Welcome!

API Journal Authors: Craig Lowell, Pat Romanski, Liz McMillan, Rishi Bhargava, Elizabeth White

News Feed Item

Tough, Tested and Certified - Entrust's PIV Smartcards Earn Pair of Trusted FIPS Certifications

Entrust's new certifications demonstrate interoperability, compatibility with strict NIST standards

DALLAS, Feb. 12, 2013 /PRNewswire/ -- Entrust Inc. finalized a pair of government approvals with FIPS 201 and FIPS 140 certifications for the company's PIV smartcard credential technology, which was reviewed, tested and certified by the National Institute of Standards and Technology (NIST).

These strict certifications demonstrate interoperability with established NIST standards, making them more reliable for governments, private organizations, banks or enterprises deploying security solutions in multivendor environments. To ensure a seamless deployment, many organizations will only purchase solutions that carry certain certifications.

"These certifications demonstrate Entrust's ongoing commitment to high security standards, particularly for large-scale identity authentication and credentialing interoperability," said Entrust President and CEO Bill Conner. "This achievement provides organizations across the world the assurances they need to deploy Entrust solutions and services with confidence and unwavering trust."

Based on strict standards set by the U.S. government, these certifications help ensure interoperability by vetting protocol conformance for smartcards (FIPS 201) and testing cryptography strengths (FIPS 140). These approvals complement and support Entrust's existing Common Criteria EAL 5 certification.

Reviewed by the NIST Personal Identity Verification (PIV) Platform Validation Authority, FIPS 201 certification focuses on interoperability between the PIV application and other parts of the PIV solution, including physical access readers and logical access clients. The strict certification also verifies the smartcard can withstand many years of rigorous wear and tear (e.g., being in a wallet or attached to a lanyard). To address the aspect of physical durability, Entrust relies upon advanced third-party antenna designs that support extended lifespans.

FIPS 140 certification ensures a given solution meets or exceeds U.S. government security standards that specify requirements for cryptography modules and physical tamper-resistance. An example includes testing the elliptic curve cryptography (ECC) implementation used within the solution.

The PIV standard outlines tested and approved systems that support a common smartcard-based platform for managing the identity, and then using that identity for digital signatures, encryption and authentication to multiple types of physical and logical access environments. Smartcards carry and manage the digital identity of the cardholder, protecting the theft of the identity through sophisticated hardware technology.

Entrust also includes additional extensions that enable a new level of customization and versatility within a private environment. Two of the more requested capabilities include PIN unblocking and the ability to execute over-the-air (OTA) tasks on mobile devices. All extensions are configurable and add convenience and customization unrivaled in the market.

"Entrust has long been committed to providing credentialing solutions that are compliant to the necessary PIV standards," said Conner. "Adding additional capabilities and conveniences, however, provides organizations unmatched versatility to achieve identity-based security standards that are a perfect match for their organization and overall goals."

Entrust has established relationships with a leading smartcard vendor to offer PIV credentialing solutions for state governments, private sectors and other non-federal organizations who need identity credentials that are issued in a manner that facilitates trust and technical interoperability with the U.S. federal PIV smartcard standard. Entrust smartcard solutions leverage the latest chip technology for fast, secure performance.

For upgrading organizations, Entrust incorporates advanced technology to allow for easy migration away from outdated legacy systems by simultaneously supporting old and new technology.

For additional convenience, Entrust also provides organizations a PIV-compatible credential that may be placed directly on mobile devices. Entrust's Mobile Smart Credential technology provides PIV authentication, encryption and digital signing without incurring typical deployment costs (e.g., card production and shipping). When the Entrust Mobile Smart Credential application is downloaded from the Apple, Google Play or BlackBerry application stores, and personalized with an identity, it is designed to mirror the behavior of a standard PIV smartcard.

Entrust is one of only a handful of PKI vendors approved to issue digital certificates for U.S. departments and agencies through the Shared Service Provider (SSP) and Federal Bridge CA programs. In addition, Entrust provides the digital certificates for all agencies who receive PIV credentials, from the General Services Administration (GSA), via the USAccess program.

Created by the U.S. NIST, the Federal Information Processing Standards (FIPS) outline general requirements for cryptographic modules within computer and telecommunication systems. A cryptographic module is defined as any combination of hardware, firmware or software that implements cryptographic functions such as encryption, decryption, digital signatures, authentication techniques and random-number generation.

An agency of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. Founded by Congress in 1901, the agency was established to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

Common Criteria certification is recognized globally by many national governments including the United States, Canada, United Kingdom, Germany, France, Italy, Netherlands, Israel, Spain, Japan, Australia and New Zealand. The standards help build the broadest possible international framework for mutual recognition of IT security products. To achieve Common Criteria certification, organizations must submit IT security products to be evaluated by competent and independent licensed laboratories so as to determine the fulfillment of particular security properties, to a certain extent or assurance (EAL level).

For more information on Entrust's PIV solutions, visit entrust.com/piv-standard.

Tweet It: Tough, Tested and Certified. Entrust receives government approvals with FIPS 201 and FIPS 140 certifications, www.entrust.com/news.

About Entrust
A trusted provider of identity-based security solutions, Entrust secures enterprises, governments, financial institutions, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's customer-centric focus is the foundation to delivering organizations an unmatched level of security, trust and value. For strong authentication, credentialing, physical and logical access, mobile security, digital certificates, SSL and PKI, call 888-690-2424, email [email protected] or visit www.entrust.com

Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In Canada, Entrust is a registered trademark of Entrust Limited. All Entrust product names are trademarks or registered trademarks of Entrust, Inc. or Entrust Limited. All other company and product names are trademarks or registered trademarks of their respective owners.

(Logo: http://photos.prnewswire.com/prnh/20060720/NYTH074LOGO)

SOURCE Entrust, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Pulzze Systems was happy to participate in such a premier event and thankful to be receiving the winning investment and global network support from G-Startup Worldwide. It is an exciting time for Pulzze to showcase the effectiveness of innovative technologies and enable them to make the world smarter and better. The reputable contest is held to identify promising startups around the globe that are assured to change the world through their innovative products and disruptive technologies. There w...
SYS-CON Events announced today Telecom Reseller has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
Akana has announced the availability of version 8 of its API Management solution. The Akana Platform provides an end-to-end API Management solution for designing, implementing, securing, managing, monitoring, and publishing APIs. It is available as a SaaS platform, on-premises, and as a hybrid deployment. Version 8 introduces a lot of new functionality, all aimed at offering customers the richest API Management capabilities in a way that is easier than ever for API and app developers to use.
Personalization has long been the holy grail of marketing. Simply stated, communicate the most relevant offer to the right person and you will increase sales. To achieve this, you must understand the individual. Consequently, digital marketers developed many ways to gather and leverage customer information to deliver targeted experiences. In his session at @ThingsExpo, Lou Casal, Founder and Principal Consultant at Practicala, discussed how the Internet of Things (IoT) has accelerated our abil...
With so much going on in this space you could be forgiven for thinking you were always working with yesterday’s technologies. So much change, so quickly. What do you do if you have to build a solution from the ground up that is expected to live in the field for at least 5-10 years? This is the challenge we faced when we looked to refresh our existing 10-year-old custom hardware stack to measure the fullness of trash cans and compactors.
The emerging Internet of Everything creates tremendous new opportunities for customer engagement and business model innovation. However, enterprises must overcome a number of critical challenges to bring these new solutions to market. In his session at @ThingsExpo, Michael Martin, CTO/CIO at nfrastructure, outlined these key challenges and recommended approaches for overcoming them to achieve speed and agility in the design, development and implementation of Internet of Everything solutions wi...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.