Since 2006, Electrosoft has helped numerous Federal customers with HSPD-12 compliance and personal identity verification (PIV) card implementations. Furthermore, Electrosoft has helped develop significant sections of FIPS 201 and our employees are named co-authors on nearly every PIV-related NIST guideline including SPs 800-73-4, 800-79-2, 800-85A&B-4,800-116 Rev 1, 800-156, 800-157 and 800-166. We developed and operated the GSA FIPS 201 Evaluation Program Laboratory for six years and were instrumental in adding hundreds of products to the FIPS 201 Approved Products List (APL). We supported many Federal agencies relative to HSPD-12 and PIV issuance capabilities and performed independent assessments of PIV issuance capabilities for several others.

We play an important role in helping agencies understand, implement and comply with HSPD-12, FIPS 201 and related Special Publications and OMB memoranda. We work with agencies to develop plans, policies, procedures, architectures and implementation strategies for PIV card issuance as well as PIV card integration with logical and physical access control systems.

The intersection of digital identities (and associated attributes), credentials (including PKI, PIV, and other authentication tokens) and access control in one comprehensive management approach is made official by the formalization of their interdependence in the Federal Identity, Credential and Access Management (FICAM) roadmap. Based on our experience with implementing logical and physical access systems, we can help our customers understand the integration and configuration challenges faced when performing such deployments. 

The integration of physical and logical access control systems (LACS and PACS) requires in-depth knowledge of the components and data models. Electrosoft knows the inner workings of such systems well. Our preferred vendor is the Oracle Identity and Access Management Suite; we also are resellers of the Quantum Secure physical access solution.

A logical and physical access control implementation reaps many benefits. One of the most important is increased protection over personally identifiable information (PII). Electrosoft consolidates and secures identity data by locating it, improving access controls, proliferating the use of encryption and automating provisioning processes.

Our experience with Public Key Infrastructure (PKI) technology products, including certification authorities, directories, validation authorities and Online Certificate Status Protocol (OCSP) responders, enables us to understand the technical implementation of complex PKI systems developed from various components. We conduct audits of PKI systems, including certification authorities and registration authorities, to confirm that the technical configuration and operational procedures comply with the stipulation of the certification practices statement and other requirements documents. We comply with the Federal Triennial Compliance Audit Requirements and perform initial audits, first year audits or triennial audits. We also perform zero-day audits of pre-operational systems and witness key generation ceremonies. We develop Certificate Policy Traceability Analysis to ensure that certification practice statements correctly conform to the required certificate policy. We use the X.509 certificate policies for the DoD, the Federal Bridge Certificate Authority, the common Federal policy, and several policies from commercial entities.

Electrosoft’s customers benefit from the experience and expertise we’ve gained by helping large aerospace and defense organizations deploy Identity Federation on programs involving thousands of participants, spread across hundreds of organizations and operating in multiple countries. Electrosoft develops specifications to enable the technical interoperability between organizations and to allow participants to trust each other’s operations.

Our customers benefit from our Identity Federation solutions by:

• Reducing the costs of credential management
• Increasing the identity assurance of end users
• Sharing information beyond organizational boundaries
• Increasing the accessibility of user attributes required for authorization decisions
• Simplifying the log-in experience for end users

Electrosoft works with customers to design, implement and operate cryptographic solutions that address specific business problems. We apply encryption technology to protect customer data from unauthorized access and digital signature technologies to provide sender and/or source authentication and data/message integrity. We use both symmetric and asymmetric cryptographic techniques to enable online business functions and services.