Goepling-appears the govt. is still heading our way-Nice Find!
I like this part:
The introduction of the PIV card in the Federal government will inevitably result in a number of cultural and technical evolutions over the coming year.
Here is where we anticipate major changes:
--The Fall of the Flashpass – One of the biggest advantages of FIPS 201 is the ability to use PIV cards across agencies with a low risk of fraud. This is done through electronic authentication (such as certificate checks and biometric matching), as well as a standard topology. However, the reliance on topology (flashpass) will be phased out as these more secure means of authentication are utilized. With the implementation and/or upgrade of sophisticated physical access control systems as well as stand along PIV credential authentication workstations in the coming year, the number of locations where a visual inspection of the card alone will suffice for access will diminish significantly.
--Cross Agency Authentication and Interoperability – The use of the PIV credential in the logical world is setting a new trend as the ability to recognize and interact with card holders from other agencies becomes possible. The capability to protect data in transit and at rest will significantly reduce the liability faced by the government from incidents such as the data loss by Veterans Affairs this year. We can expect the widespread use of local data encryption and encrypted communications facilitated by PIV credentials in the daily processes of Federal agencies by the end of 2007.
--Beyond the Federal Government – Although the Federal government is the only organization required to meet this standard, PIV cards are becoming a defacto standard for other organizations looking to promote interoperability with the federal government and increase security through implementation of standards like FIPS 201. We anticipate that the next year will bring functional pilots and full implementations of PIV card systems in the first responder/state and local community. It will also likely see capability demonstrations of PIV standard or near PIV standard credentialing in state governments, corporations, education, banking, and the IT industry. We see the potential for non-federal organizations issuing their own credentials that meet FIPS-201 requirements, which are recognized and accepted by the Federal government in some circumstances, such as disaster response.
What has started as an upgrade to security is rapidly becoming a major paradigm shift in the operations of the Federal government. Many of the business process changes of the coming years will start to become apparent over the next year as the government raises the bar on trust, assurance, and identity protection.
AI
