What you need to know about PIV

If you don't do work with the federal government, should you care about what's going on with PIV (Personal Identity Verification) credentials? Isn't it just a credential that government agencies are required to use for access control?

PIV may not be moving into the private sector as rapidly as some proponents predicted years ago, but there is movement in that direction. Rob Zivney of Identive Group, David Belchick of Citibank, and Don Erickson, CEO of SIA, did a great educational session at TechSec this year about how PIV, the PIV-I (PIV-Interoperable) and CIV (Commercial Identity Verification) are moving into the private sector and how integrators can and should take advantage of this opportunity. (I'm working on a story for next week about that discussion).
 
But there was more information released today by the Smart Card Alliance Identity Council and Access Control Council, which I'll be taking a look at and maybe you'd like to check out as well.

The groups released a white paper about PIV-I deployments at Booz Allen Hamilton; SAIC; XTec Incorporated; and the Commonwealth of Virginia. They also released a brief with general information and comparisons of the credentials. Both can be downloaded at the Smart Card Alliance website.

If you're attending ISC West, you can learn more at a workshop "Standards-Based Secure Identity Credentials: Leveraging the Personal Identity Verification (PIV) Specifications for Commercial Credentialing Programs," on March 27th from 8:00 a.m. to 5:15 p.m. in Sands Room 104. Registration is available on the workshop webpage at http://www.smartcardalliance.org/secureid.