................................................................................32 6. IDENTITY CREDENTIAL SYSTEM MODELS.........................................................................................34 6.1 THE ACTOR PLANE....................................................................................................................................34 6.2 THE ISSUANCE PLANE ...............................................................................................................................34 6.3 THE MAINTENANCE PLANE .......................................................................................................................35 6.4 THE TRANSACTION PLANE ........................................................................................................................36 6.5 LIFE EVENTS PLANE..................................................................................................................................37 7. TRUST AND SECURITY ...............................................................................................................................38
Load more

Recommended publications
  • American Diplomacy Project: a US Diplomatic Service for the 21St
    AMERICAN DIPLOMACY PROJECT A U.S. Diplomatic Service for the 21st Century Ambassador Nicholas Burns Ambassador Marc Grossman Ambassador Marcie Ries REPORT NOVEMBER 2020 American Diplomacy Project: A U.S. Diplomatic Service for the 21st Century Belfer Center for Science and International Affairs Harvard Kennedy School 79 JFK Street Cambridge, MA 02138 www.belfercenter.org Statements and views expressed in this report are solely those of the authors and do not imply endorsement by Harvard University, Harvard Kennedy School, or the Belfer Center for Science and International Affairs. Design and layout by Auge+Gray+Drake Collective Works Copyright 2020, President and Fellows of Harvard College Printed in the United States of America FULL PROJECT NAME American Diplomacy Project A U.S. Diplomatic Service for the 21st Century Ambassador Nicholas Burns Ambassador Marc Grossman Ambassador Marcie Ries REPORT NOVEMBER 2020 Belfer Center for Science and International Affairs | Harvard Kennedy School i ii American Diplomacy Project: A U.S. Diplomatic Service for the 21st Century Table of Contents Executive Summary ........................................................................3 10 Actions to Reimagine American Diplomacy and Reinvent the Foreign Service ........................................................5 Action 1 Redefine the Mission and Mandate of the U.S. Foreign Service ...................................................10 Action 2 Revise the Foreign Service Act ................................. 16 Action 3 Change the Culture ..................................................
    [Show full text]
  • Virtual Credential Ceremony of Foreign Diplomats
    Virtual Credential Ceremony of Foreign Diplomats Why in news? In a first, President Ram Nath Kovind accepted the credentials of foreign diplomats of as many as 7 countries in a virtual ceremony, given the COVID-19 situation. What is the credential ceremony all about? A Letter of Credence is a formal document appointing a diplomat as Ambassador or High Commissioner to another sovereign state. The present ceremony involved diplomats from the Democratic People's Republic of Korea, Senegal, Trinidad & Tobago, Mauritius, Australia, Cote d'Ivoire and Rwanda. They presented their credentials (Letters of Credence) before the President via video conference. Each of these letters is addressed from one head of state to another. President Ram Nath Kovind formally accepted each Letter of Credence. This marked the beginning of the ambassadorship of each of those foreign diplomats, in India. The letters were officially handed over to the MEA (Ministry of External Affairs) to be delivered to the President of India. Initially, the ambassadors were to present their credentials from their respective embassies. However, all seven were escorted to the Jawahar Bhavan headquarters of the MEA (Ministry of External Affairs). How does it take place generally? The presentation of credentials is a spectacular and elaborate ceremony with strict rules and rituals. Under normal circumstances, it is hosted at the majestic Ashoka Hall inside the Rashtrapati Bhavan. The envoys come to Rashtrapati Bhavan accompanied by a foreign ministry official. They have to sit in a specific seat in the car with the protocol officer next to them. The diplomat is received at the forecourt of the presidential palace by the commander of the Presidential Guard.
    [Show full text]
  • AD-Series Selection Guide the First Step in Our Design Process: Listening
    AD-Series Selection Guide The first step in our design process: Listening. We wanted to know exactly what you needed in a security solution. So we asked. We asked hundreds of questions and received thousands of answers from facility managers, security personnel, locksmiths and other professionals – the people who are responsible for the protection of people, property and assets. What we heard led us to design a better electronic lock. You told us you wanted a simple solution. You told us you wanted locks that could evolve to fit your needs. And you told us you wanted assurance that your investment would be protected for years to come. Introducing the AD-Series from Schlage. It’s the first electronic lock that is flexible, adaptable and scalable. It’s ready for anything, even the future. Because, at Schlage, we believe that real security sets you free. We’ve been designing dependable, innovative security solutions Flexible. for over 85 years. When it comes to real security, it is not one size fits all. Schlage products are The AD-Series allows you to customize your electronic lock trusted to protect with options such as reader type, networking capabilities, finish hospitals, schools and and levers to create a perfect fit for your specific application. commercial buildings of all types. And today, we’re living up to our reputation for innovation Adaptable. by introducing our Needs change and technologies evolve. It’s inevitable. But newest electronic lock – with AD-Series electronic locks from Schlage, you’ll be ready. the AD-Series. Their modular design and open-architecture format means they can adapt to your environment today and in the future.
