Services
Home >Services
PROFESSIONAL SERVICES AND CONSULTING
Trusted digital identities are one of the most important components for securing an organization’s digital and physical assets.
In its capacity as a trust framework provider, CertiPath is uniquely positioned to help enterprise personnel and vendors better understand the role identity plays in the security and integrity of critical communications and resources. CertiPath’s team of subject matter experts includes authors, inventors, and top practitioners in the emerging identity space. The team consults on products, processes, and policies for numerous high-profile commercial and government entities.
OUR PROFESSIONAL SERVICES INCLUDE THE FOLLOWING KEY ENGAGEMENTS:
- Application development leveraging Federal Information Processing Standard 201 (FIPS 201) conformant Personal Identity Verification (PIV) credentials and PIV-Interoperable (PIV-I) credentials
- Designing and testing Enterprise Physical Access Control Systems (E-PACS) and their secure use of PIV/PIV-I/CAC/CIV credentials
- Activities leveraging CertiPath’s Public Key Infrastructure (PKI) expertise, including PKI interoperability with the Federal PKI trust fabric; CertiPath operates a bridge certification authority (CA) that is cross-certified with the Federal Bridge and has supported the CA owner/operator FPKI Annual Review process for a federal client
- Performing facility assessments to measure compliance with all next generation federal physical security and identity management mandates
- Developing, deploying, reviewing, and enforcing security policies that satisfy business objectives and government regulations
- Developing security Requirement Traceability Matrixes (RTMs) that trace requirements from source documents to test documents
- Developing security architectures and conducting architecture reviews
- Conducting IT security threat, vulnerability, risk, and countermeasure operations: We identify principal threats that systems might face, categorize vulnerabilities and residual risks, perform risk and vulnerability assessments, and identify and implement countermeasures
- Conducting and supporting system and subsystem testing
- Writing and maintaining playbooks on FICAM implementation
- Performing FICAM segment architecture compliance assessments: We provide services that meet FICAM requirements, including PIV issuance, key military and commercial security guidelines, federal directives, and guidance or instructions
SERVICES WE PROVIDE
Services include design, testing, and implementation capabilities for systems that leverage credentials and attribute-based information. This includes applications focused on:
- HSPD-12
- FIPS 201
- FICAM
- PIV/PIV-I and PKI markets
- E-PACS
- Identity federation
Federated Trust
Federated trust offers a secure and efficient means of exchanging information. It eliminates the costly and complex process of individually mapping Public Key Infrastructure (PKI)/hardware tokens and issuing project-specific credentials for every new customer, supplier, or partner.
The CertiPath PKI Bridge enables cross-organizational trust for its members, who operate high-assurance identity credentialing systems known as Enterprise PKI; several members provide Personal Identity Verification-Interoperable (PIV-I) credentials to other organizations. This bridged trust is characterized by a hub-spoke peer-to-peer environment in which all members retain control over their individual trust domain policies and technical solutions but agree to a common set of overarching requirements embodied in federated trust. Each member establishes parity with federated trust’s requirements, which in turn enables the trust between members.
As an alternative, for those organizations not interested in maintaining a distinct trust domain, CertiPath provides the option of electing to adopt the CertiPath policy and subordinating under the CertiPath Root. In this scenario, the member organization must operate its identity credentialing system in accordance with CertiPath’s policies.
CertiPath’s trust community extends beyond its own enterprise members to the U.S. federal government via a bridge-to-bridge trust relationship between CertiPath and the U.S. Federal Bridge, which operates its own hub-spoke peer-to-peer environment for the U.S. federal agencies. This hub-to-hub relationship enables inter-organizational trust between the members of the two bridges.
Physical Access
CertiPath’s physical access assistance supports key stakeholders with services designed to achieve the highest level of assurance in PKI-based PACS, including requirements analysis, implementation assurance, program management, product certification, design services, and partner certification.
For enhanced PACS security, we recommend TrustZero™, a highly sophisticated PACS interface to CertiPath’s cloud-based credential validation platform. Leveraging the credential validation technology behind TrustMonitor™, TrustZero provides a single network location to respond to all validation queries for all credentials within a trust federation such as the federal government. When paired with TrustMonitor Enterprise, it can provide this same validation for internal credential authorities serving local trust credentials, non-person entities, and IoT devices.
System Design Services
CertiPath’s experienced personnel include authors, inventors, and top practitioners in the emerging identity space. Our subject matter experts apply hands-on knowledge to create systems that leverage PIV and other high-assurance credentials in all application spaces, including E-PACS, federation, and logical access
As leaders in the HSPD-12, FIPS 201, FICAM, PIV/PIV-I, and PKI markets, we know of areas where the technology presents operational challenges to applications that use PIV/PIV-I credentials. CertiPath places great emphasis on addressing operational challenges by providing services that solve these challenges head-on. We offer strategic services that can greatly enhance the cybersecurity posture of the federal enterprise and commercial entities.