Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/19/2009
08:58 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DHS Goes PKI

Entrust, XTec to deploy PKI and provide secure smartcard login, encrypted communication

DALLAS — November 17, 2009 — Drawing on years of success securing various U.S. federal agencies and

departments, Entrust, Inc., and their proven public key infrastructure technology, will now provide the unified

security infrastructure for the U.S. Department of Homeland Security (DHS) components. This agreement helps

DHS enable cost-savings, meet HSPD-12 requirements, encrypt communications and data, and deploy secure

credentials for both physical and logical access.

"PKI technology remains such a valuable and versatile tool, regardless of the scope or type of environment it

secures," said Entrust President and CEO Bill Conner. "The Department of Homeland Security should be lauded

for not only unifying their security architecture, but for doing so in a manner that enhances cross-component

efficiency and helps save money by reducing the number of solutions securing different offices and locations."

Facilitated by partner XTec Inc., who is the key HSPD-12 solution provider for DHS, the Entrust deployment will

provide PKI services and digital certificates for all DHS components and their employees. The two-year

implementation will leverage Entrust's PKI architecture, Entrust Authority, as well as Entrust Entelligence

Security Provider and XTec's AuthentX platform for the management and secure distribution of the agency's

internal digital certificates. These certificates will provide DHS proven smartcard login, network authentication,

as well as encryption for e-mail and desktop environments.

"XTec has years of proven experience as a security solutions provider for the U.S. government, and opting for a

strong, proven PKI will help DHS meet their immediate and long-term security needs," said XTec CEO Albert

Fernandez. "We're looking forward to collaborating with Entrust on this critical government project, and our team

innovation will serve as a strong security model for other U.S. agencies to follow."

Entrust's PKI solution has been implemented to perform critical security tasks in various U.S. federal agencies,

including the U.S. Department of State for advanced ePassports and the Shared Service Provider (SSP) PKI for the

U.S. Department of Treasury. Entrust's hosted PKI service is also identified by the U.S. General Services

Administration (GSA) as an approved SSP for use within federal environments.

Additional state and federal PKI deployments include the State of Illinois, State of Virginia, the Departments of

Energy and Justice, NASA, the Government Printing Office, U.S. Department of Labor, U.S. Patent and

Trademark Office and the Federal Bureau of Investigation.

XTec provides the knowledge, products and experience to help U.S. federal departments and agencies deploy

solutions to comply with HSPD-12 and PIV requirements, as defined in FIPS 201 and related NIST standards. The

specific solution, XTec's AuthentX Identity Management System, includes all required components for an HSPD-

12 PIV II solution. XTec was among the first companies — and was the first small business — to be certified by

GSA to provide a "complete end-to-end solution," including each of the HSPD-12/PIV system components. XTec

(continued) /2

Version: 11/17/2009 @ 10:20 AM CDT

also has a long-standing relationship with the DHS for document security, which relies on XTec technology to

assist in the forensic tracing of counterfeit cards.

Entrust Entelligence Security Provider is an enterprise-wide security platform for Microsoft Windows desktops,

domain controllers and authentication servers that allows organizations to deploy the digital identities that enable

the strong authentication, encryption and digital signature capabilities within a number of authentication

applications and other applications such as data encryption and secure e-mail.

Entrust's first public key infrastructure — the world's first commercially available PKI — was released in 1994.

Now in its eighth edition, the Entrust Authority public key infrastructure product portfolio is the industry's most

relied upon PKI solution. By managing the full lifecycles of digital certificate-based identities, Entrust Authority

PKI enables encryption, digital signature and certificate authentication capabilities to be consistently and

transparently applied across a broad range of applications and platforms.

The U.S. Department of Homeland Security leverages resources within federal, state and local governments,

coordinating the transition of multiple agencies and programs into a single, integrated agency focused on

protecting the American people and their homeland. More than 87,000 different governmental jurisdictions at the

federal, state and local level have homeland security responsibilities. The comprehensive national strategy seeks to

develop a complementary system connecting all levels of government without duplicating effort.

About XTec

XTec is a leader in secure, interoperable authentication and verification systems. XTec develops, produces and

licenses enterprise-level security solutions for credentialing, access control, information systems and electronic

commerce for a wide range of government and commercial uses. XTec's focus is on providing a foundation from

which customers can build secure, Web-based enterprise applications and cryptographic systems. XTec is a

recognized leader in both government and commercial circles for its expertise and products for credentialing,

identity, secure payment and access control. For more information visit www.xtec.com.

About Entrust

Entrust provides trusted solutions that secure digital identities and information for enterprises and governments

in 2,000 organizations spanning 60 countries. Offering trusted security for less, Entrust solutions represent the

right balance between affordability, expertise and service. These include SSL, strong authentication, fraud

detection, digital certificates and PKI. For information, call 888-690-2424, e-mail [email protected] or visit

www.entrust.com.

Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In Canada, Entrust is a registered

trademark of Entrust Limited. All Entrust product names are trademarks or registered trademarks of Entrust, Inc. or Entrust Limited.

All other company and product names are trademarks or registered trademarks of their respective owners.

For more information:

Lindsey Jones

Media Relations

972-728-0374

[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-20001
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
CVE-2020-36317
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...
CVE-2020-36318
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
CVE-2021-28875
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.
CVE-2021-28876
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety r...