Electrosoft experts helped develop FIPS 201, the standard for the PIV card. We also co-authored many of the PIV-related technical guidelines including NIST SP 800-73, 800-79, 800-85A&B, 800-116, 800-156, 800-157, and 800-166. Since 2006, we have supported many federal agencies’ efforts to architect and build FIPS 201‒compliant HSPD-12 programs and PIV issuance capabilities. We continue to help agencies sustain and mature these programs.

Electrosoft operates the FIPS 201 Evaluation Program Laboratory, testing a variety of ICAM products for compliance with federal policy. We maintain the FIPS 201 Approved Products List (APL) and develop ICAM playbooks to assist federal agencies in understanding and implementing policies and best practices.

Our ZTA roadmap development efforts assure agencies comply with OMB, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency, and Department of Defense guidance. Our growing expertise in ZTA uniquely qualifies us to help agencies understand, architect, and fully implement ZTA identity pillar requirements employing available technology and best practices.

The Federal Identity, Credential and Access Management (FICAM) roadmap documents the intersection and interdependence of digital identities, credentials, and access control in a comprehensive management approach. Electrosoft’s logical and physical access system expertise enables us to assist customers in understanding the associated integration and configuration challenges and employ not just the best commercial products and data models but also develop and implement sound access policies, standardized naming conventions, and distributed provisioning/deprovisioning capabilities.   

Electrosoft’s LACS and PACS implementations assure consistent, higher-level assurance identity authentication and policy-based access control across an enterprise. In addition, they provide increased protection over personally identifiable information (PII) and ease of user access management.

Public Key Infrastructure (PKI) technology is the foundation of identity assurance and trust within the federal information technology environment. Our longstanding experience with PKI standards, products, and services enable us to help agencies leverage PKI technology to comply with federal mandates and solve business problems.

Electrosoft PKI experts support the Federal PKI (FPKI) Policy Authority, helping to ensure that policies and practices support the needed level of trust and assurance within the federal identity ecosystem. We conduct PKI systems audits, including certification authorities and registration authorities, to confirm that technical configurations and operational procedures comply with the stipulations of the certification practices statement and other requirements. We use the X.509 certificate policies from the Department of Defense, the Federal Bridge Certification Authority, the Federal Common Policy Framework, and commercial entities.

Our cryptographic solutions, using both symmetric and asymmetric techniques, address specific business issues such as securing customer data from unauthorized access, offering sender and/or source authentication, and ensuring data/message integrity.