Our staff has supported many of the US Government agencies and services and a small number of commercial entities. While a list of deliverables does not adequately describe the support required for a trustworthy system implementation and operations, the list below is a detailed summary of the clients, roles and activities of our staff:

Our Clients:

Defense Information Systems Agency
Department of State
Defense Logistics Agency
Department of Labor
Department of Energy
Department of Treasury
Federal Bureau of Investigation
National Security Agency
Department of Homeland Security
Navy Space and Naval Warfare System Command (SPAWAR)
Air Force
United States Patent and Trademark Office (USPTO)
Department of Justice (DoJ)
Department of Commerce (DoC)



Our Experience:

Defense Information Systems Agency

  IT and Information Assurance Auditing

- Primary Auditor for the Department of Defense (DoD) Public Key Infrastructure (PKI)
- Auditor for the Verisign DoD External Public Key Infrastructure (PKI)
- Auditor for the Operational Research Consultants (ORC) DoD External Public Key Infrastructure (PKI)
- Auditor for the DoD Public Key Infrastructure (PKI) Registration Authorities (RA) and Local Registration Authorities (LRA) at Air Force, Army, CIA, Defense Commissary Agency, Defense Finance and Accounting Service (DFAS), Defense Intellegence Agency (DIA), Department of Defense Education Activity (DoDEA), Defense Logistics Agency (DLA), Defense Threat Reduction Agency (DTRA), Navy, National Geospatial-Intelligence Agency (NGA), Tricare Management Agency, Marine Corp, and the Washington Headquarters Services (WHS) Office of the Secretary of Defense (OSD)
- Contributed to the development of the DoD Public Key Infrastructure (PKI) Audit Tool

Policy Development and Documentation

- Contributed to the DoD Public Key Infrastructure Certification Practices Statement (CPS)

Training

- Produced Requirements Compliance Training for the DoD Public Key Infrastructure (PKI)

Design, Engineering and Implementation Support

- Developed Data Archive Strategy
- Produced Global Directory Service Architecture Load Balancing Study

Department of State

  Operations and Maintenance

- Operations Team for the Department of State Public Key Infrastructure (PKI)
- Performed Backup, Rekey and other security function operations for the Department of State Public Key Infrastructure (PKI)
- Operations Team for the Department of State Personal Identity Verification (PIV)/ Homeland Security Presidential Directive 12 (HSPD-12) System
- Operations Team for the Department of State Machine Readable Travel Document (MRTD) System (security system for the Electronic Passport System (e-passport))
- Developed and Implemented Change Request Process and Procedures

Design, Engineering and Implementation Support
- Engineering support for the Department of State Public Key Infrastructure (PKI)
- Engineering support for the Biometric Logical Access Development and Execution (BLADE) Project (smartcard/biometric network access implementation)

IT and Information Assurance Auditing

- Official Auditing Witness for the Department of State Active Directory Public Key Infrastructure (PKI) Key Generation Ceremony

- Official Auditing Witness for the Department of State Machine Readable Travel Document (MRTD) Public Key Infrastructure (PKI) Key Generation Ceremony - Developed and implemented internal audit processes and procedures - Managed PKI CP/CPS Compliance Audit Process - Developed and Implemented Incident Response Process and Procedures

Certification and Accreditation Support

- Managed Certification and Accreditation Process for the DoS PKI, MRTD, and ClassNet PKI (CPKI) Systems
- Produced the Certification and Accreditation System Security Plan (SSP) for the DoS PKI, MRTD, and ClassNet PKI (CPKI) Systems
- Produced the Certification and Accreditation Contingency Plan (CP) for the DoS PKI, MRTD, and ClassNet PKI (CPKI) Systems
- Acted as internal certifier, producing the Certification and Accreditation Security Test and Evaluation Plan (STE Plan) and the Certification and Accreditation Security Test and Evaluation Results Report (STE Report) for the DoS PKI, and MRTD Systems

Policy Development and Documentation

- Contributing author to the CPKI Certification Practices Statement (CPS)
- Recommended and Drafted Updates to the DoS PKI Certificate Policy (CP) and Certification Practices Statement (CPS)

Defense Logistics Agency

  Design, Engineering and Implementation Support

- Produced Common Access Card (CAC) and Online Certificate Status Protocol (OCSP) Market Analysis
- Performed Automated Information Systems Risk Assessments for compliance with Presidential Decisions Directive 63 (PDD-63)

