Fandom

The IT Law Wiki

Homeland Security Presidential Directive 12

32,196pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Citation Edit

Homeland Security Presidential Directive 12 (HSPD-12): Policy for a Common Identification Standard for Federal Employees and Contractors (Aug. 2004) (full-text).

Overview Edit

This Directive establishes a mandatory, government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors to enhance security, increase governmental efficiency, reduce identity fraud, and protect personal privacy.

HSPD-12 applies to federal employees, contractors, and affiliates requiring long-term access to federal facilities and information systems in accordance with OMB Memorandum M-05-24. Applicability to affiliates, which may include foreign nationals and other parties, is an agency-level, risk-based decision.

HSPD-12 established control objectives for secure and reliable identification of Federal employees and contractors. These control objectives, provided in paragraph 3 of the directive, were:

(3) "Secure and reliable forms of identification" for purposes of this directive means identification that (a) is issued based on sound criteria for verifying an individual employee's identity; (b) is strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation; (c) can be rapidly authenticated electronically; and (d) is issued only by providers whose reliability has been established by an official accreditation process.

HSPD-12 directed the Department of Commerce to develop a Federal Information Processing Standards (FIPS) publication to define such a common identification credential. In accordance with HSPD-12, this standard (FIPS 201) defines the technical requirements for the identity credential that —

This standard defines authentication mechanisms offering varying degrees of security. Federal departments and agencies will determine the level of security and authentication mechanisms appropriate for their applications. This standard does not specify access control policies or requirements for Federal departments and agencies. Therefore, the scope of this standard is limited to authentication of an individual’s identity.

Also on Fandom

Random Wiki