Strong Authentication!
Begin with a focus for updating guidance (e.g. FIPS-201, NIST SP800-53) to call out for the use of strong authentication credentials (PIV, PIV-I, CAC) with mobile devices. Yes, the idea of attaching an additional device/sled to a mobile device in order to swipe,store, or scan your PIV/CAC card sounds cumbersome. But there is no reason why mobile devices can't be tapped to enable technologies such as cert-cloning/biometrics ...more »
Begin with a focus for updating guidance (e.g. FIPS-201, NIST SP800-53) to call out for the use of strong authentication credentials (PIV, PIV-I, CAC) with mobile devices.
Yes, the idea of attaching an additional device/sled to a mobile device in order to swipe,store, or scan your PIV/CAC card sounds cumbersome. But there is no reason why mobile devices can't be tapped to enable technologies such as cert-cloning/biometrics to provide mobile devices the functionality to work as a smart credentials themselves.
Authenticating the user AND the device will go a long way to unlocking the benefits of mobile such as app development for federal agencies, AND expansion of government services to a mobile platform.
Demand to expand strong auth to mobile devices in the government and private industry will provide a way!
« less full details »
Social Web