 Case HistoriesSecurity System for Department of EnergyCase BackgroundDevelop a customized security solution for the intelligence community based on the known requirements of using a digital certificate through the web server to Stellent Content Server.
SolutionSecurity Integration – LDAP/Active Directory/PKI Digital Certificate Single Sign On. Frontline Logic designed a systems solution for IC PKI integration that met the needs of the federal agency client.
ResultsThe following architecture considerations for the client environment are based on proven approaches for implementing Stellent with PKI digital signatures. The proposed design includes consideration of and conformance to the client requirements and specifications as detailed in the following documentation. Subset of client requirements references include: • On site assessment, and subsequent interviews with the client staff • DRAFT Alignment with the ICSIS Architecture (Unclassified//FOUO) • MITRE FY01 IC PKI Lab Tasks – November 2000 • IC PKI Interface Specification (Unclassified//FOUO) – 12 February 2003, Version 2.5.4 • IC PKI Public Key-Enabled Application Requirements (Unclassified//FOUO) – 20 May 2003, Version 0.7 • IC PKI Root Certificate Practice Statement (Unclassified//FOUO) – 9 May 2003, Version 1.1 • IC Certificate Policy (Unclassified//FOUO) – 18 March 2003, Version 3.7 • Security Requirements for Cryptographic Modules - http://csrc.nist.gov/cryptval/ • Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules -http://csrc.nist.gov/cryptval/140-1/1401val2003.htm Excerpt from client letter of appreciation— The Stellent code deliverables, documentation, and “technology transfer” to the client were of excellent quality. We have since relied on the documentation and advice Brent and his team provided to us many times over during other aspects of systems integration with Office of Intelligence technical support staff. Brent Seaman and his technical team are to be commended for their rapid grasp of our requirements set, attention to detail, technical excellence in solution design, and real concern for a successful product delivery and installation. We have greatly appreciated their partnership with us in this effort. HIDE
Technologies UsedStellent Content Server Stellent PDF Converter Proprietary Single Sign-On Novell eDirectory LDAP Directory Services Microsoft Active Directory Services Custom LDAP Provider Custom ISAPI Filter Oracle MS Windows 2000 IIS 5, IIS 6 |
