Definition Edit

Two-factor authentication using HSPD-12 is

two-factor authentication based on standard technologies through the use of Personal Identity Verification (PIV) cards. The PIV cards must be compliant with Homeland Security Presidential Directive 12 (HSPD-12) which mandates a Federal standard for secure and reliable forms of identification.[1]

Overview Edit

When Federal agencies use cloud services where authentication, encryption, and digital signatures services are provided, they are required to use two-factor authentication using HSPD-12. Two-factor authentication to gain access to a CSP environment using HSPD-12 provides various benefits that add heightened security to [U.S. federal] agency use of cloud services. These benefits include (but are not limited to):

When two-factor authentication is needed for cloud services, agencies are advised to include contract language requiring CSPs to use HSPD-12 compliant PIV cards. Such language would supplement the existing FAR requirements related to using the PIV card for contractor access.

References Edit

  1. Creating Effective Cloud Computing Contracts for the Federal Government, Best Practices for Acquiring IT as a Service, at 15-16.

Source Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.