Smart cards pass NIST security test
- By Diane Frank
- May 22, 2000
Datakey Inc. last week announced that its model 330 smart card is among
the first smart cards to earn the high-level security standard validated
by the National Institute of Standards and Technology.
All government agencies are required to use only cryptography products
that are validated under the NIST Federal Information Processing Standard
140-1. The Level 2 validation earned by Datakey's model 330 smart card means
the card will protect unclassified information by providing role-based authentication
and evidence of tampering. Spyrus Inc.'s Rosetta Smart Card Version 2.01
also earned Level 2 validation.
Datakey's 330 smart card is part of the company's public-key infrastructure
(PKI) solution called SignaSURE Cryptographic Interface Provider. It uses
the Datakey Cyptographic Card Operating System to create a user's key directly
on the card every time the card is used and can be used as the authentication
for many PKI-enabled applications.
Perhaps most important for federal agencies, Datakey is one of the smart
card providers that works with all three prime contractors on the General
Services Administration's Access Certificates for Electronic Services contract.
ACES is designed to provide PKI products and services — including digital
certificates with the cryptographic keys stored on smart cards — that can
be used by any agency that has signed on to the program. Datakey has also
partnered with the contractors serving as Interim External Certificate Authorities
on the Defense Department's PKI program.