Three agencies, supplier certified for security bridge

Three federal agencies and a federal supplier have achieved cross-certification status with the Federal Bridge Certification Authority, a secure systems infrastructure for exchanging data.

The admission of four new members doubles the number of organizations that have passed rigorous tests required for cross-certification with the bridge, federal officials announced at a recent Federal Public Key Infrastructure (PKI) Deployment Workshop in Washington, D.C.

Cross-certification means the eight federal agencies and supplier with that status can exchange sensitive information online knowing that the other cross-certified agencies' digital signatures and certificates be trusted.

Newly cross-certified are: the Energy Department; State Department; the state of Illinois and Digital Signature Trust Co., a business that provides PKI technology through the General Services Administration's Access Certificates for Electronic Services program. They join the Defense Department, NASA, the Agriculture Department's National Finance Center and the Treasury Department, which were among the first federal agencies to become cross-certified.

Entrust Inc. officials said their PKI technology is used by six of the eight cross-certified members and is the foundational technology for the bridge itself. Digital Signature Trust provides its own PKI technology while Netscape Communications Corp. provides it for DOD.

The conceptual architecture that includes the bridge has been expanded to include newer security policy concepts such as those defined by the Office of Management and Budget's E-Authentication program.

But officials said the federal bridge continues to play an important role in secure data exchanges among agencies and among the federal government and the states, other countries and businesses.

Featured

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Comment
    cloud (Phaigraphic/Shutterstock.com)

    A call for visionary investment

    Investing in IT modernization is not an either-or proposition, Rep. Connolly writes. This pandemic has presented Congress a choice: We can put our head in the sand and pretend these failures didn't happen, or we can take action to be prepared for the future.

Stay Connected