PROFESSIONAL SERVICES & CONSULTING
Trusted digital identities are one of the most important components to securing your digital and physical assets.
CertiPath, though its capacity as a trust framework provider, is uniquely positioned to assist both enterprise personnel and vendors better understand the role identity plays in the security and integrity of critical communications and resources. CertiPath’s team of subject matter experts is among the majority of authors, inventors and top practitioners in the emerging identity space and has consulted on products, processes, and policies for numerous high profile commercial and government entities.
THE SCOPE OF OUR PROFESSIONAL SERVICES HAVE INCLUDED:
- Application development leveraging Federal Information Processing Standard 201 (FIPS 201) conformant Personal Identity Verification (PIV) credentials and PIV Interoperable (PIV-I) credentials;
- Design and testing of Enterprise Physical Access Control Systems (E-PACS) and their secure use of PIV/PIV-I/CAC/CIV credentials;
- Public Key Infrastructure (PKI) and interoperability with the Federal PKI trust fabric;
- Facility compliance assessments against all “next generation” Federal physical security and identity management mandates.
- Security Policy Development: We develop, deploy, review, and enforce security policies that satisfy business objectives and government regulations.
- Security Requirements Traceability Matrix (RTM): We develop RTMs that trace requirements from source documents to test document.
- Security Architecture: We develop security architectures and conduct architecture reviews.
- Threats, Vulnerabilities, Risks, and Countermeasures: We identify principal threats that might be faced by the system; categorize vulnerabilities and residual risks; perform risk and vulnerability assessments; and identify and implement countermeasures.
Services include design, testing, and implementation capabilities for systems that leverage credentials and attribute based information. This includes applications
- FIPS 201
- PIV/PIV-I and PKI markets
- Identity Federation
Federated Trust offers a secure and efficient means of exchanging information – eliminating the costly and complex process of individually mapping PKI/hardware tokens and issuing project-specific credentials for every new customer, supplier, or partner.
The CertiPath Public Key Infrastructure (PKI) Bridge enables cross organizational trust for its members, who operate high assurance identity credentialing systems known as Enterprise PKI, and several of whom are providers of Personal Identity Verification – Interoperable (PIV-I) credentials to other organizations. This Bridged trust is characterized by a hub-spoke peer-to-peer environment where all of the members retain control over their individual trust domain policies and technical solutions, but agree to a common set of overarching requirements embodied in Federated Trust. Each member establishes parity with Federated Trust’s requirements, which in turn enables the trust between them.
As an alternative, for those organizations not interested in maintaining a distinct trust domain, CertiPath affords the option of electing to adopt the CertiPath policy and subordinating under the CertiPath Root. In this scenario, the member organization must operate its identity credentialing system in accordance with CertiPath’s policies.
CertiPath’s trust community extends beyond its own enterprise members to the U.S. Federal government via a Bridge-to-Bridge trust relationship between CertiPath and the U.S. Federal Bridge, which operates its own hub-spoke peer-to-peer environment for the U.S. Federal agencies. This hub-to-hub relationship enables inter-organizational trust between the members of the two Bridges.