Department of Labor

  IT and Information Assurance Auditing

- Auditor for the Primary Certification Authority pre-Audit Review

Department of Energy

  Design, Engineering and Implementation Support

- Upgraded the Department of Energy (DoE) Public Key Infrastructure (PKI) Systems at Pacific Northwest National Laboratories (PNNL) and DoE Headquarters
- Performed Migration of the Department of Energy (DoE) Directory Structure
- Implemented Federal Bridge Cross Certification
- Produced Build Scripts/Key Generation Scripts for the Department of Energy Primary Certification Authority (PCA) PKI
- Coordinated Build/Key Generation Ceremony for the Department of Energy Primary Certification Authority (PCA) PKI

Policy Development and Documentation

- Contributed to the Department of Energy (DoE) Public Key Infrastructure (PKI) Certification Practices Statement (CPS)

Department of Treasury

  Design, Engineering and Implementation Support

- Drafted Department of Treasury Public Key Infrastructure (PKI) System Architecture
- Drafted and Implemented Department of Treasury Public Key Infrastructure (PKI) Backup Plan
- Technical Advisors for the Department of Treasury Bureau of Public Debt Certification Authority Implementation
- Produced Build Scripts/Key Generation Scripts for the Department of Treasury External Certification Authority (ECA)
- Coordinated Build/Key Generation Ceremony for the Department of Department of Treasury External Certification Authority (ECA)
- Produced Build Scripts/Key Generation Scripts for the Department of Treasury Root Certification Authority (RCA)
- Coordinated Build/Key Generation Ceremony for the Department of Department of Treasury Root Certification Authority (RCA)
- Operations and Engineering Support for the Department of the Treasury Public Key Infrastructure (PKI) and Directory Systems

Policy Development and Documentation

- Drafted and Updated Treasury PKI Certification Practices Statement (CPS)

Operations and Maintenance

- Maintained, Updated and Supported the Department of the Treasury PKI Systems

IT and Information Assurance Auditing

- Support of the Department of the Treasury Root Certification Authority (CA) Audit

Federal Bureau of Investigation

  Design, Engineering and Implementation Support

- Produced Federal Bureau of Investigation (FBI) Public Key Infrastructure (PKI) Failover Plan
- Federal Bureau of Investigation (FBI) Public Key Infrastructure (PKI) Build Team and Key Generation Ceremony staff
- Implemented Cross Certification with the Federal Bridge PKI
- Drafted Federal Bureau of Investigation (FBI) Public Key Infrastructure (PKI) Operational Procedures

Operations and Maintenance

- Performed Software Patching and Maintenance
- Provided Tier 2 User Support
- Implemented Backup Upgrade
- Recommended, Processed and Implemented Change Requests and upgrades
- Supported client rollout (30,000 Smartcards)
- Updated Federal Bureau of Investigation (FBI) Public Key Infrastructure (PKI) Installation plan and build procedures
- Updated Federal Bureau of Investigation (FBI) Public Key Infrastructure (PKI) Operations Manual
- Supported and Maintained the Federal Bureau of Investigation (FBI) Operational Test and Evaluation Facility (OTEF)
- Maintained and updated Federal Bureau of Investigation (FBI) directories

IT and Information Assurance Auditing

- Coordinated and Provided guidance for successful Federal Bridge Public Key Infrastructure (PKI) Audit

Policy Development and Documentation

- Recommended and Drafted Policy Updates to the Certificate Policy (CP) and Certification Practices Statement (CPS)

Training

- Developed and Contributed to training materials for Installations Teams and System Administrators

National Security Agency

  Security Design Evaluation

- Validators for the Common Criteria Evaluation and Validation Scheme (CCEVS)
- Security Certification Advocates for the Miniaturized Demand Assigned Multiple Access (Mini-DAMA) Terminal

Design, Engineering and Implementation Support

- Systems Engineering for the MINTERM (KY-99) Secure voice/data terminal (miniaturized ANDVT)
- Produced Functional Design and Design test Procedures for the MINTERM Secure voice/data terminal
- Project Engineering for the Secure Telephone Unit III (STU-III) secure phones
- Produced System Documentation and handbooks for the use of cryptographic components
- Performed Test and Evaluation of the Secure Telephone Unit III (STU-III) secure phones

Training

- Produced and presented training materials for the use of cryptographic components
- Produced and presented training materials for the Common Criteria Evaluation and Validation Scheme (CCEVS)

Department of Homeland Security

  Design, Engineering and Implementation Support

- Produced Build Scripts/Key Generation Scripts for the Department of Homeland Security Root Certification Authority (CA) PKI
- Coordinated Build/Key Generation for the Department of Homeland Security Root Certification Authority (CA) PKI