Sorry, you need to enable JavaScript to visit this website.

Identity, Credential <span class="yellow">& Access Management</span>

  • Personal Identity Verification; HSPD-12; Zero Trust
  • Modern ICAM Solutions; FIDO; Federation; Single Sign On
  • Enterprise Logical and Physical Access Control
  • Public Key Infrastructure; Encryption and Digital Signature

There is a pressing need to secure federal physical and digital infrastructures and standardize secure access to them. Various government policies, including Homeland Security Presidential Directive (HSPD-12) and Office of Management and Budget (OMB) Memorandum M-19-17, drove the development of identity standards by the National Institute of Standards and Technology (NIST), notably the Federal Information Processing Standard (FIPS) 201 and Special Publication (SP) 800-63.

These initiatives ushered in the age of Personal Identity Verification (PIV) cards and Common Access Cards (CACs), which offer strong authentication options. More recently, FIDO Alliance passkey initiatives and the federal zero trust architecture (ZTA) initiative are further transforming federal authentication and authorization requirements.

Federal agencies face complex compliance challenges in this dynamic environment. Understanding the regulatory requirements is one hurdle, while security and privacy architecture development, implementation, and operation is another. Organizational change management is perhaps the greatest challenge of all when strengthening ICAM implementations.

Electrosoft possesses over 15 years’ experience in this highly specialized field – and a solid record of accomplishment. We are a respected HSPD/ICAM thought leader whose contributions include co-authorship of key NIST PIV publications; solution development and implementation in multiple federal agencies; and initiation and operation of the FIPS 201 Evaluation Program.

    Personal Identity Verification; HSPD-12; Zero Trust

    Electrosoft experts helped develop FIPS 201, the standard for the PIV card. We also co-authored many of the PIV-related technical guidelines including NIST SP 800-73, 800-79, 800-85A&B, 800-116, 800-156, 800-157, and 800-166. Since 2006, we have supported many federal agencies’ efforts to architect and build FIPS 201‒compliant HSPD-12 programs and PIV issuance capabilities. We continue to help agencies sustain and mature these programs.

    Electrosoft operates the FIPS 201 Evaluation Program Laboratory, testing a variety of ICAM products for compliance with federal policy. We maintain the FIPS 201 Approved Products List (APL) and develop ICAM playbooks to assist federal agencies in understanding and implementing policies and best practices.

    Our ZTA roadmap development efforts assure agencies comply with OMB, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, and Department of Defense guidance. Our growing expertise in ZTA uniquely qualifies us to help agencies understand, architect, and fully implement ZTA identity pillar requirements employing available technology and best practices.

    Enterprise Logical and Physical Access Control

    The Federal Identity, Credential and Access Management (FICAM) roadmap documents the intersection and interdependence of digital identities, credentials, and access control in a comprehensive management approach. Electrosoft’s logical and physical access system expertise enables us to assist customers in understanding the associated integration and configuration challenges and employ not just the best commercial products and data models but also develop and implement sound access policies, standardized naming conventions, and distributed provisioning/deprovisioning capabilities. 
     

    Electrosoft’s LACS and PACS implementations assure consistent, higher-level assurance identity authentication and policy-based access control across an enterprise. In addition, they provide increased protection over personally identifiable information (PII) and ease of user access management.

    Public Key Infrastructure; Encryption and Digital Signature

    Public Key Infrastructure (PKI) technology is the foundation of identity assurance and trust within the federal information technology environment. Our longstanding experience with PKI standards, products, and services enable us to help agencies leverage PKI technology to comply with federal mandates and solve business problems.

    Electrosoft PKI experts support the Federal PKI (FPKI) Policy Authority, helping to ensure that policies and practices support the needed level of trust and assurance within the federal identity ecosystem. We conduct PKI systems audits, including certification authorities and registration authorities, to confirm that technical configurations and operational procedures comply with the stipulations of the certification practices statement and other requirements. We use the X.509 certificate policies from the Department of Defense, the Federal Bridge Certification Authority, the Federal Common Policy Framework, and commercial entities.

    Our cryptographic solutions, using both symmetric and asymmetric techniques, address specific business issues such as securing customer data from unauthorized access, offering sender and/or source authentication, and ensuring data/message integrity.

    Modern ICAM Solutions; FIDO; Federation; Single Sign On

    With cyber criminals constantly seeking unauthorized access to federal systems and networks, user/device verification is essential. Electrosoft knows well the requirements governing federal digital authentication solutions. In fact, we co-authored two major governing documents: NIST SP 800-63-4 (digital identity services) and 800-157 (derived PIV credentials).

    We architect and implement both modern authentication solutions (FIDO and FIDO2) and traditional options (X.509v3 digital certificates, passwords, single and multifactor hardware authenticators, and one-time password solutions). We develop and implement enterprise ICAM platforms that support strong cloud-based authentication using a multitude of authenticators, identity federation, and single sign on capabilities. Our experience even extends to solutions that monitor and manage the appropriate level of access privileges for standard as well as privileged users.

    Our digital identity solutions support:

    • Reduced credential management cost
    • Increased identity assurance
    • Secure information sharing beyond organizational boundaries
    • Greater accessibility of user attributes for authorization decisions
    • Simplified log-in experience

    RELATED CASE STUDIES

    RELATED CLIENTS

    Top