Ascertia’s ADSS SCVP Server Awarded GSA FIPS 201 Certification

Share Article

Ascertia proves its credentials as a leader in the PKI digital certificate validation space once again by successfully attaining FIPS 201 certification for its ADSS SCVP Server. Having ADSS SCVP Server accepted on the GSA APL is a key part of Ascertia's strategy to strengthen its product positioning in the US Federal and Defense markets. Ascertia's ADSS OCSP Server is already on the FIPS 201 approved product list (APL#583).

ADSS SCVP Server Architecture

Our ADSS OCSP Server was FIPS 201 certified (APL#583) in July 2011 and the ability to also offer SCVP (APL#692) broadens Ascertia’s capability in the certificate validation field and clearly demonstrates our global leadership in this area

Ascertia, the leading global provider of digital signature and PKI certificate validation software, announced today the successful certification of the company’s ADSS SCVP Server under the US General Services Administration’s (GSA) FIPS 201 Evaluation Program. ADSS SCVP Server has now be added to the GSA’s Approved Products List (APL). The GSA APL is essential for product procurement for the US Federal Government Homeland Security Presidential Directive 12 (HSPD-12).

To comply with this Directive government agencies have for some time been issuing Personal Identity Verification (PIV) smart cards to their employees and contractors. As these PIV cards start to be used within a wide variety of physical and logical access control system, there is a need to verify the embedded PKI e-identity certificates.

The Federal PKI system is a large and complex network of Certification Authority (CA) issuers connected through a central Federal Bridge CA. Validating and trusting the digital certificates produced by this vast network is a complex task that requires sophisticated certificate chain building and path validation as defined by RFC 5055.

Ascertia has years of experience in this area and has designed ADSS SCVP Server to provide RFC 5055 compliant certificate path validation services and thus removing such complexities from other applications by offering:

+ Delegated certificate path discovery dynamically across different PKI topologies includes hierarchy, cross-certificates and mesh architectures

+ Delegated full certificate path validation according to PKIX RFC3280, together with real-time certificate status validation (OCSP)

+ Strong security management of multiple validation policies

+ Advanced transactional logging and viewing/reporting to enable trust issues to be identified quickly and easily

+ Advanced trust anchor management and data caching to provide high trust together with high performance

“Not only have we successfully demonstrated compliance with the latest FIPS 201 Certificate Validator requirements but as a prerequisite we were also the first company to be successfully evaluated against the latest NIST PKITS path discovery and validation test suite,” stated Liaquat Khan, Technical Director, Ascertia. “This independently tested our compliance with the SHA-256 and ECDSA algorithms well as a range of new test cases for complete certificate validation”.

“Having ADSS SCVP Server accepted on the GSA APL is a key part of our strategy to strengthen Ascertia’s product positioning in the US Federal and Defense markets,” added Rod Crook, Solution Director, Ascertia. “Our ADSS OCSP Server was FIPS 201 certified (APL#583) in July 2011 and the ability to also offer SCVP broadens Ascertia’s capability in the certificate validation field and clearly demonstrates our global leadership in this area. We are excited about the opportunities for substantial growth together with our existing US partners.”

ADSS SCVP Server was tested using a SafeNet Luna SA HSM to provide powerful FIPS 140-2 certified cryptographic algorithm and key management capabilities.

The FIPS 201 testing was conducted by atsec information security a security services testing laboratory with considerable experience in FIPS201 evaluations.

Apostol Vassilev, CST laboratory manager for atsec, commented: “We congratulate Ascertia on the successful validation of their product against the Certificate Validator Product Category of the FIPS 201 Evaluation Program and placement on the GSA Approved Product List. We are happy that Ascertia chose atsec as the testing laboratory for this project.”

About FIPS 201:
For more info on FIPS 201 Evaluation program: http://fips201ep.cio.gov/
For complete GSA FIPS 201 Approved Product List (APL): http://fips201ep.cio.gov/apl.php
For more info on FIPS 201:http://csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-chng1.pdf
For more info on ADSS SCVP Server: http://www.ascertia.com/Products/ADSS-SCVP-Server.aspx

About Ascertia: Ascertia (http://www.ascertia.com) is a leading provider of digital signing, verification and identity validation solutions that prevent fraud, reduce business risks and costs and provide legal weight evidence. Our products are designed and developed in-house and are well proven around the world.    Ascertia’s ADSS Server products are used by a variety of organizations, managed service providers and within national and global trust infrastructures.

About Atsec:
atsec information security (http://www.atsec.com) is an independent, standards-based information technology security services company with offices in the U.S., Germany, Sweden, and China. atsec's services include formal laboratory testing and evaluation of information assurance (IA) and IA-enabled commercial off the shelf (COTS) information technology, as well as information security consultancy. atsec information security is an accredited General Services Administration (GSA) FIPS 201 Evaluation Program (EP) Lab. atsec works with any company, regardless of size or locale, tha

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Gavin Spencer
Ascertia
00447585917608 +442071934026
Email >
Follow us on
Visit website