Securely issue and manage high assurance credentials
HID Global’s ActivID® Credential Management System (CMS) enables organizations to issue an authentication credential that goes beyond perimeter security. Clients can choose from smart cards, smart USB keys, Windows® TPMs and mobile phones for secure access to individual workstations and servers within the firewall, VPNs and applications. This high assurance credential can also enable digital signing and encrypt data, hard drives, documents and emails.
The ActivID Credential Management System is ideal for:
Medium to large enterprises issuing converged access cards or smart authenticators for employee authentication, data encryption and data signing
Organizations deploying Personal Identity Verification (PIV) cards and commercial organizations deploying PIV Interoperable (PIV-I) or Commercial Identity Verification (CIV) cards
Governments issuing citizen identification cards with PKI-based credentials
ActivID CMS is the only offering in the industry that makes it possible for organizations to create, manage and use a single PKI smart card for both IT and physical access—all while utilizing a unified solution from a single vendor.
Organizations deploying ActivID CMS are able to securely provision PKI certificates and other credentials to a range of different devices, including smart cards, virtual smart cards, tokens and mobile devices. It is also scalable to millions of credentials in complex environments with multiple user groups. ActivID CMS interfaces with physical access control systems (PACS) to automate the PIV or PIV-I card enrollment process, enabling users to authenticate at the door without the need to re-enroll their card.
The ActivID Credential Management System (CMS) gives organizations a method for simply and securely managing deployment of high assurance credentials.
The solution supports:
Extensibility: In conjunction with ActivClient® as well as public key cryptography standards (PKCS) #11-compliant middleware, the ActivID CMS can be used to support the issuance and management of smart cards for a wide variety of desktop, network security, and productivity applications. When fully leveraged, the credentials can be used for both logical and physical access. ActivID CMS also supports the issuance of digital certificates on virtual smart cards and mobile devices to enable flexibility in terms of form factors and assurance level options.
Lifecycle management: Effectively manages an organization’s authentication devices (e.g., smart cards, smart USB keys, Windows TPMs and mobile phones), data (e.g., static passwords, biometrics and demographic data), applets (e.g., one-time password applications and Personal Identity Verification [PIV] applets), and digital credentials (including PKI certificates). ActivID CMS’s unique, patented, post-issuance update capabilities ensure that organizations are in control of their credentials at all times.
Integration: Interoperable with a wide variety of environments, including operating systems, directories, front- or back-end identity management and provisioning systems, certificate authorities, physical access control systems, and card printers—including FARGO® printers.
Robust reporting: Provides full, tamper-evident audit features that log all event activities for reporting.
Strong security: Delivers a secure, transparent method for transmitting sensitive data held on smart cards or smart authenticators connected to user workstations. Keys and personally identifiable information are protected on the server using a Hardware Security Module and are transmitted safely from point of origination to the secure element chip. ActivID CMS also supports stringent U.S. Federal Government standards for PIV and PIV-I.