Lightsource Technologies

Home Solutions CoreStreet CoreStreet Validation Authority (VA)

CoreStreet Validation Authority

E-mail Print PDF

corestreet_logo_r_260x80.jpg  

CoreStreet Validation Authority  

 

Corestreet Validation Authority  - a complete software solution that enables digital certificate
validation in a scalable, secure, and cost effective manner.

The CoreStreet VA is a complete software solution that enables the validation of digital certificates in a truly scalable, secure, and cost effective manner. Furthermore, the CoreStreet VA allows for the ability to change credentials of the digital certificates in real time.

What is validation?

Two primary questions must be answered for all secure applications:

  1.  "Are you who you say you are?" The process of answering this question is known as authentication.
  2.  "You have proved to me who you are, but are you supposed to be doing what you're trying to do, right now?"

The process of answering this question is known as validation. CoreStreet technology offers both infrastructure and application solutions for credential validation in IT and physical security environments.

CoreStreets PKI Objective

  • Establish Trust 
  • Digital Signature Technology    
  • Centrally Managed Identity  
  • Distributed Validation and Privileges 
  • Authorised Signatures Enhance
    Trust  
  • Utilises Existing Standards  
  • OCSP 
  • Allows Anywhere, Anytime use of Credentials    
  • CC-EAL3   
  • SCVP   
  • No longer tied to hierarchal
    network topology    
  • FIPS 201    

Features and Benefits

CoreStreet's Validation Authority is designed to support both traditional and distributed OCSP implementations. CoreStreet developed the distributed OCSP approach to support the needs of large, dispersed organisations. The benefits of this type of deployment include:

  • Security
    VA Responders have no private keys, so require little physical or network protection. These Responders cannot provide false responses even if compromised. In addition, the Validation Authority has received Common Criteria EAL3 certification
  • Scalability
    VA Responders can be rapidly deployed in any location, allowing for scalability to hundreds of remote sites 
  • Availability
    Since VA Responders can be easily replicated in many locations, overall service availability is extremely high with excellent survivability under attack when compared to centralised, trusted topologies.
  • Performance
    VA Responders can be placed close to relying parties allowing extremely low latency for OCSP responses.
  • Cost Effective
    VA pricing allows for unlimited Responder deployment without software fees. In addition, there are no per-transaction costs.
  • Standards Compliance
    While the CoreStreet VA represents a revolutionary approach to certificate validation, it integrates seamlessly with existing PKI components through standards such as X.509, OCSP, and LDAP.  
  • Ease of Management
    Since the VA Responders represent stateless, appliance-grade functionality, only the central Validation Authority requires management. The Validation Authority can be configured through a full-featured web interface, command-line tools, or a programmatic API.
Product Information

  CoreStreet Validation Authority Datasheet 85.21 Kb

  Whitepaper 142.95 Kb

Related Information

Overview of Validation Technologies
Architecture

The CoreStreet Validation Authority (VA) consists of the components described in the following table:

Software-Components   

Description  
CoreStreet Validation Authority  

The Validation Authority is the source of the validation proofs. It distributes lists of public validation proofs to any number of Validation Responders. 

VA Responders  

The VA Responders retrieve lists of validation proofs from one or more Validation Authorities and provide individual certificate validation information to relying party applications through an HTTP-based protocol. 

Relying Party (RP) API

This API is integrated into relying 3rd party applications. Its purpose is to inspect certificates and validate their associated privileges using validation proofs which are retrieved from Responders.

rtcva-arch-thumb.gif Please Click to enlarge

Each of these components is structured as an extensible set of tools that can be easily integrated into existing infrastructures and business processes. The Validation Authority and Responder products can be deployed as standalone programs whereas the Relying Party API is intended to be integrated into other programs or applications. Standard protocols and formats allow for replacement and/or cross-integration with other commercial products.