Daon’s Personal Identity Verification (PIV) solution is an identity and credentialing management product suite that incorporates best-of-breed capabilities to support agencies to fulfill the Office of Management and Budget’s Homeland Security Presidential Directive 12 (HSPD-12). Deployable via premise-based configuration or within a FedRAMP certified data center as a highly available and fault-tolerant service, Daon’s offering utilizes Commercial Off-the-Shelf (COTS) Products that have been proven via successful deployments to be secure, scalable and flexible to meet agency’s evolving identity requirements.
A visual illustration of Daon’s solution architecture is listed in the figure below.
Identity Management System, PIV Workflow
At the core of Daon’s PIV solution are the Identity Management System (IDMS), DaonEngine and the biometrically enabled business process management tool, Daon Enrollment Manager which together manage the entire lifecycle associated with identities. DaonEngine core functions include:
- Identity management – secure creation, storage and lifecycle management of PIV identities;
- Biometric services – vendor-agnostic, policy-based biometric template generation, verification, identification and fusion services via standards-based, service-oriented architecture
- Integration – provisioning and integration into federated architectures to securely and easily exchange identity information
Daon Enrollment Manager (DEM) is the corresponding business process management tool that operates in collaboration with the IDMS to:
- Create, manage and enforce HSPD-12 separation of roles
- Orchestrate PIV workflow
- Act as the system’s “hub” to capture, monitor and centrally manage core system activities.
Daon’s PIV enrollment system, DaonEnroll, was designed and developed according to the FIPS 201-1 standard and its companion document, SP 800-76-1. The DaonEnroll framework is pre-configured with a PIV workflow with the required biographic and biometric enrollment tasks already embedded into the user interface.
Key functions include:
- Fingerprint capture – quality checks, segmentation, compression, generation of templates
- Facial capture – real-time quality and ICAO compliance checking, INCITS 385 formatting
- Biographic data capture
- Iris capture
- Document scanning and electronic authentication