Click here to close now.

Welcome!

API Journal Authors: Rex Morrow, Datical, XebiaLabs Blog, John Wetherill, Ruxit Blog, Liz McMillan

News Feed Item

Tough, Tested and Certified - Entrust's PIV Smartcards Earn Pair of Trusted FIPS Certifications

Entrust's new certifications demonstrate interoperability, compatibility with strict NIST standards

DALLAS, Feb. 12, 2013 /PRNewswire/ -- Entrust Inc. finalized a pair of government approvals with FIPS 201 and FIPS 140 certifications for the company's PIV smartcard credential technology, which was reviewed, tested and certified by the National Institute of Standards and Technology (NIST).

These strict certifications demonstrate interoperability with established NIST standards, making them more reliable for governments, private organizations, banks or enterprises deploying security solutions in multivendor environments. To ensure a seamless deployment, many organizations will only purchase solutions that carry certain certifications.

"These certifications demonstrate Entrust's ongoing commitment to high security standards, particularly for large-scale identity authentication and credentialing interoperability," said Entrust President and CEO Bill Conner. "This achievement provides organizations across the world the assurances they need to deploy Entrust solutions and services with confidence and unwavering trust."

Based on strict standards set by the U.S. government, these certifications help ensure interoperability by vetting protocol conformance for smartcards (FIPS 201) and testing cryptography strengths (FIPS 140). These approvals complement and support Entrust's existing Common Criteria EAL 5 certification.

Reviewed by the NIST Personal Identity Verification (PIV) Platform Validation Authority, FIPS 201 certification focuses on interoperability between the PIV application and other parts of the PIV solution, including physical access readers and logical access clients. The strict certification also verifies the smartcard can withstand many years of rigorous wear and tear (e.g., being in a wallet or attached to a lanyard). To address the aspect of physical durability, Entrust relies upon advanced third-party antenna designs that support extended lifespans.

FIPS 140 certification ensures a given solution meets or exceeds U.S. government security standards that specify requirements for cryptography modules and physical tamper-resistance. An example includes testing the elliptic curve cryptography (ECC) implementation used within the solution.

The PIV standard outlines tested and approved systems that support a common smartcard-based platform for managing the identity, and then using that identity for digital signatures, encryption and authentication to multiple types of physical and logical access environments. Smartcards carry and manage the digital identity of the cardholder, protecting the theft of the identity through sophisticated hardware technology.

Entrust also includes additional extensions that enable a new level of customization and versatility within a private environment. Two of the more requested capabilities include PIN unblocking and the ability to execute over-the-air (OTA) tasks on mobile devices. All extensions are configurable and add convenience and customization unrivaled in the market.

"Entrust has long been committed to providing credentialing solutions that are compliant to the necessary PIV standards," said Conner. "Adding additional capabilities and conveniences, however, provides organizations unmatched versatility to achieve identity-based security standards that are a perfect match for their organization and overall goals."

Entrust has established relationships with a leading smartcard vendor to offer PIV credentialing solutions for state governments, private sectors and other non-federal organizations who need identity credentials that are issued in a manner that facilitates trust and technical interoperability with the U.S. federal PIV smartcard standard. Entrust smartcard solutions leverage the latest chip technology for fast, secure performance.

For upgrading organizations, Entrust incorporates advanced technology to allow for easy migration away from outdated legacy systems by simultaneously supporting old and new technology.

For additional convenience, Entrust also provides organizations a PIV-compatible credential that may be placed directly on mobile devices. Entrust's Mobile Smart Credential technology provides PIV authentication, encryption and digital signing without incurring typical deployment costs (e.g., card production and shipping). When the Entrust Mobile Smart Credential application is downloaded from the Apple, Google Play or BlackBerry application stores, and personalized with an identity, it is designed to mirror the behavior of a standard PIV smartcard.

Entrust is one of only a handful of PKI vendors approved to issue digital certificates for U.S. departments and agencies through the Shared Service Provider (SSP) and Federal Bridge CA programs. In addition, Entrust provides the digital certificates for all agencies who receive PIV credentials, from the General Services Administration (GSA), via the USAccess program.

Created by the U.S. NIST, the Federal Information Processing Standards (FIPS) outline general requirements for cryptographic modules within computer and telecommunication systems. A cryptographic module is defined as any combination of hardware, firmware or software that implements cryptographic functions such as encryption, decryption, digital signatures, authentication techniques and random-number generation.

An agency of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. Founded by Congress in 1901, the agency was established to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

Common Criteria certification is recognized globally by many national governments including the United States, Canada, United Kingdom, Germany, France, Italy, Netherlands, Israel, Spain, Japan, Australia and New Zealand. The standards help build the broadest possible international framework for mutual recognition of IT security products. To achieve Common Criteria certification, organizations must submit IT security products to be evaluated by competent and independent licensed laboratories so as to determine the fulfillment of particular security properties, to a certain extent or assurance (EAL level).

For more information on Entrust's PIV solutions, visit entrust.com/piv-standard.

