FiXs in the News – See Recent Press Coverage

The Federation for Identity and Cross-Credentialing Systems (FiXs) - Overview

Introduction

The FiXs Organization

The Federation for Identity and Cross-Credentialing Systems (FiXs) is a coalition of commercial companies, government contractors, and not-for-profit organizations whose mission is to establish and maintain a worldwide, interoperable identity and cross-credentialing network built on security, privacy, trust, standard operating rules, policies, and technical standards. The FiXs network verifies and authenticates the identity of personnel seeking to enter U.S. military installations and other government-controlled areas, as well as commercial sites tied to the network.

Background

Founded in 2004 and based in Fairfax, Virginia, FiXs was formed to pilot a federated identity transaction model and was incorporated as a not-for-profit corporation. A long-standing affiliation with the DoD credentialing program has enabled participating government organizations and industry members to establish secure and interoperable identity verification and authentication for secure facility and system access.

The FiXs Network

FiXs provides a trusted mechanism for federated identity infrastructure within and between public and private sector organizations with accuracy and trust through the application of a Federated Trust Model. The network capabilities can be accessed worldwide, in remote or fixed environments, wired or wirelessly, and in real-time. A key component to the network integrity is its strong credential authentication and revocation processes, as governed by the FiXs operating rules.

Modeled after the financial industry’s highly-secure and widely-accepted ATM (Automated Teller Machine) approach, the FiXs network is a secure, scalable system that provides trusted, interoperable identity verification and credential authentication for network users accessing a range of government and commercial facilities. The FiXs network meets federally-mandated requirements, supports physical and logical access applications and integrates with an organization’s existing personnel system, while leveraging the network’s economies of scale.

FiXs Federated Trust Model and Technology

The FiXs network and certified applications using it employ a sophisticated Federated Trust Model that allows disparate organizations to interoperate and authenticate identities, while managing privileges locally. The key components of this Federated Trust Model are interdependent and require 1) a trusted organization and 2) a trusted individual identity within that organization. The two are linked through a “chain of trust” process that gives vetted and trusted organizations the ability to create and issue individual identity credentials that can be authenticated and managed over the trusted and secure network by other members and government users.

Once the identity credential is established, it can be used in workplace environments to assign privileges consistent with the objectives and unique requirements of each member organization. The FiXs role is limited to identity authentication, which occurs prior to assignment of role or privilege designations (either physical or logical) by member organizations.

The FiXs network uses available identity credential technology in conjunction with biometric identification. FiXs can be used within and between public and private sector organizations and promotes a trusted mechanism for federated identity infrastructures. The FiXs identity credentialing network currently is the only network certified to interoperate with the Defense Cross-Credentialing Identification System (DCCIS) infrastructure, the credentialing network of the DoD.

It is important to note that FiXs does not grant or deny physical or logical access for any credential bearer. Rather, it delivers a trusted infrastructure that provides participating members with a high-assurance means to authenticate the actual identity of individuals presenting FiXs-certified credentials for access to facilities and systems. Through the FiXs network authentication and verification process, facility and system managers can determine independently whether they choose to grant or deny access or other privileges.

Privacy and Trust

A primary objective of the FiXs network is to protect personal identity information. As such, the FiXs network does not replicate or store identity factors in multiple locations. Individual personal identity information is kept and maintained by the organizational sponsor of the individual, in most cases, the individual’s public or private sector employer. Under this model, personal identity information is written, stored, and maintained by the individual’s employer and validated across the FiXs network as required at the time a credential is presented for validation in any third-party location.

PIV-I Aligned

FiXs employs a set of Operating Rules consistent with Part 1 of standards issued to implement Homeland Security Presidential Directive 12 (HSPD-12). The Directive seeks to create a “mandatory, government-wide standard for secure and reliable forms of identification issued by the U. S. Federal Government to its employees and contractors (including contractor employees).” Designed to meet these and other requirements, FiXs provides the only secure and certified network that can handle identity transactions consistent with Federal Information Processing Standard (FIPS) 201, Personal Identity Verification Part 1 (PIV-I). Only Federal government organizations can issue PIV credentials, but each Federal agency can choose to accept “PIV- aligned” credentials following accepted certification and assessment criteria. The Department of Defense is accepting PIV-aligned credentials through the FiXs network using the DCCIS infrastructure.

Who Participates

FiXs is an open membership organization. Members join for various reasons and benefits, based on their business objectives. Some join to contribute to and influence the evolution and development of the FiXs network, its capabilities, and certified applications. Others participate to learn the latest technologies and strategies for robust identity management programs, and to meet and engage in dialogue with compatible business interests. Many join to support their organizational requirements for secure and reliable authentication of individuals who access their facilities and systems. Finally, organizations join FiXs to enable the issuance of FiXs-certified credentials, which can be transmitted across the FiXs network and authenticated by network end users, including diverse industry and participating government operations.

The Federation includes more than twenty members, including systems integrators, financial institutions, and other organizations that promote improved workforce protection and systems security for critical infrastructure. The U.S. Department of Defense (DoD) and the General Services Administration (GSA) are participating government organizations. Individually and collectively, FiXs members contribute ideas, technologies, and best practices for implementing a secure identity cross-credentialing network based on open standards, sound business processes, and proven technologies and security.

For more information on FiXs membership, capabilities, and upcoming events, please contact FiXs.

A number of FiXs documents are published in Adobe Acrobat format; you may download the Adobe Acrobat Viewer free of charge - here!