Government ID, Smart Cards, Identification and Authentication

Codebench gets FIPS 201 certification

Wednesday, June 9, 2010

atsec information security, a laboratory for the GSA FIPS 201 Evaluation Program which runs a product approval program for PIV-related products destined for the U.S. federal market, has announced the successful GSA FIPS 201 evaluation of Codebench’s PIVCheck Desktop Edition and PIVCheck Mobile Edition.

As a result of its evaluation, atsec has determined that the Codebench products meet FIPS 201 requirements on behalf of the GSA Evaluation Program. These products are now listed on the FIPS 201 Evaluation Program Approved Product List. The list only includes products and services that are in compliance with the current version of the Standard and its supporting NIST Special Publication 800-116, which provides recommendations for the use of PIV Credentials in physical access control systems.

Codebench is the first company with solutions evaluated for GSA product category CAK Authentication System, as well as Caching Status Proxy, PIV Authentication System, and CHUID Authentication System.

CAK authentication is a reader-to-card challenge/response protocol that ensures that the PIV credential is genuine and is not a forgery or clone, while CHUID authentication involves verifying that the credential’s CHUID, or cardholder unique identifier, has not been altered.

Both CAK and CHUID authentication can be performed over the card’s contactless interface and do not require a PIN. Contactless verification of PIV credentials will likely become a requirement for both high and very high assurance access control readers.

The product entries are included on the GSA FIPS 201 Evaluation Program Approved Product List at here[end] 

Related Articles
ORC is PIV-I certified for credential issuance

Operational Research Consultants Inc. (ORC), a subsidiary of WidePoint Corp., has been authorized to issue PIV-I as a certified non-federal issuer.

As a non-federal issuer, ORCs identity credentials, issued to government contractors, state and local governments, first responders and health care providers, have additional interoperability for customers who wish to conduct e-government and e-commerce transactions with other entities across the Federal Bridge.

read more »
Codebench, S2 partner

Codebench Inc. and S2 Security Corp. announced that Codebench’s PIVCheck Plus software suite, a card validation, authentication, and registration solution for HSPD-12 compliance, now integrates with the S2 NetBox Extreme and Enterprise systems from S2 Security Corporation.

read more »
ARX receives certification for network hardware security module

ARX received FIPS 201 approval from the U.S. Government’s General Services Administration on the Approved Products List for compliance for its PrivateServer network-attached hardware security module.

read more »
Codebench integrates with RedCloud

Codebench Inc. announced that it has integrated its PIVCheck Plus software with RedCloud Security Management Software. RedCloud was formerly known as PlaSec.

This marks the first integration of PIVCheck Plus software with a physical and virtual network appliance access control platform. RedCloud Virtual is a VMware Ready access control solution purpose-built for organizations that have migrated their IT infrastructure to a secure, private cloud environment.

read more »
Codebench, Hirsch integrate software

Codebench Inc. and Hirsch Identive announced the integration of Codebench’s PIVCheck Plus software with Hirsch Identive’s Velocity Management Software, which aims to provide federal government and commercial customers with a solution for identity validation, authentication and PACS registration using mobile handheld devices.

read more »
Codebench releases PACS SDK

Florida-based Codebench has released IDSync, a software development kit that enables automated provisioning and deprovisioning of users and credentials into a supported physical access control system.

read more »

Copyright © 2012, AVISIAN, Inc. All rights reserved.