Case Studies

Cogito Success Stories

All of Government PKI as a Service

New Zealand Government

Public Key Infrastructure (PKI) is a system of cryptographic technologies, standards, management processes and controls governing the use of digital certificates. It is an enabling technology. This means it enables users of an insecure public network (such as the Internet) to securely and privately exchange data through the use of a public/private cryptographic key pair that is obtained and shared through a trusted authority.

The PKI was expected to support a large number of users, devices, software applications, business systems and organisations acting for or on behalf of the New Zealand (NZ) Government across complex ecosystems.

Identity Brokerage

New Zealand Government

Cogito Group’s identity brokerage offering allows for a shared network and services infrastructure. It enables users in multi-tenanted government buildings to consume services without the need to duplicate the infrastructure. It is one- trust point. Basically, it shares the one connection idea of the network service with an ‘all of government’ directory or identity store of users, devices and other resources (even down to meeting rooms).

There are a number of business drivers pushing the adoption of identity brokerage, these include:
• Reducing duplication of services through shared services among building tenants
• Removing the need to implement trusts between agency identity stores
• Reducing the cost of managing credentials,
• Reducing the difficulties in complying with regulations and
• Reducing the interoperability complexities associated with supporting multiple identity protocols.

Integrated PKI & CMS

Private Client

Our client wanted to address the issue of many stove-piped security systems that didn’t talk to one another, specifically in regards to its Public Key Infrastructure (PKI) and Card Management Solution. The goal was to develop linkages and workflows to centrally manage all of their security platforms in one place. Specifically:

• Provide a holistic view of connected security systems
• Search across multiple CA’s (and CA vendors)
• Each CA has its own interface to request certificates
• Register soft certificates in an anonymous portal
• Registration from CMS portal

All-in-one IdAM Solution

Private Client

Our client wanted to ensure appropriate access to resources across increasingly heterogeneous technology environments. The goal was to improve security, manage access for internal users and provide simple and secure self-service access to consumers of our client’s products and services.

Our joint solution with ForgeRock provided IdAM services for the web, cloud and mobile devices, in a highly scalable, modular and easy to deploy architecture, ensuring:

• Federation with Office365
• Availability and Performance
• Single Sign-On
• Standards-compliant
• Multi-factor Authentication Extensibility

Protecting New Zealand’s ePassports

Department of Internal Affairs

Cogito Group deployed Jellyfish in an as a Service Public Key Infrastructure (PKI) offering for the client. Jellyfish’s PKI service adds a layer of security to traditional non‑electronic passports by embedding an electronic chip in the passport booklet that stores the biographical information visible on page 2 of the passport, as well as digital security features.

By adhering to the ICAO security standards, New Zealand now confirms to borders and customs the authenticity of its passports.

Deploying ePassports was a complex 15-month long project, which dealt with both New Zealand Government agencies and major international service providers.

Modern CMS to issue PIV Smartcards

Australian Department of Defence

The Australian Department of Defence required a card management system that would be easier to maintain than the old system, and one for which acquiring smartcards would be quick. In short, they required a more integrated and modern solution for issuing PIV smartcards. The answer to DoD’s needs was a combination of Versasec and Cogito solutions.

Cogito’s Jellyfish is a modular platform that is agile and adaptive to change through daily product improvements and through its integrated machine-learning capabilities.

Versasec’s vSEC:CMS product suite provides software tools that securely and conveniently manage smart cards, virtual smart cards and tokens.