CNC MOBILITY

OVERVIEW

 

CNC was established in 2002 to help our government and commercial clients adopt and implement advanced transformational IT and Internet technologies. Our goal is to help our clients streamline operations, improve information sharing and transparency, enhance productivity, and provide better service to their user communities.  In doing so, CNC has developed and fully integrated leading edge technologies that are critical to facilitation of secure mobile personal productivity.

Located in Bethesda, Maryland, CNC possesses a Top Secret facility clearance and is only minutes away from Washington, DC.  The nation’s capital is home to CNC’s largest customer, the U.S. Federal Government and its agencies in need of Federal Identity and Credential Access Management (FICAM) authentication and authorization solutions. 

CNC is a leader in developing, deploying, implementing, managing, and monitoring compliance to government standards.  While many standards are still emerging, CNC has taken the lead in applying existing standards to the latest available technologies.  We have evaluated, tested, and selected multiple technologies which CNC fully integrated, in order to support and enable applicable standards (i.e. FIPS-201, NIST SP 800-63, OMB M-11-11, etc.).   Moreover, CNC has transformed these frequently disparate technologies into a coherent “end-to-end” solution for government initiatives such as Digital Government, Workforce Mobility, Bring Your Own Device (BYOD), FICAM compliant Identity Interoperability and much more.

Until now, limited options for approved strong authentication methods and data encryption have been the most significant short-term barriers to secure adoption of mobile technologies.  CNC’s partner and supplier has created the first “Cloud” based Personal Identity Verification Authentication System (PVaaS) solution which has successfully passed the rigorous FIPS-201 Evaluation Program testing and validation standards. This PIV Authentication System is currently listed on the GSA HSPD-12 Approved Products List (APL) viewable here: http://fips201ep.cio.gov/apl.php, item # 678.

The ability to properly grant or deny mobile users the necessary access to cloud or other enterprise computing resources is a key skill of CNC.  CNC does this by authenticating, with non-repudiation, the users’ identity (who are you?) [RG1] when attempting to gain logical access. The key to accurate authentication is through biometric identity capture in addition to determining the presence and validity of the X.509 certificates (PKI) encoded on the user’s CAC, PIV, PIV-I, or TWIC credential. This is a complex undertaking, but the members of the CNC team have been involved in various government projects that have provided identity authentication solutions on behalf of the government.   A bonus for the government is that CNC’ solutions can fulfill both logical and physical security authentication requirements simultaneously.  CNC’s integrated SAML 2.0 single sign-on application (SSO) allows an agency to attain full HSPD-12 compliance by deploying CNC authentication products and services.

CNC integrates and produces product solutions that meet all of today’s government and business security and authentication requirements.   The ability to identify individuals, with non-repudiation, quickly and accurately anywhere, anytime is critical to the success of any mobility strategy.  It is not enough to merely provide a secure pathway to the mobile user via a Virtual Private Network (VPN).  Nor does it suffice to encrypt the data while traversing the VPN.  These techniques are important, but they do not address the most important identity questions:  “Who are you?” and “Can you prove it?” with non-repudiation.  Until these questions were addressed, the security of the mobility enabled enterprise remained open to question. 

CNC Mobility solutions provide answers to both of these questions by providing PKI and biometric authentication. This is accomplished using FBI approved fingerprint capture algorithms ensuring the reliability and acceptance of the authentication query results.  While capture of a subject’s fingerprint in the field is not new, it has until now always been cumbersome, slow, and subject to environmental and operational issues that reduced effective and timely results.  Previous field capture methods involved multiple bulky and disconnected devices that required field assembly and were scarcely “man portable” or rapidly deployable.  Today, CNC Mobility solutions are very lightweight, require no field assembly, are immediately usable whenever or wherever required and provide reliable results in seconds.  These CNC solutions operate on IoS, Android, and Windows platforms including both tablets and smartphones.

OMB guidance (OMB M-04-04) provides agencies with the criteria for determining the level of e-authentication assurance required for specific applications and transactions, based on the risks and their likelihood of occurrence of each application or transaction.  Level 4 is intended to provide the highest practical remote network authentication assurance.  Level 4 authentications are based on proof of possession of a key through a cryptographic protocol. It is similar to Level 3 except that only “hard” cryptographic tokens are allowed, FIPS 140-2 cryptographic module validation requirements are strengthened, and subsequent critical data transfers must be authenticated via a key bound to the authentication process. The token must be a hardware cryptographic module validated at FIPS 140-2 Level 2 or higher overall with at least FIPS 140-2 Level 3 physical security. By requiring a physical token (i.e. PIV Card), which cannot readily be copied and since FIPS 140-2 requires operator authentication at Level 2 and higher, this level ensures good, two-factor remote authentication.

Level 4 requires strong cryptographic authentication of all parties and all sensitive data transfers between the parties.   Either public key or symmetric key technology may be used.  Authentication requires that the claimant prove through a secure authentication protocol that he or she physically controls the token.   CNC’s biometric authentication solutions satisfy this requirement quickly and easily for mobile users.  Furthermore, our products can be used securely for more than email applications.  They facilitate digital signing of documents and Single-Sign-On at the application layer.  All of this with a fully integrated product that makes use of ISO 14443 smart cards as the authoritative database providing biometric templates, X.509 certificate based PKI, even facial recognition or iris recognition if desired in an extremely cost effective package that does not significantly alter the physical form factor of the Apple IoS, Motorola, or Samsung Android or Windows phones and tablets.

 

For a demonstration of our mobility solutions please contact:

 

Greg West, Vice President

Converge Networks Corporation

3 Bethesda Metro Center, Suite 640, Bethesda, Maryland  20814-6334

Office: 240-207-2150

gwest@cnc01.com

www.convergnet.com

 

Go Back

(return to previous page)