    [Show full text]
  • Georgia Protocol Guide Table of Contents
    GEORGIA PROTOCOL GUIDE TABLE OF CONTENTS Introduction: What is protocol? .........................................................................................................3 Message from Governor Nathan Deal ..............................................................................................4 Georgia Department of Economic Development International Relations Division............................5 Georgia Code ...................................................................................................................................6 A. Precedence ..................................................................................................................................6 B. Forms of Address .................................................................................................................. 7-12 • The Honorable ........................................................................................................................7 • His/Her Excellency .................................................................................................................7 • Former Elected Office Holders ................................................................................................7 • Federal Officials ......................................................................................................................8 • State Officials ..........................................................................................................................9 • Judicial Officials ....................................................................................................................10
    [Show full text]
  • Smart Card Readers & Credentials
    Smart Card Readers & Credentials Simply Smarter Smart Card Readers XceedID’s contactless smart card readers are the most secure readers in the industry. Instead of using open transmission protocols, XceedID smart card readers utilize high security data. Each message between the card and reader is digitally signed using Message Authentication Coding (MAC) to ensure the integrity of the data. In addition to increased security, smart cards offer faster transaction times and greater data storage capacity. What differentiates smart cards from proximity cards is that the information can be read from or written to a credential. Applications for smart cards include biometrics, logical access, cashless vending, and cafeteria services to name a few. XceedID smart card technology is also compatible with many of the other 13.56 MHz technologies offered in the market today (see graphic below). HID® iClass CSN s Schlage™ ST Microelectronics® XceedID™ Inside Contactless Texas Instruments PicoTag® Tag-It® Model Number Description HID® Comparable Product XF1060MF Contactless MIFARE® Reader – Mini-Mullion 6100 (R10) XF1560 Contactless Smart Card Reader – Wall Mount 6120 (R40) XF2200 Contactless Smart Reader – Mid-Range N/A XF2210 Contactless Smart Reader – Mid-Range with Keypad 6130 (RK40) s CSN = Card Serial Number XceedID, ISOX, and ISOX Lite are trademarks of XceedID Corporation. GE and CASI are registered trademarks of General Electric Corporation. MIFARE and DESFire are registered trademarks of NXP Semiconductors. HID and iClass are registered trademarks of HID Global. My-d is a register trademark of Infineon. Other product names mentioned herein may be trademarks and/or registered trademarks of other companies. Copyright © 2010, XceedID Corporation.
    [Show full text]
  • High Security, Bluetooth Readers, Credentials
    DMP.COM @DMPALARMS High Security, Bluetooth Readers, Credentials DELTA5 DELTA5-OSDP CSR-35 DELTA6.4 DELTA3 CSR-35-OSDP DE2 DELTA6.4-OSDP DELTA3-OSDP CSK-2 FEATURES Reader ▸ MIFARE® DESFire® EV2 ▸ Supports Conekt mobile access ▸ Compatible with all DMP technology, a leading industry credential and DE2 and CSK-2 XR Series™ panels standard for contactless Smart Card credentials Smart Cards ▸ Easily interfaces with DMP ▸ Wiegand or OSDP output 7073, 7073A and 7173 ThinlineTM Credential interface keypads, 7873 graphic keypad, Powerful 128-bit Advanced ▸ ▸ Adapter plate included for 734, 734N, 734N-POE or 1134 Encryption Standard (AES) access control modules mullion or single gang box ▸ 2K-byte memory size for the mount ▸ OSDP Readers Now Available ▸ Weatherized enclosures for greatest encryption indoor and outdoor applications Conekt Mobile Access Enhanced Smart Card ▸ ▸ Unaffected by body shielding or Credential Mounts directly on metal encryption and DESFire® EV2 ▸ environmental conditions ▸ Operates with Bluetooth mobile- support without a drop in performance ready reader ▸ Strong and flexible for resistance Built-in self-test routine at start- ▸ Supports industry-standard ▸ to cracking and breaking ▸ High-security encryption interfaces up to verify reader operation technology is protected behind the smartphone’s security ▸ Based upon the world-standard ▸ Indicator LED for card read Conekt™ Mobile-Ready Reader parameters MIFARE® technology, ideal for verification ▸ Uses Bluetooth Low Energy (BLE) ISO 14443 applications Easy, one-time registration
    [Show full text]
  • Protocol Division Ministry of Foreign Relations Colombo
    AGREMENT AND CREDENTIALS OF FOREIGN AMBASSADOR.S/ HIGH COM MISSIONERS TO SRI I.ANKA Protocol Division Ministry of Foreign Relations Colombo INTRODUCTION This booklet has been prepared to assist Foreign Diplomatic Missions (Resident & Non-resident) with the Agr6ment, Accreditation and Credentials Presentation of designated Ambassadors/High Commissioners to Sri Lanka Questions regarding these matters may be directed to the Protocol Division [email protected],lk Updated in December AGREMENT 1 Requests for Agr6ment for a Head of Mission may be made: (a) Through the Embassy in Colombo, by submitting a diplomatic note to the Ministry of Foreign Relations from the Head of Mission or Charg6 d'Affairet of the Mission; (b) By the Ministry of Foreign Relations of the sending state through the Sri Lanka Mission. The Agr6ment request must be in English and include a curriculum vitae of the Am bassador/H i g h Commissioner-designate. 3. When a decision on Agr6ment has been made by the Government of Sri Lanka, lthe requesting state will be informed in the manner in which the Agr6ment was originllly requested, ARRIVAL OF TH E AM BASSADOR/ HIG H COM MISSIO N ER- DESIG NATE L When the Ambassador/High Commissioner-designate's arrival date has bden determined, the Embassy should inform the Protocol Division at a minimum of five business days in advance of the arrival. A request for couftesies at [he Airpoft should be submitted. In order to facilitate the Ambassador/High Commissioner-designate's arrival, ttre Protocol Division will need the date of arrival, time, flight number and airline information as well as the names and passport information of any perspns accompanying the Ambassador/High Commissioner-designate so that custofis, immigration and other courtesies may be arranged.
    [Show full text]
  • Becoming a Foreign Service Officer
    I am diplomacy. I am America. Becoming a Foreign Service Officer E PL M UR U I B U N S U I am diplomacy. I am America. Becoming a Foreign Service Specialist E PL M UR U I B U N S U TABLE OF CONTENTS Diplomacy at Work 3 Foreign Service Lifestyle Becoming a U.S. Diplomat Candidate Resources Eight Steps to Becoming a Foreign Service Officer (FSO) 5 1. Choose a Career Track The Five Career Tracks Consular Officers Economic Officers Management Officers Political Officers Public Diplomacy Officers 2. Register for the Foreign Service Officer Test (FSOT) Eligibility Requirements FSOT Registration Step-by-Step Instructions Important Registration Information Registrants With Disabilities Application Requirements for Any Type of Disability Additional Documentation Requirements for Diagnosis of Cognitive (Learning) Disability 3. Take the Foreign Service Officer Test (FSOT) What To Expect on the FSOT Test Center Admission and Regulations Obtaining Your FSOT Results Frequently Asked Questions 4. Submit Personal Narratives for the QEP Review 5. Take the Foreign Service Oral Assessment 6. Clearances: Medical and Security 7. Suitability Review Panel 8. The Register Additional Consideration Factors 25 Other Important Information 26 Entry-Level Salary Range Training Tenuring and Commissioning Data Collection of Personally Identifiable Information (PII) 26 Sample FSOT Questions 27 Diplomacy@Work The U.S. Department of State promotes peace, prosperity and stability in areas of vital interest to America. Working with allies and partners around the world, American diplomats tackle global issues ranging from climate change to trafficking in persons. The Department is a key player in supporting democratic development.
