Press Release
THREE CORESTREET OCSP PRODUCTS RECEIVE FIPS 201 APPROVAL
First OCSP products to be added to the GSA Approved Products List
Cambridge, Mass. — July 20, 2006 — CoreStreet, a software leader in infrastructure and applications for smart credential programs, announced today that the CoreStreet Validation Authority, the CoreStreet Responder Appliance 2400 and the Path Builder System have been approved by the US General Services Administration (GSA) as compliant with the Federal Information Processing Standard 201 (FIPS 201).
As mandated by FIPS 201, Public Key Infrastructures (PKI) must provide Online Certificate Status Protocol (OCSP) for certificate validation. Doing so requires a Validation Authority and a distributed network of responders. CoreStreet's Validation Authority has been deployed by the US Department of Defense and other large government agencies worldwide. Organizations looking for maximum performance and availability from an OCSP responder can deploy the keyless, security hardened Responder Appliance 2400 locally in their facility. CoreStreet's Path Builder System is designed for those wishing to validate credentials across multiple organizations.
“FIPS 201 is a milestone achievement for the US Government, but compliance is no easy task. The Approved Products List is a great resource that significantly eases the selection process,” said Phil Libin, CoreStreet president. "CoreStreet has a history of helping the US Government achieve its smart credential goals. Together with our partners and leading systems integrators, we are ensuring that our customers succeed in meeting the October deadline for compliance."
Under FIPS 201, all issued credentials must contain one or more digital certificates. These certificates are used to validate the status of each cardholder when accessing IT resources and applications, including digitally signed emails, smart card logon, and access to secure web portals. CoreStreet's Validation Infrastructure products are standards-based and designed to meet the requirements of FIPS 201 by validating credentials of organizations of any size in fractions of a second, establishing trust for a variety of critical applications.
“For a security solution to be truly effective in the real world it must not burden the processes it safeguards in terms of performance or cost,” said leading security consultant and industry analyst Ray Bernard, president of Ray Bernard Consulting Services (RBCS). “CoreStreet's critically enabling technology provides near-instantaneous certificate validation in a secure manner, using affordable infrastructure elements, and maintains its high performance regardless of the scale of its application. U.S. government applications have proven its effectiveness and reliability into 10s of millions of users and certificates. This also has significant implications for the private sector, removing barriers that previously existed for large-scale deployments.”
In August of 2004, the White House issued Homeland Security Presidential Directive 12 (HSPD-12), which set out the goal of establishing a single, government-wide credential that individuals could use for access to physical and IT systems. FIPS 201 outlines the technical requirements of such a system, along with a deadline for compliance -October 27, 2006.
About CoreStreet
Every day, the world’s most demanding government and commercial enterprises rely on CoreStreet technology to authorize critical events ranging from signed communications and transactions to physical access. More information, including technical whitepapers, industry solution studies and a list of the patents awarded to the company is available at www.corestreet.com.
