Credential Management Solutions

The HID Identity Assurance solutions enable government agencies to provide a well-orchestrated experience that meets strict compliance mandates.

The HID Identity Assurance portfolio enables government agencies to build trust in the identities of their users, so they can grant appropriate access to buildings, networks, systems and cloud-based resources. With over 200 local, state, federal and international government agencies in the US, Europe, Asia, Australia and beyond, there are literally millions of government employees who carry and use credentials issued by HID Global to have to securely access to the resources they need. HID Global has that experience that agencies can trust in to provide a simple and coordinated method which contribute to a strong authentication for physical and online access.

As governments adapt to ever-changing landscape of threats and increasingly to the mobile environment is more important than ever to have a comprehensive solution that can address all Identity Assurance agency requirements now and in the future. HID Global solutions can help government agencies to support:

Increased security - with multi-factor authentication; HID Identity Assurance solutions have been certified or approved for the following standards:

Identity assurance for government agencies. Secure access without compromise.
  • Common / NIAP Criteria - In June 1993, the sponsoring organizations of Americans, Canadians and Europeans existing criteria, (TCSEC, ITSEC, and alikes) began the Common Criteria Project for joining the separated criteria on a unique set of security criteria of information technology. Version 1.0 of the CC was completed in January 1996. Based on a number of test evaluations and extensive public review, Version 1.0 was extensively revised and Version 2.0 of the CC took place in April 1998. This became in the international ISO 15408 standard in 1999. The CC project then incorporated minor changes that had led to the ISO process, producing Version 2.1 in August 1999. Currently, the international community has embraced the CC by the Common Criteria Recognition Agreement (CCRA) by which the signatories have agreed to accept the results of CC evaluations by other members of the CCRA. The US program for Common Criteria certifications is called NIAP, meaning National Information Association Program.
  • Mandate Joint Interoperability Test Command of the United States Department of Defense -The mandate Joint Interoperability Test Command (JITC) is organizing testing and certification of Public Key Infrastructure (PKI) of Department of Defense (DoD). The JITC has reproduced the DoD PKI environment to ensure that a commercial product meets their PKI standards when the product is fully operational and use in the DoD.
  • FIPS 140-2 - The Computer Security Division of the National Institute of Standards and Technology (NIST) manages a number of FIPS (Federal Processing Standards Information) that covers the cryptography, ie, hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). These standards have been adopted by the US and Canadian governments to guide their purchases of products that are designed to protect the security of electronic information and electronic commerce. The FIPS 140-1 standard was created in 1994 and specifies requirements for the proper design and implementation of products that perform cryptographic operations. In 2001, a stricter version of the standard, called FIPS 140-2 was launched. The products are certified under the CMVP FIPS Program (Cryptographic Module Validation Program). The CMVP is managed by NIST and CSE, the Communications Security Establishment of the Government of Canada. The function of the CMVP is to ensure that products are properly applying cryptographic standards approved by the FIPS. FIPS 140 has four levels and these levels are intended to cover the broad range of possible applications and environments in which cryptographic modules may be employed.
  • FIPS 201 Standard 201 of the Federal Information Processing, Personal Identity Verification (PIV) of Federal Employees and Contractors, was developed by NIST in response to 12 the National Security Presidential Directive (HSPD-12), issued on 27 August 2004, that ordered the establishment of a standard for employees identification and contractors of the federal government. The FIPS 201 PIV card is to be used to access control both physical and logical.

Credential Management Solutions

Mobile access - To provide identity assurance in critical situations that require accurate information about credentials carriers, but where connectivity can be unreliable, as in Initial response, maritime and transport and border control scenarios.

EGovernment initiatives - offers an easy and cost effective solution to manage authentication and unique authorization to create secure eGovernment systems; allows users to connect and access eGovernment applications from any location, through a variety of devices, using any of the more than 20 strong authentication methods.