PKI, Chip Technology Embraced to Fortify Security Defenses
October 11, 2017
As high-profile security breaches become more commonplace, companies and government agencies are increasingly looking to Public Key Infrastructure (PKI) technologies to enable strong authentication access controls and more robust data protection capabilities. Successful PKI-based, security chip implementations are designed to facilitate secure authentication.
Case in point, Congress is currently crafting a bipartisan piece of legislation called the IoT Cybersecurity Improvement Act of 2017 in an effort to secure IoT devices. One way of securing IoT devices in the workplace and home is through the use of PKI credentials to both identify the device and to securely authenticate those seeking access to the device – which can prevent unauthorized users from gaining access. As IoT devices become more ubiquitous, devices will need to authenticate themselves and have their own certificates to prove trustworthiness. Through the use of PKI, the chances of unauthorized access through IoT devices decreases.
PKI is also increasingly embraced in the healthcare industry as a way to meet security compliance regulations, particularly the standards of the Health Insurance Portability and Accountability Act (HIPAA). Devices with PKI technology help secure patient identities by only allowing access to authenticated users. The use of PKI technology in turn reduces the likelihood of litigation due to a HIPAA violation, and can also reduce the losses incurred due to identity fraud.
PKI can also be used in corporate environments to authenticate the identities of employees who request access to privileged company data. With the use of multi-factor authentication technologies like smartcards and biometrics, PKI can be used to offer another layer of identity security. In fact, the US Department of Defense recognized an 80% reduction in unauthorized access to their systems once they fully implemented PKI-based access controls for their networks through the requirement for the use of the Common Access Card (CAC) smartcard in the place of passwords.
For border security, chips using PKI can also be leveraged to easily confirm the identities of travelers without sacrificing accuracy or negatively impacting the processing time for evaluation of the travel document. e-Passports add another layer of security to traditional non‑electronic passports by embedding an electronic chip in the passport. Performing an electronic evaluation of the e-passport chip data provides the highest level of assurance that the document is authentic, and is the only assurance that the biometrics on the chip are bound to the traveler.
Acuant’s recent acquisition of the Ozone e-Authentication product suite from identity solutions provider Mount Airey Group, further enhances its traditional physical security feature assessment capabilities and provides a comprehensive e-authentication solution for border control and other environments depending upon e-document validity. Acuant’s solution features certificate chain validation for e-passports, and implements country-specific policy controls.
In addition to support for e-passport issuance and border control processes, Ozone also supports PKI enablement across the enterprise. With Ozone, application owners can enable their applications with PKI, without having to understand the complexities of PKI technology. Owners can manage application-specific authorizations without the need for modifications to the application software. Ozone also supports implementations across federal agencies to improve federated security leveraging existing Homeland Security President Directive #12 infrastructures.
Acuant’s Ozone Suite offers seamless PKI integration with smartcards, single sign-on schemes, and biometric authentication processes. The line of identity solutions supports enterprise-scale identity and access management (IDAM) solutions including e-Passport authentication, ICAO Public Key Directory (PKD) support, and eID document validation capabilities, as well as atomic authorization capabilities. Consistent with Acuant’s flexible deployment strategy, the solution set supports traditional on-premise implementations, as well as supports cloud and mobility solutions.