Tweet It: Tough, Tested and Certified. Entrust receives government approvals with FIPS 201 and FIPS 140 certifications, www.entrust.com/news.

About Entrust
A trusted provider of identity-based security solutions, Entrust secures enterprises, governments, financial institutions, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's customer-centric focus is the foundation to delivering organizations an unmatched level of security, trust and value. For strong authentication, credentialing, physical and logical access, mobile security, digital certificates, SSL and PKI, call 888-690-2424, email [email protected] or visit www.entrust.com

Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In Canada, Entrust is a registered trademark of Entrust Limited. All Entrust product names are trademarks or registered trademarks of Entrust, Inc. or Entrust Limited. All other company and product names are trademarks or registered trademarks of their respective owners.

(Logo: http://photos.prnewswire.com/prnh/20060720/NYTH074LOGO)

SOURCE Entrust, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The enterprise market will drive IoT device adoption over the next five years. In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, will analyze how companies will adopt IoT products and the associated cost of adopting those products. John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI Intelligence, he worked analyzing bank technology for Corporate Insight and The Clearing House Pay...
As the Internet of Things unfolds, mobile and wearable devices are blurring the line between physical and digital, integrating ever more closely with our interests, our routines, our daily lives. Contextual computing and smart, sensor-equipped spaces bring the potential to walk through a world that recognizes us and responds accordingly. We become continuous transmitters and receivers of data. In his session at @ThingsExpo, Andrew Bolwell, Director of Innovation for HP's Printing and Personal Systems Group, discussed how key attributes of mobile technology – touch input, sensors, social, and ...
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust IT industrialization – allowing customers to provide amazing user experiences with optimized IT per...
The world is at a tipping point where the technology, the device and global adoption are converging to such a point that we will see an explosion of a world where smartphone devices not only allow us to talk to each other, but allow for communication between everything – serving as a central hub from which we control our world – MediaTek is at the heart of both driving this and allowing the markets to drive this reality forward themselves. The next wave of consumer gadgets is here – smart, connected, and small. If your ambitions are big, so are ours. In his session at @ThingsExpo, Jack Hu, D...
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile devices as well as laptops and desktops using a visual drag-and-drop application – and eForms-buildi...
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will addresses this very serious issue of profound change in the industry.
The multi-trillion economic opportunity around the "Internet of Things" (IoT) is emerging as the hottest topic for investors in 2015. As we connect the physical world with information technology, data from actions, processes and the environment can increase sales, improve efficiencies, automate daily activities and minimize risk. In his session at @ThingsExpo, Ed Maguire, Senior Analyst at CLSA Americas, will describe what is new and different about IoT, explore financial, technological and real-world impact across consumer and business use cases. Why now? Significant corporate and venture...
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participa...
There will be 150 billion connected devices by 2020. New digital businesses have already disrupted value chains across every industry. APIs are at the center of the digital business. You need to understand what assets you have that can be exposed digitally, what their digital value chain is, and how to create an effective business model around that value chain to compete in this economy. No enterprise can be complacent and not engage in the digital economy. Learn how to be the disruptor and not the disruptee.
2015 predictions circa 1970: houses anticipate our needs and adapt, city infrastructure is citizen and situation aware, office buildings identify and preprocess you. Today smart buildings have no such collective conscience, no shared set of fundamental services to identify, predict and synchronize around us. LiveSpace and M2Mi are changing that. LiveSpace Smart Environment devices deliver over the M2Mi IoT Platform real time presence, awareness and intent analytics as a service to local connected devices. In her session at @ThingsExpo, Sarah Cooper, VP Business of Development at M2Mi, will d...
Thanks to widespread Internet adoption and more than 10 billion connected devices around the world, companies became more excited than ever about the Internet of Things in 2014. Add in the hype around Google Glass and the Nest Thermostat, and nearly every business, including those from traditionally low-tech industries, wanted in. But despite the buzz, some very real business questions emerged – mainly, not if a device can be connected, or even when, but why? Why does connecting to the cloud create greater value for the user? Why do connected features improve the overall experience? And why do...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
Imagine a world where targeting, attribution, and analytics are just as intrinsic to the physical world as they currently are to display advertising. Advances in technologies and changes in consumer behavior have opened the door to a whole new category of personalized marketing experience based on direct interactions with products. The products themselves now have a voice. What will they say? Who will control it? And what does it take for brands to win in this new world? In his session at @ThingsExpo, Zack Bennett, Vice President of Customer Success at EVRYTHNG, will answer these questions a...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
We’re entering a new era of computing technology that many are calling the Internet of Things (IoT). Machine to machine, machine to infrastructure, machine to environment, the Internet of Everything, the Internet of Intelligent Things, intelligent systems – call it what you want, but it’s happening, and its potential is huge. IoT is comprised of smart machines interacting and communicating with other machines, objects, environments and infrastructures. As a result, huge volumes of data are being generated, and that data is being processed into useful actions that can “command and control” thi...