    [Show full text]
  • 42634 YA Signature RFID
    Affinit y ® Smart Card Lock Multi-Family/Apartment/Condominium An ASSA ABLOY Group brand Affinit y® Benefits Higher Security for Residents – Yale Affinity eliminates issues Smart Car d Lock commonly associated with mechanical masterkeyed locks. Multi-Family/Apartmen t/Condominium Smart card technology enables easy reprogramming to erase or add users in seconds; right at the lock. Worry-free Technology – The latest in Radio Frequency Identification ® ® Yale Affinit y (RFID) Lock combines the (RFID) technology provides an improved security platform for facility latest Radio Frequency Identification technology administration as well as residents. Unique ID protection technology prevents cloning of cards eliminating the possibility of unauthorized with a flexible electronic locking system, duplication of credentials. perfect for Multi-Family, Apartment or Powerful Audit Capabilities – Affinity electronic locks offer a time stamped audit trail. Management can quickly and easily identify which Condominium Housing. Designed with ease cards have been used for access or to attempt access at the door. of use and resident security in mind, Yale Write-back capability from the locks to an authorized card provides quick and easy retrieval of audit trails. Battery status and tamper brings contactless identification electronic attempt alarms provide both residents and property managers with the peace of mind that comes from having the highest level of security locking to the multi-family housing market. on their doors. Convenient Security for Amenities & Special Use Areas – Prevents unauthorized use of exclusive amenities such as fitness, pool & spa areas, meeting rooms and storage facilities. It is also possible to allow temporary access to areas such as banquet rooms that may be used for special functions.
    [Show full text]
  • Schlage AD-200 Offline Lock User Guide
    P516-129 AD-200/AD-201 Offline lock user guide Instructions for AD-Series offline locks Para el idioma español, navegue hacia www.allegion.com/us. Pour la portion française, veuillez consulter le site www.allegion.com/us. Contents Overview ...........................................................................................................................3 Lock functions ...................................................................................................................4 Getting started ..................................................................................................................4 Schlage Utility Software (SUS) .........................................................................................4 Construction access mode ..............................................................................................5 Locks with keypads – Construction access mode.........................................................5 Locks with card readers – Create a master construction credential .............................5 Locks with card readers – Add construction access mode user credentials .................5 Cancel construction access mode ................................................................................6 Credential types and functions .........................................................................................6 Credential forms ............................................................................................................6 Manual programming instructions .....................................................................................7
    [Show full text]
  • PROTOCOL and CONSULAR HANDBOOK May 2018
    PROTOCOL AND CONSULAR HANDBOOK May 2018 Ministry of Foreign Affairs Protocol Division Singhadurbar, Kathmandu, Nepal www.mofa.gov.np Table of Contents Page No. INTRODUCTION .............................................................................. 1 1. HEAD OF MISSION ............................................................... 1 1.1 Granting of Agrément ..................................................... 1 1.2 Notification of Arrival .................................................... 2 1.3 Receiving upon Arrival ................................................... 2 1.4 Submitting copies of Letters of Credence (LoC) and Letter of Recall (LoR) to Chief of Protocol .................... 2 1.5 Presentation of Letters of Credence ................................ 2 1.6 Order of Precedence ........................................................ 3 1.7 Movement of Head of Mission, Termination of Duty and Notification of Departure ................................................ 3 1.8 Farewell Call/Luncheon/Dinner ...................................... 3 1.9 Demise of Ambassador en poste ..................................... 4 1.10 Chargé d' Affaires, en pied (e. p.) and Chargé d' Affaires, ad interim (a. i.) ............................................................... 4 1.11 Chargé d' Affaires, e. p. accredited as Head of Mission . 4 1.12 Designating Chargé d’ Affaires, a. i. by Ambassador .... 4 1.13 Appointment of Chargé d’ Affaires, a. i. ........................ 5 1.14 Absence of Chargé d’ Affaires, a. i. and appointment of
    [Show full text]
  • Contactless Smart Card 13.56 Mhz High Frequency Technology
    A SMART CARD ALLIANCE ACCESS CONTROL COUNCIL RESOURCE Access Control Reader and Credential Architecture and Engineering Specification: Contactless Smart Card 13.56 MHz High Frequency Technology Version Number: 1.0 Publication Date: April 2015 Publication Number: ACC-15001 Smart Card Alliance 191 Clarksville Rd. Princeton Junction, NJ 08550 www.smartcardalliance.org About the Smart Card Alliance The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology. Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.smartcardalliance.org. Disclaimer: The Smart Card Alliance has used best efforts to ensure, but cannot guarantee, that the information described in this report is accurate as of the publication date. The Smart Card Alliance disclaims all warranties as to the accuracy, completeness or adequacy of information in this report. This publication does not endorse any specific product or service. Product or service references are provided to illustrate the points being made. Smart Card Alliance 2 Access Control Reader and Credential A & E Specification: Annotated Version [Insert Project Name] Specification for Architects, Consultants, and Engineers Access Control A&E Specification ___[insert date]___ Contactless Smart Card 13.56 MHz High Frequency Technology [Sample] A & E Guide Specification for Architects, Consultants, and Specifying Engineers This document contains sample guide specifications for 13.56 MHz contactless smart card technology products.
    [Show full text]