HID-ActivID-CMS-Data-Sheet
Open the original PDF document
View PDF
IDENTITY AND ACCESS MANAGEMENT SOLUTIONS
PROVEN CREDENTIAL MANAGEMENT SYSTEM TO SECURELY DEPLOY AND UPDATE HIGH ASSURANCE USER CREDENTIALS
HID Global's ActivID® Credential Management System (CMS) provides organizations comprehensive, highly configurable solutions to meet their unique needs. With HID Global, organizations can establish trust in the identity of users to securely manage access to all their networks, PCs, in-house, public and private cloud applications, building facilities, and other resources.
ACTIVID CREDENTIAL MANAGEMENT SYSTEM BENEFITS
- Increase security and reduce fraud with a single platform capable of issuing and managing HID Global authenticators
- Proven technology used by numerous security-minded organizations to issue hundreds of millions of credentials
- Choice of authenticator form factor: smart cards, smart USB keys and mobile devices
- Customizable workflows and policies that readily adapt to a variety of environments and deployment scenarios
- Unique, patented post-issuance update capabilities allow organizations to extend the lifetime of authenticators. offering cost-savings and productivity enhancements
- Web based help desk administration
- Tamper-evident audit features that log all event activities for reporting
- Compliance with stringent U.S. Federal government Personal Identity Verification (PIV) standards including derived PIV credentials
- Easy integration with a wide variety of directories, front or backend identity management and provisioning systems, certificate authorities, and physical access control systems
- Extensibility to support batch and service bureau issuance models
ActivID CMS enables the usage of digital identities for secure multi-factor authentication, digital signature and encryption. It provides a complete flexible solution to meet the organization's security policies and IT's architecture requirements. CMS can deploy a variety of authenticators, including smart cards, smart USB keys and mobile devices. Each of those authenticators can protect multiple credentials, including public key infrastructure (PKI) certificates, FIDO and one-time passwords (OTPs).
With flexible form-factor and assurancelevel deployment options, organizations can securely manage a large number of end users in dispersed locations throughout the identity life cycle.
The Advanced Edition of ActivID CMS includes HID Global's ActivID Credential Management System (CMS) and HID Global's ActivID Batch Management System (BMS). ActivID BMS provides an efficient, standards-based solution for batch requests and offers the flexibility of remote and/or local issuance using a variety of smart card printers, including those compatible with the needs of service bureaus.
Together with the ActivID ActivClient™ security software, ActivID strong authentication platform and ActivID authenticators, the HID Global portfolio offers a complete credential lifecycle management solution.
United States Government agencies and contractors can leverage ActivID CMS to issue and manage Personal Identity Verification (PIV) cards and PIV-Interoperable (PIV-I) cards in compliance with FIPS-201, as well as Derived Credentials to secure their phones.
Commercial enterprises can use ActivID CMS to issue Commercial Identity Verification (CIV)-compliant smart cards.
ActivID CMS is also compatible with a large number of PIV-compliant systems and applications such as secure multifunction printers and disk encryption products.
In addition to issuing and managing smart cards and smart USB keys such as Crescendo® smart cards and Crescendo Key, ActivID CMS also manages Windows® Virtual smart cards based on TPMs embedded in the PC, tablets or phones, allowing organizations to save smart card and card readers costs.
ActivID CMS also supports Crescendo Mobile, a smartphone app that provides the same services as a smart card. Using a Bluetooth or NFC connection, Crescendo Mobile enable the authentication to Microsoft Windows® and cloud applications, as well as data signature and encryption on Windows® 10 PCs.
ActivID CMS offers simple and central management of multiple credential types in diverse IT environments. ActivID CMS also includes a software development kit for systems integrators and independent software vendors.
Combined with HID Global Crescendo smart cards, Crescendo Mobile, OMNIKEY® smart card readers, FARGO® card printers, Asure ID™ card personalization software and pivCLASS® software solution for PACS in PIV environments, HID Global's ActivID CMS is the only complete solution offered by a single vendor to create, manage and use PKI credentials for both IT resources and physical building access.
