U.S. DoD taps CoreStreet for enterprise-wide credential validation deployment
03 April, 2007
category: Government
The U.S. Department of Defense has selected the CoreStreet Validation Authority to deploy enterprise-wide, making it easier to validate Common Access Cards and other large scale credentialing initiatives.
Selection Caps the Department’s Recent String of Acquisitions of CoreStreet Products
CAMBRIDGE, MA – The U.S. Department of Defense announced it has selected the CoreStreet Validation Authority for enterprise-wide deployment. Together with other recent acquisitions of CoreStreet products, the DoD will now be able to validate the legitimacy of all 3.5 million service members and contractors, using the DoD Public Key Infrastructure, a scale that would have been impossible with other technologies. Such applications include smart card logon, digitally signed email, and access to secure web portals.
As part of the selection, the DoD has deployed CoreStreet Validation Authorities and dozens of CoreStreet VA Responders at major DoD IT nodes around the globe in an effort to greatly expand their Robust Certificate Validation System (RCVS). The selection also gives the DoD access to CoreStreet’s exclusive MiniCRL technology, which enables certificate validation to occur in extremely low-bandwidth environments.
In January 2006, the US Joint Task Force-Global Network Operations (JTF-GNO) set a schedule for DoD-wide compliance with Communications Tasking Order (CTO) 06-02, which mandates that all services use their Common Access Cards for smart card logon, email signing, and web server authentication. The deadline was originally set for year-end completion, but in the face of growing threats, was accelerated to July 31, 2006. With CoreStreet and its distributed validation architecture, the DoD is completely prepared to support any and all PKI applications anywhere in the world, as they come online to meet the tasking order.
“The DoD CAC Program and the RCVS have become points of reference for all other large-scale credentialing initiatives worldwide,” said Dr. Bob Dulude, CoreStreet’s chief security officer. “The program’s success is a bold statement about both the state of large smart credential deployments and the PKI market in general. We are proud that CoreStreet’s software has helped elevate the DoD CAC Program to its current ‘gold standard’ status.”
Validating the Common Access Card
CoreStreet software checks the status of issued digital certificates, a process known as validation. The Common Access Card Program and other programs of its kind store digital certificates on each card. Whenever a card is used, the application must first validate the status of the individuals’ certificates. Historically, large deployments faltered because performing this critical validation step did not scale.
CoreStreet solved this problem by developing its patented Distributed Validation model, known as Distributed OCSP, which has since become the industry standard for large credential programs. For the RCVS, the DoD deployed an architecture based on CoreStreet’s model, ensuring that the system will remain effective even as it expands in the future.
In addition to the enterprise-wide selection, the US Army, Navy, and other DoD components have recently purchased CoreStreet’s Responder Appliance 2400. These organizations selected the appliance in response to a need for a local certificate validation resource that could function in tactical environments and serve as a fallback in the event of network outages.
The Common Access Card Program
Predating Homeland Security Presidential Directive (HSPD 12), the CAC Program was designed to accomplish many of the same goals set forth in the Directive: to provide a single, trusted credential for access across multiple systems. Today, over 10 million Common Access Cards and over 20 million certificates have been issued in support of the growing number of PKI enabled applications.
About CoreStreet
Every day, the world’s most demanding government and commercial enterprises rely on CoreStreet software to power their smart credential and convergence programs. More information, including technical whitepapers, industry solution studies and a list of the patents awarded to the company, is available at www.corestreet.com.
Research and evaluate FIPS 201 Approved Products and get the latest info on compliant credentialing systems at FIPS201.com. Click to visit FIPS201.com.