HID Global’s ActivID® Credential Management System (CMS) enables organizations to issue an authentication credential that goes beyond perimeter security. A smart card or smart token can be used to secure access to individual workstations and servers within the firewall, as well as securing VPN and other remote access use cases. The smart card or token can also be used to encrypt data, hard drives, documents and emails, and for digital signatures.
The ActivID Credential Management System is ideal for:
- Medium to large enterprises issuing employees with converged access cards or smart tokens for authentication, data encryption and data signing
- US Federal government agencies deploying Personal Identity Verification (PIV) cards and commercial organizations deploying PIV-I or Commercial Identity Verification (CIV) cards.
- Governments issuing citizens identification cards with PKI-based credentials
ActivID CMS is the only offering in the industry that makes it possible for organizations to create, manage and use a single PKI smart card for both logical and physical access – using a unified solution from a single vendor.
Organizations deploying the ActivID CMS are able to securely provision PKI certificates and other credentials to a range of different devices, including smart cards, tokens and mobile phones. It is also scalable to millions of credentials in distributed complex environments with multiple user groups. ActivID CMS interfaces with physical access control systems (PACS) to automate the PIV or PIV-I card enrollment process enabling users to use their card to authenticate at the door without the need to re-enroll their card.
The ActivID Credential Management System (CMS) gives organizations a way to simply and securely manage their smart card and smart USB token deployments. The solution supports:
Extensibility: In conjunction with ActivClient®, as well as public key cryptography standards (PKCS) #11-compliant middleware, the ActivID CMS can be used to support the issuance and management of smart cards for a wide variety of desktop, network security, and productivity applications. When fully leveraged, the credentials can be used for both logical and physical access.
Lifecycle management: Effectively manages an organization’s authentication devices (e.g., smart cards and smart USB Tokens), data (e.g., static passwords, biometrics, and demographic data), applets (e.g. one-time password applications and Personal Identity Verification [PIV] applets), and digital credentials (including PKI certificates). ActivID CMS’ unique, patented post-issuance update capabilities ensure organizations are in control of their credentials at all times.
Integration: Interoperable with a wide variety of environments, including operating systems, directories, front- or back-end identity management and provisioning systems, certificate authorities, card printers including FARGO® printers and physical access control systems.
Robust reporting: Provides full, tamper-evident audit features that log all event activities for reporting.
Strong security: Delivers a secure, transparent method for transmitting secrets held on smart cards or smart USB tokens connected to user workstations. Keys and personally identifiable information are protected on the server using a Hardware Security Module and transmitted securely end-to-end to the secure element chip. CMS also supports stringent U.S. Federal Government standards for PIV and PIV-I.