trust - HID Global · easier to deploy solutions to address continually evolving threats to...
Transcript of trust - HID Global · easier to deploy solutions to address continually evolving threats to...
Governments around the world are mandating increased levels
of security to counter the increasingly sophisticated and complex
attacks on computer systems and facilities. To comply with these
new regulations, security solutions need to enable agencies and
organizations to prove and establish trust in the identities accessing
their network, applications, buildings and other resources.
Throughout the industry, compliance with open standards such as FIPS 201
and Global Platform are driving new products that offer cost effective and
easier to deploy solutions to address continually evolving threats to critical
cyber and physical infrastructures.
Only ActivIdentity, part of HID Global, trusted leader in solutions for the
delivery of secure identity, has the technology expertise to offer a complete
Identity Assurance solution, from the reader and smart cards to the
appliance and authentication software.
Currently, we work with more than 200 local, state, federal and
international government agencies in the U.S., Europe, Asia, Australia and
beyond. In fact, to date, millions of government employees are carrying and
using security credentials issued by ActivIdentity solutions. Cost-effective
and highly secure, ActivIdentity’s Credential Issuance and Verification
solutions comply with stringent government regulations. They provide the
right level of security, at an appropriate cost, to deliver secure access to
multiple physical and logical assets across agencies for government and
non-government employees.
The ActivIdentity Certificate-based Credential Issuance and Verification Solution
is comprised of a series of interoperable products. Government agencies can
select one or more of these products to create a solution that meets their
specific Identity Assurance requirements, mandates, and use cases.
Benefits
• Enhanced productivity by providing a single platform to issue and manage devices and credentials
• Scales to support very large user populations
• Proven technology that has been leveraged by the most security-minded agencies worldwide to issue and verify hundreds of millions of credentials
• Appliance option that reduces deployment time and costs
• Compliance with stringent government and industry standards including U.S. Federal FIPS 201 for Personal Identity Verification (PIV) credentials
• Enforcement of logical security policies for local, remote and smartphone mobile access
• Upgrades existing physical access control systems (PACS) to authenticate credentials at full range of assurance levels
ActivIdentity Certificate-based Credential Issuance and Verification
Government Credential Management. Complete. Secure. Interoperable.
SOS
OL
UT
ION
OV
ER
VIE
W
security
trustcompliance
confidence
expertise
Key Solution Components
• 4TRESS Authentication Appliance provides a complete multi-layered versatile strong authentication solution to secure access conveniently and cost-effectively
• ActivID Credential Management System (CMS) issues and provides full life cycle management of certificate-based credentials
• ActivClient and ActivClient Mobile verify credentials for logical access on computers and smartphones
• ActivEntry upgrades physical access control systems to verify credentials across the full range of assurance levels
• ActivEntry Mobile provides for mobile verification of credentials and associated attributes
Complementary Solution Components
• CoreStreet® Validation Authority enables the validation of credential status via OCSP
• CoreStreet Path Builder enables the validation of credential trust and status via SCVP
• CoreStreet Attribute Authority enables the verification of attributes associated with credentials
Register and Enroll Identity: The ActivID™ Identity Registration System is
a FIPS 201 compliant solution that enables sponsorship, enrollment and
adjucation of applicants. The solution can enroll the applicant’s biographic,
biometric, and capture the applicant’s physical ID (with optional advanced
hardware) as well as perform background checks with external identity
proofing systems (e.g., government Automated Fingerprint Identification
Systems [AFIS]).
Issue and Manage Credentials: The ActivID Credential Management
System (CMS), and CMS Appliance, are reliable, proven, and extensible
solutions that enable government customers to quickly and easily issue
and manage digital credentials on devices such as cards, tokens, and
smartphones, for secure access to PCs, Windows login, cloud applications,
remote access and building facilities.
The CMS Appliance manages credentials throughout their lifecycle,
updating users’ access in real time without additional cost and resources.
Government contractors can quickly and easily obtain PIV-I cards through
the HID-PIV Service for access to government facilities and networks, as
well as meet compliance mandates regarding the protection of classified
information.
Scales for Large User Populations: An add-on Batch Management
System (BMS) module enables communication with a service bureau for
the personalization and encoding of smart cards in centralized high-volume
card production environments. The CoreStreet Validation Authority and
CoreStreet Path Builder products expand the solution for large user
populations and enable inter-agency trust for federated environments. The
CMS API enables integration to systems such as IDMS or other databases
to create seamless, operationally efficient solutions.
Easy to Deploy: The CMS Appliance is delivered preconfigured, which
significantly reduces deployment time and costs, and ensures a best-
practice deployment. The value of credentials is closely tied to their range
of use cases across interoperable systems, the multiple levels of assurance
they enable, and their compliance with standards. ActivIdentity ActivID
products deliver a full range of use cases for logical and physical access, support
all assurance levels, and are fully compliant with government standards including
FIPS 201 and Global Platform.
Logical Access Verification: ActivClient™ and ActivClient Mobile help government
agencies comply with regulations and manage the risk of unauthorized access
to computers, networks and smartphones for employees working in the office,
remotely or via mobile devices. This capability enables agencies to use strong
authentication, encryption, and digital signatures to protect high-value resources
and communications. 4TRESS Authentication Appliance provides complete,
multi-layered, versatile strong authentication so government agencies can
secure access conveniently and cost-effectively. More than 20 versatile
authentication methods enable organizations to address each user group’s
business needs, while optimizing the balance between security, convenience and
cost. 4TRESS Authentication Appliance can also enable strong authentication to
cloud applications. Government agencies can choose the authentication method
that is most appropriate for each application.
Physical Access Verification: ActivEntry and ActivEntry Mobile help government
agencies upgrade and extend physical access control to comply with mandated
standards at fixed door readers and mobile checkpoints, respectively.
Remarkably, only ActivIdentity offers a complete Credential Issuance and
Verification solution that is compliant, scalable, secure, simple to implement,
and based on open standards.
Why ActivIdentity?
ActivIdentity, part of HID Global, is a leading provider of secure identity solutions,
enabling organizations to establish trust in online identities. For over 20 years,
ActivIdentity has been helping enterprise, government and financial service
organizations meet their information security and compliance requirements.
That’s why more than 2,500 of the most security conscious customers around
the globe trust ActivIdentity for their secure identity needs. HID Global and
ActivIdentity are committed to continually enhancing customer value through
secure identity solutions that drive down costs, are easy to use, and increase
end user and administrative convenience.
Trusted by hundreds of government agencies worldwide including
• U.S. Department of Defense
• U.S. General Services Administration
• U.S. Department of Energy
• U.S. Department of Veterans Affairs
• U.S. Department of Health and Human Services
• NASA
• U.K. Metropolitan Police
• State of Colorado
• Queensland Department of Transportation
“The decision to select ActivIdentity
was based on their proven track
record in large-scale Identity
Assurance deployments, a highly
configurable, full-featured smart
card management system, and long-
term support for open standards.”
– Cathi Taylor, Chief Information
Officer, Queensland Department
of Transportation
Certificate-based Credential Issuance and Verification Overview
user
enrollment
certificate authority credential device options
credential statusand trust check
built on open standardsvalidationauthority
pathbuilder
CoreStreet
attributeauthority
ISSUE
credentials to users
* Previously calledFIPS-201 F5 Solution
** Previously calledPIVMAN Solution
USE
logical access verification
physical access verification
ActivID CardManagement
System (CMS)
Compliance and Risk Management
Was the credential issued to this user?Was it copied or cloned?
Is it counterfeit?Is it still valid?
Do I trust the issuer?
ActivIdentityProducts
4TRESS Authentication
Server (AS)
ActivID CMS Appliance
smart card
USB token
ActivClient
LAN access
web access
VPN access
digital signature
card management
application access
ActivClient Mobile
ActivEntry*fixed reader access control
mobile reader access controlActivEntry Mobile**
smartphone
SO0212V02
Americas +1 510.574.0100
US Federal +1 510.574.0100
Europe +33 (0) 1.42.04.84.00
Asia Pacific +61 (0) 2.6208.4888
Email [email protected]
Web www.actividentity.com
About ActivIdentity
ActivIdentity, a global leader in identity assurance, enables customers to prove and establish
trust in a person’s identity when accessing resources on the network. The business’s
strong authentication and smart card solutions are relied upon by more agencies, including
the U.S. Department of Defense, than any other provider, and has issued more than 100
million credentials to enterprise, government and commerce customers. ActivIdentity is
headquartered in Silicon Valley, California. ActivIdentity is part of HID Global, an ASSA ABLOY
Group brand. For more information, visit www.actividentity.com
Copyright © 2012 ActivIdentity. All rights reserved. ActivIdentity and 4TRESS are trademarks of ActivIdentity. All other trademarks, trade names, service marks, service names, and images mentioned and / or used herein belong to their respective owners.
Follow Us On: