CertiPath Members Gain Trusted Status with U.S. Department of Defense Policy on Identity Certificates

HERNDON, Va. , July 29 /PRNewswire/ -- In a policy announced today, the U.S. Department of Defense now accepts the trust fabric for identity assurance and management established by the U.S. Federal Bridge. As the first commercial bridge to be cross-certified on the Federal Bridge in 2006, CertiPath becomes the only 3rd-party Public Key Infrastructure (PKI) Bridge Authority proven to meet the U.S. Department of Defense's (DoD) newest policy for accepting digital identity certificates from external parties.

The DoD policy -- which until now only trusted digital identity certificates issued by its own authority -- recognizes CertiPath's ability to ensure identity integrity that is at least as robust as the DoD's current identity requirements.

CertiPath is the only commercial PKI Bridge with policies and practices that meet the federal agency's stringent requirements for medium- and high-assurance certification and is cross certified to the U.S. Federal Bridge Certificate Authority (FBCA). CertiPath enables secure, trusted identities by enforcing a common standard of care across all of its member companies. It correlates hundreds of policy mapping points for each organization, including technical, governance and procedural controls around physical and logical access to the identity management infrastructure. Companies that meet or exceed the standards may become members of CertiPath.

"No other entity deals in the volume and scope of sensitive information that the DoD uses on a daily basis," said Jeff Nigriny , president and COO of CertiPath. "This policy represents the culmination of five years of effort to demonstrate the trustworthiness of the community's identity infrastructures. We've worked very closely with the offices of the CIO and our members to achieve the highest possible standards of trust."

By accepting digital certificates issued by the members of CertiPath, the DoD improves information security along its supply chain, even as it engenders broader collaboration among its major partners. CertiPath enables the higher level of identity assurance needed for the DoD to meet the increasingly collaborative nature of defense while decreasing the risk that sensitive information will be compromised.

"This policy recognizes the maturity of our efforts -- and the efforts of the whole CertiPath community -- to deploy PKI-based security solutions that merit the DoD's confidence," said Jeff Brown , chief information security officer of the Raytheon Company. "With this shared foundation of trust, we can speed the efforts of the real mission -- building national defense systems that protect against the evolving threats to our customers around the world."

Members of the CertiPath community, including Boeing, EADS, Lockheed Martin Company, Northrop Grumman and Raytheon gain significant additional return on the investment made in becoming cross-certified via CertiPath. These major players in the aerospace and defense industry now leverage the inherent trust provided by the CertiPath community to bid on contracts and collaborate on work-in-progress through secure document sharing and e-mail.

"Achieving the level of identity assurance needed to do business with the DoD for our own operations is one thing -- extending that confidence to partners outside our organization is a different challenge," said Tim McKnight , chief information security officer, of Northrop Grumman. "This policy validates our efforts with the CertiPath community where a shared commitment to policies, legal requirements and interoperability standards makes it possible for us to work together."

About CertiPath

CertiPath provides the aerospace and defense industry's only public key infrastructure (PKI)-based communications bridge where information can be shared widely, securely, effectively and affordably between partners, suppliers and customers -- regardless of the size and scope of the supply chain.

CertiPath's disruptive solution tears down the burdensome and costly company, employee and program-centric approaches to identity assurance. Today, organizations in the U.S., U.K. and Europe including Boeing, BAE Systems, EADS, Lockheed Martin, Northrop Grumman, Raytheon and the U.S. Federal Bridge (FBCA) are members of this fast-growing community. For more information, visit CertiPath on the web at http://www.certipath.com .

All product and company names herein may be trademarks of their registered owners.

SOURCE CertiPath