CertiPath to Provide PIV-I Testing for Identity Credentials

HERNDON, Va., Dec. 7, 2010 /PRNewswire/ -- CertiPath, the trusted credentialing authority for high-assurance identities is partnering with the U.S. Federal PKI Policy Authority to conduct the testing of PIV-I (Personal Identification Verification-Interoperability) credentials, used for both physical and logical access.  

(Logo: http://photos.prnewswire.com/prnh/20100218/NE57139LOGO )

PIV-I credentials allow non-Executive Branch federal employees; customers and partners; first responders; and state and local officials to access facilities and systems, to which they have explicitly been granted access, using their own, single identity credentials. The number of credentials that ultimately will be issued is expected to be exponential: in 2009, the U.S. Dept. of Homeland Security conservatively estimated there were 25.3 million first responders who might require PIV-I credentials. Multiplying that estimate by all the other parties eligible for access with PIV-I credentials and the resulting proliferation of credential issuers that will supply the badges, the need to ensure that these systems meet the standards required in highly sensitive environments becomes immediately apparent.  

CertiPath introduced the architecture and operational systems for a single credential that can provide secure access and interoperability for employees, customers and partners in 2009. It now applies that experience and expertise to vet and validate that issuers' credentials meet the PIV-I standard.

"PIV-I represents a major breakthrough in identity management and access control," said Jeff Nigriny, president of CertiPath. "We're extremely pleased to play a role in bringing the promise into reality -- by ensuring that all the keys -- the credentials, work with all the locks -- the physical access systems."

Credential issuers who apply at the PIV-I level of assurance with CertiPath Bridge or the U.S. Federal Bridge, operated by the GSA, must submit a sample credential for evaluation and testing in a real-world configuration. Applicants can expect testing to be complete in less than a week. This partnership between CertiPath and the Federal PKI Policy Authority, provides technical credential conformance testing for both bridges, and ensures a more consistent result will be achieved -- the literal definition of interoperability.

Once certified as PIV-I, commercial issuer applicants can sell these credentials as approved by both the U.S. Federal Bridge and the CertiPath Bridge communities. To date, the companies that have applied include Citibank, Digicert, Entrust, ORC -- Widepoint, VeriSign and Verizon.

CertiPath operates the secure information-sharing bridge for the aerospace and defense industry, which is cross-certified with the U.S. Federal Bridge. In 2007, the company recognized the need for a single-credential system for managing physical and logical identity authentication and access control, and began working with the GSA's Office of Technology Strategy to design and oversee the implementation of such a system. The result: a converged architecture that eliminates the need to physically issue visitor passes and allows certainty that each visitor is still employed and in good standing with his employer -- was demonstrated in February 2010. A case study on the demonstration can be found here.

About CertiPath

CertiPath provides the aerospace and defense industry's only public key infrastructure (PKI)-based communications bridge where information can be shared widely, securely, effectively and affordably between partners, suppliers and customers -- regardless of the size and scope of the supply chain.

CertiPath's solution tears down the burdensome and costly company, employee and program-centric approaches to identity assurance. Today, organizations in the U.S., U.K. and Europe including Boeing, BAE Systems, EADS, Lockheed Martin, Northrop-Grumman, Raytheon and the U.S. Federal Bridge (FBCA) are members of this fast-growing community. For more information, visit CertiPath on the web at http://www.certipath.com.

All product and company names herein may be trademarks of their registered owners.

SOURCE CertiPath