Chapter 9. Authentication and Interoperability

Red Hat Enterprise Linux 6.2 includes identity management capabilities that allow for central management of user identities, policy-based access control and authentication services. This identity management service, previously referred to as IPA, is based on the open source FreeIPA project. These services have been present as a Technology Preview in previous Red Hat Enterprise Linux 6 releases. With this release, identity management has been promoted to fully supported.

Support for smart cards with a PIV (Personal Identity Verification) interface has been added in Red Hat Enterprise Linux 6.2. It is now possible to use FIPS 201 compliant PIV cards that allow for secure use of data. PIV cards enable confidentiality of data by restricting access to the card holder. They also ensure data integrity by allowing only the card holder to make modifications. They guarantee the authenticity of the information and prevent non-repudiation of data. The use of PIV cards is mandated by the U.S. Homeland Security Presidential Directive 12 (HSPC-12) which requires the use of this type of technology to gain access to all government IT systems.