SPECIFICATIONS
| ActivID® Credential Management System | |
|---|---|
| Server Platform Support | Operating Systems: Microsoft® Windows® Server 2012 / 2012 R2 / 2016 / 2019 |
| Databases: Microsoft SQL Server 2012 SP1 / 2014 / 2016, 2017; Oracle® 11g / 12c /18c | |
| Client Platform Support | Operating Systems: Windows 7 / 8.1 Update / 10, Windows Server 2012 / 2012 R2 / 2016 /2019 (32- and 64-bit) |
| Main Feature Set |
Administrative Services: Issuance, device life cycle management, PIN management,
certificate management, One-Time Password (OTP) management, user management, configuration |
|
Card Holder Services: Issuance, device life cycle management, PIN management,
OTP management, authentication, post-issuance |
|
| Credentials |
Smart cards and smart USB keys: HID Crescendo cards, Crescendo Key and ActivKey SIM, as well as select Java Card-based
devices from Gemalto™, Giesecke & Devrient, Idemia and Yubico; PKCS#11 devices that comply with ActivID Credential Management System requirements. |
| Virtual Smart Cards: compliant with Microsoft® Windows® 10, Trusted Platform Modules (TPM) 2.0 | |
| Mobile credentials (protecting mobile apps): Apple iOS® Mobile smart cards (protecting PCs): Apple iOS, Google Android™ | |
| Additional Devices | Biometric Service Providers: Precise Biometrics and Secugen |
| FARGO® printers (using HID Asure ID® Developers Edition) and Datacard® printers (using Datacard ID Works) | |
|
Hardware Security Modules: AEP KeyPer® Enterprise / Plus, Gemalto SafeNet Network HSM / PCIe HSM, SafeNet Assured
Technologies Luna SA for Government, Thales nShield™ Connect / Connect+ / Connect XC / Solo / Solo+ |
|
| Compliance and Standards |
U.S. Government: FIPS 201-2 (PIV cards – NIST SP 800-73-4, derived PIV credentials – NIST SP 800-157), Smart Card
Interoperability Specifications GSC-IS v2.0, GSA Basic Services Interface (BSI), GSC-IS v2.1, Section 508-compliant, U.S. Department of Defense Pre-Issuance Requirements v4.2.1, FIPS 140-2 certified cards and applications support, FIPS 140-2 certified HSM support |
| Data Access: LDAP v3, JDBC | |
| General: Secure communication (SSL/TLS), GlobalPlatform / OpenPlatform, Java Card™ | |
| Third-party Interoperability |
Directories: Atos DirX® Directory, IBM® Tivoli® Directory Server, Microsoft Active Directory, Microsoft Active Directory
Lightweight Directory Services, NetIQ eDirectory, Oracle Directory Server, Red Hat Directory Server |
|
Certificate Authorities: IdentTrust®, Entrust® Authority Security Manager™, Microsoft Windows
Certificate Authority, Opentrust by IDnomic, Digicert / Symantec® Managed PKI, Verizon® UniCERT® |
|
| Service Bureaus: Idemia; any services bureau supporting the U.S. Department of Defense Pre-Issuance Requirements v4.2 | |
| CMS capabilities accessible via Java, C++ and the open standard SCIM API | |
|
Compatibility with other HID
Global Software Products |
HID PIV IDMS, ActivID ActivClient, ActivID AAA Server for Remote Access, ActivID Appliance,
pivCLASS® IDPublisher, pivCLASS multiCLASS, HID SAFE™ |
hidglobal.com
North America: +1 512 776 9000 Toll Free: 1 800 237 7769 Europe, Middle East, Africa: +44 1440 714 850 Asia Pacific: +852 3160 9800 Latin America: +52 55 9171 1108
© 2019 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, the Chain Design, pivCLASS, multiCLASS, HID SAFE, Asure ID, ActivID, FARGO, and ActivClient, are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners.
2020-03-02-hid-iams-activid-cms-hardware-ds-en PLT-01264
