Apriva has announced the release of a software development kit (SDK) that enables Android-based application providers and mobile device manufacturers to deliver products compliant with stringent government HSPD-12 (Homeland Security Presidential Directive 12) security regulations including Public Key Infrastructure (PKI).
“There is growing demand from the Executive Office of the President, Office of Management and Budget, and Department of Homeland Security as well as the Department of Defense (DoD) to accelerate compliance with HSPD-12. These agencies seek broader choice in secure commercial-grade wireless devices than the current Microsoft Windows Mobile and RIM BlackBerry options,” said Jeff Ford, Apriva Information Security Systems (ISS) division president. “The flexibility and feature content available on commercial Android OS platforms, from smartphones to tablets, has attracted a great deal of interest from users who are looking for highly functional productivity tools, but are held to the very strictest encryption requirements and protocols. Prior to the release of this SDK, Android devices were not able to meet the fundamental requirements of HSPD-12 and DoD directives.”
According to Ford, the Defense Information Systems Agency (DISA) has issued Security Technical Implementation Guidelines (STIG) for the use of mobile communications devices, defining stringent rules for verification of personal identity and integration with the DoD’s Common Access Card (CAC) standard, as well as the Government and non-Government Personal Identification Verification (PIV) cards.
Apriva’s highly successful authentication offering, including the portable Bluetooth™ Smart Card Reader (SCR) and software components, are considered key building blocks in the secure validation of a user’s identity using smart cards, and extends the PKI functionality to the Android device platform and its applications. The integration of these PKI capabilities into an Android platform gives developers a unique opportunity to capitalize on the escalating interest in Android-based applications and services.
Android device manufacturers and application developers can leverage the SDK from Apriva at no cost with a signed license agreement, and employ it to integrate with the Apriva SCR. The Apriva SDK includes all of the software, drivers, libraries, and interfaces needed to extend smart card operations into new or existing platforms and applications. Android device manufacturers can provide “STIG capable” platforms with this SDK, allowing add-on middleware and applications to be in compliance with government security policies. The Apriva SDK handles and hides the complexity of using and managing PKI smart cards, while providing a simple way to add the PKI-based encryption and identity management to new Android applications and platforms. Solution integrators can also use the SDK to create features that will benefit the government end users and open up that market to them with full HSPD-12 compliance.
“This SDK has the potential to initiate a tremendous groundswell of change in secure wireless communications both for government applications and private sector applications that demand secure operation and we are now working with Android device providers to incorporate this capability into future platforms,” added Ford. “Enabling powerful Android-based devices will open a previously closed market to the innovation of countless application developers.”