DSA to Certify and Accredit New FiXs Members Technology; Process to Ensure Highest Level of Information Security in the Government's Cross-Credentialing Network.FAIRFAX, Va. -- DSA (1) (Directory Server Agent) An X.500 program that looks up the address of a recipient in a Directory Information Base (DIB), also known as white pages. It accepts requests from the Directory User Agent (DUA) counterpart in the workstation. , a provider of global IT security services to government and industry, is conducting the initial and periodic Risk and Security Compliance Assessments of all member companies belonging to the Federation for Identity and Cross-Credentialing Systems The Federation for Identity and Cross-Crendentially Systems (FiXs) is a coalition of government contractors, private companies and not-for-profit organizations whose mission is to establish and maintain a worldwide, interoperable identity and cross-credentialing network built on (FiXs). These assessments ensure that each organization adheres to the FiXs Operating Rules, FiXs Security Guidelines, and security best practices. "The FiXs Executive Board selected DSA to perform the certification and accreditation work given our successful track record in information security," explained Robert Haas, DSA's Director, Network and Information Assurance Practice. "Our expertise includes risk management, security compliance assessments, application and network security design, implementation and validation, secure operations, and continuity of operations The degree or state of being continuous in the conduct of functions, tasks, or duties necessary to accomplish a military action or mission in carrying out the national military strategy. planning." FiXs is a not-for-profit federation of independent companies, working in conjunction with Federal partners such as the U.S. General Services Administration The General Services Administration (GSA) was established by section 101 of the Federal Property and Administrative Services Act of 1949 (40 U.S.C.A. § 751). The GSA sets policy for and manages government property and records. (GSA (1) (Global mobile Suppliers Association, Sawbridgeworth, U.K., www.gsacom.com) A membership organization of suppliers of GSM products and services. Its goal is to promote GSM as the worldwide mobile communications standard. See GSM Association and GSM. ) and the Department of Defense (DoD), to provide an end-to-end trusted identity management solution that is HSPD-12 and FIPS-201 compliant. FiXs is in the final stages of rollout of its high security global network that routes credential information requests to and among the government and FiXs-compliant companies. The federation already has conducted successful pilot tests of the network under an agreement with the Defense Manpower Data Center The Defense Manpower Data Center (DMDC) serves under the Office of the Secretary of Defense to collate personnel, manpower, training, financial, and other data for the Department of Defense. (DMDC DMDC Defense Manpower Data Center DMDC Defense Management Data Center DMDC Disk Memory Drive Controller ). The FiXs network provides unprecedented interoperability for participating organizations, eliminating the need for an individual to maintain multiple credentials in order to gain physical and logical access to facilities and networks. FiXs member companies generate substantial economies through the use of a single secure credential, while government agencies recognize increased productivity and cost savings from credential interoperability across facilities and vendors. The FiXs network provides for the secure exchange of approved credentials between member organizations and government partners. Identity information is stored by an individual's employer, not in a master database - a more secure and reliable method than other human verification systems. DSA, a founding member of the Federation, will assess each candidate FiXs service provider before it can join the network to ensure their security processes and safeguards adhere to the minimum mandatory government and industry standards as well as the FiXs requirements, Haas explained. "There are a number of guidelines and standards that specify the controls and processes that need to be in place with respect to information assurance," Haas explained. "Although the Department of Defense is the first agency to use the FiXs network, we anticipate that commercial and civilian agencies also will utilize this model, so we carefully scrutinize prospective members for adherence to the standards and guidelines governing IT and personnel security, including those stipulated by FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. 201." What makes the FiXs system work is the trust model that exists between the member organizations and DoD. The trust model is based on adherence to a set of operating rules, policies, certification procedures, and auditing. FiXs is comparable to the ATM networks, where an individual can use any one of a number of bank cards in almost any institution's ATM machine. In addition to DSA, founding members of FiXs are BearingPoint, EDS (Electronic Data Systems, Plano, TX, www.eds.com) Founded in 1962 by H. Ross Perot (independent candidate for the President of the U.S. in 1992), EDS is the largest outsourcing and data processing services organization in the country. , Lockheed Martin, NACHA NACHA National Automated Clearing House Association NACHA National Agency Clearing House Association - The Electronic Payments Association, Northrop Grumman, Saflink, SRA International, SRP SRP - A data link layer protocol. Consulting Group, 3Factor, Unlimited New Dimensions and Wave Systems. Since its founding in 2004 FiXs has welcomed Bio-Key, Citigroup, ChoicePoint Government Services, Disaster Management Solutions, EID EID Emerging Infectious Diseases (journal) EID Electronic Identification EID Endpoint Identifier EID Employee Identification EID Ecological Interface Design EID Earned Income Disregard EID Education and Information Division Passport, Giesecke and Devrient Cardtech, Maximus and Wells Fargo as members. The Department of Defense and the U.S. General Services Administration also participate in FiXs initiatives. About DSA DSA provides strategic, secure, mission critical IT solutions to government and industry through three focused divisions: DSA Federal, DSA Life Science, and DSA Commercial. The company has over 40 years experience in systems and software engineering and integration services specializing in enterprise-wide information technology solutions. DSA is a leader in program management, information security and regulatory compliance. Office locations: Philadelphia, PA (headquarters), Washington, DC, NY Metro and Mid-West. For more information, please visit www.dsainc.com or call toll free to 1-877-422-4DSA. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion