Japanese
Contact Us

PIV Gateway™ Trust|User + device authentication and authorization management

Certification and authorisation management systems compliant with NIST standards.

What is PIV Gateway™ Trust?

PIV Gateway™ Trust is a distributed authentication and authorization management system that combines a PKI-based authentication infrastructure with access control as defined in NIST SP800-178.

It achieves authentication strength equivalent to NIST SP800-63B AAL3 using hardware tokens and digital certificates, and enables strict access control equivalent to PDP (Policy Decision Point) and PEP (Policy Enforcement Point) in NIST SP800-207, the guidelines defining the zero-trust concept.

Why is it important to strengthen authentication and authorization?

With the increasing sophistication of cyber-attacks, it has become easier to guess or steal passwords, and traditional ID/password authentication systems are no longer secure, but rather represent a serious security risk for organizations.

Although an increasing number of companies and organizations have recently adopted multi-factor authentication (MFA) as a more robust authentication method, various attacks have been confirmed against authentication methods such as “sending authentication codes via SMS” and “one-time passwords,” which unfortunately are also not sufficient security measures.

Therefore, it is important to shift from conventional ID/password-based authentication methods to password-less authentication methods using hardware tokens, etc., which are considered to have the highest authentication strength.

Features

User + device authentication

By utilizing PKI and hardware tokens or virtual smart cards, both the user and the device can be verified to achieve password-less authentication based on strict authentication and authorization.

Verification of device components and status by Remote Attestation

By embedding the platform certificate issued by PIV Gateway™ CA in the TPM (Trusted Platform Module), it is possible to detect forgery or modification of the device's boot status, from model name to components, and to set policies in advance to allow or deny the connection. The connection can also be enabled or disabled in advance by modifying policies.

In addition to AAL3 equivalent authentication using hardware tokens and digital certificates, Remote Attestation provides the strongest authentication infrastructure, allowing simultaneous authentication of users and devices.

Access control based on various environmental attributes

Attribute-based access control (ABAC), based on Next Generation Access Control (NGAC), allows users to set access conditions based on environmental attributes such as user and device status, network origin and destination, and time factors.

This enables access control based on detailed conditions such as “who,” “when,” “from where,” “where to,” and “how.

Use Cases

Realization of Zero Trust

PIV Gateway™ Trust can be leveraged to achieve a zero-trust environment as described in NIST SP800-207. It provides robust security against both internal and external threats by centrally managing user and device authentication and authorization and enforcing real-time access control.This allows for secure access even in untrusted network environments.

Application to devices

PIV Gateway™ Trust can also be applied to the security of “devices” (IoT, automotive devices, drones, industrial equipment, etc.). It enables mutual authentication (mTLS) to establish communication only with the correct party by remotely verifying the authenticity and integrity of the device. This enhances security and improves the reliability of IoT devices and other equipment.

Pricing

Varies depending on the scale of installation. For more details, please feel free to contact us.

Line up

PIV Gateway™ CA

PIV Gateway™ CA is the world's first cloud-based private CA solution that supports issuance of platform certificates in addition to X.509 certificates.
An authentication infrastructure equivalent to AAL3 can be built, and verification of the authenticity and traceability of devices using platform certificates is possible.

PIV Gateway™ Trust

A password-less multi-factor authentication infrastructure equivalent to AAL3 that uses hardware tokens and digital certificates.
Compatible with RFC9334, OpenID Connect, etc., and works with PIV Gateway™ CA to realize integrated management of authentication and authorization for users and devices easily and inexpensively.

PIV Gateway™ PACS

PIV Gateway™ Chronos is a highly available and accurate NTP time server that provides highly accurate time synchronisation even under GNSS spoofing and jamming attacks.

PIV Gateway™ Chronos

PIV Gateway™ CA is the world's first cloud-based private CA solution that supports issuance of platform certificates in addition to X.509 certificates.
An authentication infrastructure equivalent to AAL3 can be built, and verification of the authenticity and traceability of devices using platform certificates is possible.

Consult with our specialists for your security needs.

Cyber Defense Institute's core value drive us to provide top-notch cyber security services and ensuring a secure digital environment for our clients.
Trust us with every aspect of your security strategy, from inception to execution.
Contact Us
For confidential inquiries, we also accept requests via email at cdiprivacy(at)protonmail.com.
Please consider using this option if necessary. ※ (at)should be replaced with @.