Non-Federal Shared Service Provider PKI

State and local governments and contractors often have a requirement for both an enterprise PKI and interoperability with the Federal government. VeriSign has developed the Non-Federal Shared Service Provider (SSP) PKI to capitalize on the extensive array of technologies, standards and solutions developed by the Federal government and industry to support the Federal PKI.

Non-Federal SSP PKI operates at multiple assurance levels defined by the Federal e-Authentication program and achieves interoperability with the Federal PKI through cross-certification with the Federal Bridge Certification Authority (FBCA). It also supports standards being developed by the U.S. Department of Homeland Security for the issuance of First Responder Authentication Cards (FRAC).

• A clone of the VeriSign SSP PKI service for Federal agencies that enables technical interoperability with the Personal Identity Verification (PIV) card as defined in FIPS 201.
• Enables certificate issuance at multiple assurance levels: rudimentary, basic, medium, medium-hardware and high assurance.
• Full suite of certificate types to enable security services including: authentication, encryption, digital signature, and physical/logical access control.
• Multiple options for the validation of certificates including Certificate Revocation Lists (CRLs) and an OCSP (Online Certificate Status Protocol) validation service.
• Key Management Service provides a centralized, auditable key storage and archive service for key escrow and recovery.
• Automated certificate issuance and lifecycle management with Microsoft® Windows® and Active Directory®.
• Supports the issuance of First Responder Authentication Cards (FRAC) that comply with Department of Homeland Security requirement for credentials meeting Federal PIV standards.

VeriSign offers a full suite of features and options to tailor the right solution for non-federal entities to mitigate risk and speed time to compliance.