1. Home
  2. Knowledge Base
  3. Applications
  4. Identity and Access Management
  5. Federated Identity Service
  6. Federated Identity Service (FIS)
Searching...

Federated Identity Service (FIS)

What is FIS?

Exostar’s Federated Identity Service (FIS) is a comprehensive PKI solution that enables full life-cycle management of certificates, strong authentication practices and controlled access to applications through Exostar’s Managed Access Gateway (MAG) platform. 
FIS minimizes risk and assures resources and intellectual assets are protected over the extended enterprise. It is operationally modeled after, and is compliant with CertiPath (the PKI cross-certification bridge) security policies and federal best-practice guidelines, FIS is ideal for enabling sensitive online transactions and secure access to information.

Certificate Types

TypeDescription
Authentication/IdentityDigital certificates can be used to prove identity and to allow access to online services (similar to a driver’s license in the non-online world)
SignatureDigital certificates can be used to sign electronic documents, proving data has been authored by an individual and not been tampered with (similar to a wet ink signature   and wax seal)
EncryptionDigital certificates can be used to encrypt sensitive data preventing non- authorized parties accessing it (similar to a key to a safe)

Certificate Assurance Levels

Exostar issues certificates with varying assurance (strength) levels.  The strength of a certificate directly corresponds to the level of proof required to obtain a particular certificate and the security used to store the private key associated with the certificate.

Level of AssuranceRequirements
Basic Level of Assurance (BLOA) Software • Does not require in-person identity check (no proofing required)
• User does not have to download KMA™
• Identity certificates are stored on the user’s computer
BLOA SecureEmail Software• Does not require in-person identity check (no proofing required)
• User does not have to download KMA™
• Identity certificates are stored on the user’s computer
Medium Level of Assurance (MLOA) Software• In-person proofing required
• User does not have to download KMA™
• All 3 certificates (signature, identity and encryption) are installed on the user’s computer
Medium Level of Assurance (MLOA) Hardware• In-person proofing required
• User has to download KMA™ but can use any modern browser
• All 3 certificates (signature, identity and encryption) are installed onto a USB token

FIS Resources

Download Requirements
Includes System and Certificate Permissions and requirements.
FIS Administration
Includes Administrator responsibilities and instructions.
BLOA SecureEmail
Includes Basic Level of Assurance SecureEmail Certification management.
MLOA Hardware Token
Includes MLOA Hardware Certificate management and proofing content.
In-Person Proofing
Includes proofing information and resources.
Policy & Compliance
Includes Policy and Compliance documentation.
BLOA Identity Certificate
Includes Basic Level of Assurance Identity Certification management.
MLOA Software Certificates
Includes MLOA Software Certificate management and proofing content
Manage Certificates
Includes how to manage, renew, reapply and revoke certificates
Training Resources
Includes user guides and Frequently Asked Questions.
Updated on September 1, 2022
Tagged:
Was this article helpful?
Yes No

Related Articles