Partnet eValidate™ Brings PKI Security to Large Scale Web Applications

Share Article

Partnet today announced the commercial availability of eValidate—an innovative new solution for Public Key Infrastructure (PKI) validation and security. Partnet eValidate™ was designed specifically to handle the robust demands of large scale web applications with a large number of users and transactions.

Partnet provides cost-effective, web-based solutions that bring efficiency, agility, and value to our customers.

eValidate picks up where other PKI security products fail—providing optimized performance and networking—while ensuring the robust security environment that federal and DOD agencies depend on to fulfill mission objectives

Partnet Inc. today announced the commercial availability of eValidate—an innovative new solution for Public Key Infrastructure (PKI) validation and security. Partnet eValidate™ was designed specifically to handle the robust demands of large scale web applications with a large number of users and transactions.

eValidate was born out of necessity. In 2009, Partnet was tasked with implementing PKI security within the Department of Defense Electronic Mall (DOD EMALL) for Common Access Cards (CACs) and cross-signed Federal Bridge certificates. A number of Commercial-Off-the-Shelf (COTS) solutions were evaluated for the job but none could be integrated into the clustered and load-balanced architecture of DOD EMALL without adversely affecting performance.

This was due to the fact that traditional COTS products require a one-to-one connection between the application and externally-hosted Certification Revocation Lists (CRLs). Load-balanced architectures prevent this type of connection.

"We looked at a variety of off-the-shelf PKI security solutions," said Doug Erickson, Director of Technical Development at Partnet. "In the end, none of these solutions could be successfully adapted to the clustered and load-balanced architecture employed by DOD EMALL."

To solve the problem, Partnet designed eValidate to empower enterprises with the flexibility of using internal CRL caching and Online Certificate Status Protocol (OCSP) to validate CAC and Federal Bridge credentials. OCSP is a fast and lightweight client-side protocol that enables applications to query external certification-status servers (or OCSP responders) for the status of a single certificate. Alongside OCSP, eValidate also offers an automated CRL caching application that can be easily mounted onto existing login modules—quickly authenticating revocation status without negatively affecting performance.

Powered by Partnet eValidate, DOD EMALL is now fully CAC-enabled and public key access is configured for all DOD and Federal Bridge customers. This was accomplished with zero impact on system performance and availability, and in accordance with the strict operating standards of the DOD.

"eValidate proved to be a such an effective solution for balancing the security vs. performance equation on DOD EMALL that we quickly realized its application in other large-scale systems," said Don Brown, CEO of Partnet. "As PKI continues to expand across Federal enterprises, the need for robust PKI security solutions like eValidate will become more acute."

eValidate picks up where other PKI security products fail—providing optimized performance and networking—while ensuring the robust security environment that federal and DOD agencies depend on to fulfill mission objectives.

About Partnet, Inc.

Partnet is a Utah-based software and technology company specializing in facilitating secure reliable communication between the Government and the commercial world, including the operation of Government eCommerce websites and applications.

To learn more about eValidate, contact Partnet at (800) 727-8061 or visit us online at partnet.com.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Debra Fryar
Partnet
801-581-1118 ext. 5069
Email >
Visit website