TrustBearer Software Achieves U.S. Government Certification
January 7, 2009–TrustBearer Labs, an authentication and digital identity solutions company, announced today that the TrustBearer Desktop PIV API meets the Federal Information Processing Standards (FIPS) 201 requirements and is approved by US Government GSA for deployment in Homeland Security Presidential Directive 12 (HSPD-12) programs. The certification enables government agencies to purchase TrustBearer Desktop PIV middleware to comply with the FIPS 201 standard as mandated by HSPD-12.
TrustBearer Desktop provides the middleware interface between the PIV compliant card and the applications utilizing the digital certificates stored on the card to perform cryptographic operations for authentication, encryption and signatures. The PIV credentials can be used for network authentication, SSL client authentication, document signatures, email signatures and encryption, virtual private networks and remote access.
“The government has recognized that critical and sensitive data must be protected using secure methods,” says TrustBearer Labs founder and CEO David Corcoran. “Hardware-based PKI authentication is widely known as the strongest form of security available. TrustBearer Labs is proud to have achieved the FIPS 201 validation for our TrustBearer Desktop product, and we look forward to serve the U.S. federal government.”
Unlike other PIV middleware, TrustBearer Desktop enables strong authentication to rich, Web 2.0 Internet applications using the government issued PIV credential through TrustBearer’s OpenID platform. Using OpenID and SAML, TrustBearer provides Single Sign-On support for online applications such as Salesforce.com, the market-leading online customer relationship management service with over 1 million subscribers, and Google Apps, a business productivity and communications platform managed by Google.
“TrustBearer not only provides the middleware to utilize PIV credentials locally on client computers, but also combines the strength of hardware-based PKI authentication with the simplicity and ease-of-use that web users expect with online applications,” says Mr. Corcoran. “This is a tremendous example of how government issued PIV credentials can be leveraged in online applications and improve both security and convenience.”
About HSPD-12 and the Approved Products List
A recent report issued by the White House Office of Management and Budget showed that over 1.5 million out of a total 5.5 million Personal Identity Verification (PIV) compliant cards have been issued in response to HSPD-12. HSPD-12 mandates all government employees and contractors to carry a secure form of identification. The GSA maintains a FIPS 201 evaluation program and provides an Approved Products List (APL) of products meeting the guidelines and technical specifications. The APL governs which products and services may be purchased by government agencies. The full list of approved products available for purchase by US government agencies can be found at http://fips201ep.cio.gov/apl.php.
About TrustBearer OpenID
TrustBearer OpenID is a federated digital identity web platform. The service provides users with hardware-based, multi-factor authentication to websites that have implemented the OpenID or SAML standards. TrustBearer supports a variety of hardware tokens, including many smart-card based federal identity cards such as the U.S. Government PIV, CAC and TWIC cards. Sign up for a free account at https://openid.trustbearer.com.