System Design Services
PROFESSIONAL SERVICES
CertiPath’s personnel are among the majority of authors, inventors and top practitioners in the emerging space leveraging PIV in in all application spaces: E-PACS, Federation, Logical Access. As leaders in the HSPD-12, FIPS 201, FICAM, PIV/PIV-I and PKI markets, there are areas where the technology presents operational challenges to applications that leverage PIV/PIV-I credentials. CertiPath has placed a great emphasis on addressing operational challenges by providing services that solve these challenges head-on. CertiPath offers strategic services that have the potential to greatly enhance the CyberSecurity posture of the Federal enterprise.
These services include:
- Application development leveraging Federal Information Processing Standard 201 (FIPS 201) conformant Personal Identity Verification (PIV) credentials and PIV Interoperable (PIV-I) credentials;
- Design and testing of Enterprise Physical Access Control Systems (E-PACS) and their secure use of PIV/PIV-I/CAC/CIV credentials;
- Public Key Infrastructure (PKI) and interoperability with the Federal PKI trust fabric;
- Facility compliance assessments against all “next generation” Federal physical security and identity management mandates
- Security Policy Development: We develop, deploy, review, and enforce security policies that satisfy business objectives and government regulations
- Security Requirements Traceability Matrix (RTM): We develop RTMs that trace requirements from source documents to test document
- Security Architecture: We develop security architectures and conduct architecture reviews
- Threats, Vulnerabilities, Risks, and Countermeasures: We identify principal threats that might be faced by the system; categorize vulnerabilities and residual risks; perform risk and vulnerability assessments; and identify and implement countermeasures
- Testing: We support system and subsystem testing
- FICAM Segment Architecture compliance assessments: We provide services that meet FICAM requirements, inclusive of PIV issuance, key military and commercial security guidelines, Federal directives, and guidance or instructions