OverviewExostar's Federated Identity Service (FIS) is a comprehensive PKI solution that enables full lifecycle management of certificates, strong authentication practices and controlled access to applications through Exostar's Managed Access Gateway (MAG) platform. FIS minimizes risk and assures resources and intellectual assets are protected over the extended enterprise. Because it is operationally modeled after, and is compliant with CertiPath (the PKI cross-certification bridge) security policies and federal best-practice guidelines, FIS is ideal for enabling sensitive online transactions and secure access to information.
Certificate Types
Assurance LevelsExostar issues certificates with varying assurance (strength) levels. The strength of a certificate directly corresponds to the level of proof required to obtain a particular certificate and the security used to store the private key associated with the certificate. - Basic Level of Assurance (BLOA): Does not require in-person identity check (no proofing required) and is stored on a user’s hard drive.
- Medium Level of Assurance (MLOA) Software: Stronger than BLOA and requires in-person identity check (in-person proofing required) and is stored on a user’s hard drive.
- Medium Level of Assurance (MLOA) Hardware: Stronger than MLOA Software and requires in-person identity check (in-person proofing required) and is stored on a USB Security Device (token).
When users download a BLOA Digital Software Certificate, an Identity Certificate is installed to the user’s hard drive. When a user downloads MLOA Digital Certificates, the user has to complete in-person proofing. For MLOA Software Digital Certificates, all three certificate types are installed to a user’s hard drive. For MLOA Hardware Digital Certificate, all three certificate types are installed onto a USB token.
Exostar's Secure Email Service is an end-to-end solution which enables customers to rapidly deploy SecureEmail without infrastructure or technology investments in PKI. The service is supported by Exostar's member-only hosted LDAP proxy to provide certificate look-up for our members and a range of digital certificates. Exostar LDAP Proxy is designed to automate the process of discovery of end user encryption certificates to support secure email. It is a members-only service.
System CheckTo run a system check, please go here.
Info |
---|
Click the arrows below to read further about the overall FIS BLOA and MLOA processes, benefits, and roles available to users. |
HTML Wrap |
---|
|
Expand |
---|
| WorkflowPlease select the images to enlarge: BLOA
MLOA
|
Expand |
---|
| Benefits- Accelerates deployments with open, standards-based protocols and certificate policies that enable identities/entitlements to be shared across systems/domains.
- Assures identity validity via integrated, multi-layered security and authentication practices.
- Meets critical technical and regulatory requirements.
- Encourages rapid adoption of PKI-enabled services by partners, customers and suppliers through seamless interoperability with Intranets, Extranets and VPNs.
|
Expand |
---|
title | Roles and Responsibilities |
---|
| Roles and ResponsibilitiesAuthorized Officer: Executor of the contract and designator of the FIS Administrator.
FIS Administrator: This role is the same thing as an Application Administrator, just for the FIS application in particular. The FIS Administrator manages FIS-related activities for users within their organization. For more information, see the FIS Administrator Responsibilities page. |
|
|