FIPS-201 Failure

By Brian Rhodes, Published May 28, 2012, 08:00pm EDT (Info+)

The security market is hungry for money. With security budgets shrinking worldwide, any glimmer of untapped sales sends manufacturers and integrators scrambling. Nothing carries more impact that sweeping government regulations, and as a result, when FIPS-201 (PIV) demanded government entities reform their identity credential use, many providers jumped at the chance. Unfortunately, more than a decade later, the security industry is still waiting for race to begin.

In this update, we examine FIPS-201 intent, identify where it has gotten sidetracked, and discuss if it will ever be a significant source of security spending.

*******

****-*** **** ** *********** ******** *** logical *********** **** * ****** ******:

  • ******* ** **** *.* ******* ******* Workers *** ***********
  • ******* ******** ******** ** ************ ******* in******
  • ** ** * ***** ** ********** of ******** /***********

**** **********, *** ** ********** **** everyone * ***** ** ******. ***** multiple ******** ***** *** ****** [**** no ****** *********], ** ***** *** not **** *********** ******* [**** ** longer *********]. **** **** *** ********: "What **** *****?"

********

*** ********** ** ******* ******* ****-*** changes ** *** *** ** **** of ********* ** *** ********** ******. Rather, * **** ** ***** ******** have *********** ******** *******:

  • **** ********* ************* **** ****-*** *****:**** ****** *** ******* ** ** told *** ** ** *********.
  • ********** ********** ******** *** ******* **********:******* ******* ** ***** ** ********** plans ** *****.
  • ******** ******** *********** **********:********* *********** *** ******* *** ** be ******** *****.
  • ******** ********:******* **** ********** *********, ***** *** not ******** ** **** *******.
  • ** *********** ****** *******:***** ******* *** ** *** ** non-compliance, **** ********* *** ***********.

Market ******

* ***** ********** ** ***-************ *** *** ******* ****** ** a ***** **** *** ********** ** the ********** ********, *** ******* ******** prevented ** **** ***** * **** market ******.

*** *******, * ********* '******' ******** to ***** * '****** ****** *******' system ******* ** ****-*** ********* ** adopting *********** **** **** ******** ************* standards. ** *** ******* ****, **** requires * **** ** **** **** mandates * '****' ***** ***** * inches. ** ********, ****-*** ********** ********** requires * ************* '**** ****' ******* defined ******-***. ** ******* ********** ******, **** activity ***** ****** * **** ****** of ********** ********* ** '****' * credential.

***** ************ **** **** ********** ******** must ******* *** ****** ** **** range ********* ** ********* ********** ******* protecting ******* *****. ** ***** ** real *******, **** ***** * **** percentage ** *** ********* **** ******* must ** ********. **** **** *** even ******* *** **** ******** **** protection ************ ********** ** *** ****** control ****** ******, ***** *** **** to ** ************* ******* ** ******** replaced ** ****** *********.

** ***** ** *** *** ******** impact, ****-*** ********** *** *** ************ anything ****** *********** ******* ** **** applicable ****** ******* *******. ** ** therefore ********* ** ***** *** ******* effectiveness ** ****-***. ***** *********'* ****** is *****, *** **** *** ** made **** **** ************* *** ********* exist ** *** ******** ****** *** than ******.

Future ****** ******?

*** ****** **: **, *** ** the *** ** *** **** ********. The ****** ******* **** **** ** that '*** **** ****** **** *** horse'. ** ****** *** ********* *** security ****** ** ** ********** ***** directives, ** ******* *** *********** *** not ************ **** ********* **** **** be ********* **** *** **** ** spineless ***********. ***** ******, ********** ******** will *** ****** ** ***** ***** unless **** *** ****** ** ** shown * ******** ****** ** *** expense. *** ****, ****-*** ********** ****** becomes ******* ***** *** ** *** '5-Year ********* ****' ** ** ********* at * ***** ****.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports