RSA chosen for SSA HSPD-12 card management

RSA of Bedford, Mass., the security division of EMC Corp., has been awarded a contract by the Social Security Administration through the General Services Administration for card management services to support compliance with Homeland Security Presidential Directive 12.

RSA Card Manager will help SSA to issue personal-identity-verification cards to more than 100,000 agency employees and to manage the lifecycle of electronic certificates stored on these cards.

Under the contract, worth just under $1 million, SSA bought perpetual license and first-year maintenance for the application. RSA has won similar awards with the Environmental Protection Agency, Federal Trade Commission and Federal Housing Finance Board.

The application is designed to be an interoperable system that supports a range of third-party HSPD-12 components, including PIV-II cards, biometrics technology, hardware security modules and externally managed public-key infrastructure offered by approved shared-services providers.

"RSA card manager product does the soup-to-nuts for enrollment and card lifecycle management," said Eric Longo, business development manager for RSA's federal division.

SSA will also use RSA's Authentication Client middleware, which can serve as the interface between a PIV card and the applications and/or infrastructure using digital certificates for actions, such as authentication, encryption and digital signing.

As part of SSA's HSPD-12 system, Oberthur Card Systems will supply both the PIV cards and a bureau personalization service for mass production of cards. Jacobs and Sundstrom, which supported SSA in an initial pilot, will be the integrator.

Mary Mosquera is a staff writer for Washington Technology's affiliate publication, Government Computer News.