TrustBearer Labs, an authentication and digital identity solutions company, announced today that the TrustBearer Desktop PIV API meets the Federal Information Processing Standards (FIPS) 201 requirements and is approved by US Government GSA for deployment in Homeland Security Presidential Directive 12 (HSPD-12) programs. The certification enables government agencies to purchase TrustBearer Desktop PIV middleware to comply with the FIPS 201 standard as mandated by HSPD-12. TrustBearer Desktop also provides an easy-to-use Single Sign-On solution through TrustBearer's OpenID platform. This unique feature of TrustBearer Desktop allows government workers with PIV credentials to authenticate to rich Web 2.0 applications supporting OpenID and Security Assertion Markup Language (SAML).
TrustBearer Desktop provides the middleware interface between the PIV compliant card and the applications utilizing the digital certificates stored on the card to perform cryptographic operations for authentication, encryption and signatures. The PIV credentials can be used for network authentication, SSL client authentication, document signatures, email signatures and encryption, virtual private networks and remote access.
"The government has recognized that critical and sensitive data must be protected using secure methods," says TrustBearer Labs founder and CEO David Corcoran. "Hardware-based PKI authentication is widely known as the strongest form of security available. TrustBearer Labs is proud to have achieved the FIPS 201 validation for our TrustBearer Desktop product, and we look forward to serve the U.S. federal government."
Unlike other PIV middleware, TrustBearer Desktop enables strong authentication to rich, Web 2.0 Internet applications using the government issued PIV credential through TrustBearer's OpenID platform. Using OpenID and SAML, TrustBearer provides Single Sign-On support for online applications such as Salesforce.com, the market-leading online customer relationship management service with over 1 million subscribers, and Google Apps, a business productivity and communications platform managed by Google.
"TrustBearer not only provides the middleware to utilize PIV credentials locally on client computers, but also combines the strength of hardware-based PKI authentication with the simplicity and ease-of-use that web users expect with online applications," says Mr. Corcoran. "This is a tremendous example of how government issued PIV credentials can be leveraged in online applications and improve both security and convenience."