Wave Systems Corp. (fka WAVXQ)

[helpfulbacteria]

Understanding the SIZE of the Government opportunity...

** Dell and IdentiPHI are targeting the FIPS-201 (which is the implementation guideline for realizing the Presidential Directive HSPD-12). In fact, from what I've been able to research, the IdentiPHI/Dell relationship is pretty much SOLELY focused on government opportunities, especially FIPS-201. And, as a side note, IdentiPHI is based here in Austin, Texas.

** Only Dell systems with TPMs are prepared to address the full requirements of FIPS-201 (as I understand them.) Needless to say ONE WOULD HAVE TO HAVE YOUR TPM turned on in order to get the benefits.

** Beginning tomorrow various technology vendors will be presenting to the NIST re: their capabilities for helping to fully implement FIPS-201.

** The FIPS-201 (and PIV) is a GOVERNMENT-wide authentication and identification initiative... that will effect government contractors as well. THIS OPPORTUNITY IS LARGE.

What follows are a couple of links and excerpts that I hope are helpful...

http://www1.us.dell.com/content/topics/segtopic.aspx/verticals/security_identity_system?c=us&cs=...

"Wave Enterprise TPM Security (ETS) Software
To minimize the risk of unauthorized data access and tampering, Wave Software offers Trusted Computing Group (TCG) standards-compliant solutions for data protection, including network authorization, and file and folder encryption. ETS works with the Trusted Platform Module (TPM) chip and is developed by Wave. Available as an optional feature when purchasing select Dell systems.
Learn More About Wave ETS



IdentiPHI Software Package
The IdentiPHI software package - comprised of several well-known, advanced security products - is a "super bundle" that provides a high level of computer and network security management capabilities. IdentiPHI is an authentication and identity management solution that includes smart card technologies, TPM, single sign-on and card management systems and is available in standalone or enterprise versions. Wave ETS Software is included as part of the IdentiPHI package.
Contact Dell for More Information About IdentiPHI "


http://www.csrc.nist.gov/piv-project/

"In response to HSPD 12, the NIST Computer Security Division initiated a new project for improving the identification and authentication of Federal employees and contractors for access to Federal facilities and information systems. Federal Information Processing Standard (FIPS) 201, entitled Personal Identity Verification of Federal Employees and Contractors, was developed to satisfy the requirements of HSPD 12, approved by the Secretary of Commerce, and issued on February 25, 2005.
FIPS 201 incorporates three technical publications (in development) specifying several aspects of the required administrative procedures and technical specifications that are expected to change as the standard is implemented and used. NIST Special Publication 800-73, “Integrated Circuit Card for Personal Identity Verification” specifies the interface and data elements of the PIV card; NIST Special Publication 800-76, Biometric Data Specification for Personal Identity Verification” specifies the technical acquisition and formatting requirements for biometric data of the PIV system; and NIST Special Publication 800-78, “Recommendations for Cryptographic Algorithms and Key Sizes” specifies the acceptable cryptographic algorithms and key sizes to be implemented and used for the PIV system.
In addition, a comprehensive set of guidelines, recommendations, reference implementations, and conformance tests has been identified as being needed to: implement and use the PIV system; protect the personal privacy of all subscribers of the PIV system; authenticate identity source documents to obtain the correct legal name of the person applying for a PIV "card"; electronically obtain and store required biometric data (e.g., fingerprints, facial images) from the PIV system subscriber; create a PIV "card" that is "personalized" with data needed by the PIV system to later grant access to the subscriber to Federal facilities and information systems; assure appropriate levels of security for all applicable Federal applications; and provide interoperability among Federal organizations using the standards. These activities will be pursued as resources permit.
• June 17, 2005: NIST's Computer Security Division, responsible for development and support of the Federal Information Processing Standard (FIPS 201) for Personal Identity Verification of Federal Employees and Contractors has completed the first draft of NIST SP 800-79, Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations, for public comment. Homeland Security Presidential Directive 12 specified that only organizations whose reliability has been accredited may issue PIV Cards to Federal employees and contractors. The Guidelines describe the tasks to be performed during the certification and accreditation processes which lead to accreditation and an approval to operate the PIV Card issuing services required in FIPS 201. The Guidelines may be used by Federal agencies in planning and designing their PIV Card issuing services. They may later be used by the agency to self accredit their capability and reliability to provide the services.

NIST Special Publication 800-79 can be accessed from the Drafts Publications page. Comments on SP 800-79 are being solicited until July 10, 2005, from Federal agencies, industrial organizations, public interest groups, and individuals. Comments should be prepared using the Comment Form Template (MS Excel) (16 KB) and the completed Comment Form should then be saved in the memory of your computer. The completed comment form should then be attached to a short message stating the name and address of the source of comments, an email address that can be made public, and then e-mailed to PIVaccreditation@nist.gov. Comments received after July 10, 2005 will not be considered when revising SP 800-79. Additional information in question and answer format is available in Questions & Answers about Draft SP 800-79 : (Adobe PDF)
• June 16, 2005 -- NIST has posted a Request for Information (RFI) (NOTE: You will be leaving NIST webserver after clicking this link) for products and services developed to meet the requirements of Federal Information Processing Standard 201 (FIPS 201), Personal Identity Verification (PIV) of Federal Employees and Contractors; Special Publication 800-73, Interface for Personal Identity Verification; and Special Publication 800-78, Cryptographic Algorithms and Key Sizes for Personal Identity Verification on FedBizOpps. Responses are requested by July 1, 2005.
• June 13, 2005 -- NIST has announced a public workshop to provide additional guidance on Federal Information Processing Standards (FIPS) 201 implementation. The workshop is designed to provide clarifications and respond to the questions raised by the industry and Federal agencies. Further information about registration and the workshop can be found here."