Our Services

Symbiotic provides a comprehensive range of electronic authentication, public key infrastructure and cyber security consultancy services to address the business-specific objectives of its public and private sector clients.

Identity & Access Management

Our services typically include the production of a business case for an IAM system from identifying and engaging with key stakeholders. From establishing stakeholders’ business objectives we then develop the requirements for an IAM system in terms of functionality, performance and assurance. Using our IAM Decision Support System eIDeas®, we then incorporate these agreed requirements into organisations’ RFI/RFP templates for distribution to candidate technology suppliers. We manage RFI/RFP processes on behalf of our corporate customers. We evaluate supplier IAM proposals using our eIDeas® System to select the optimal solution to fulfil customer’s requirements.

Biometric Authentication

We produce feasibility studies describing the security strategy and security architecture, including project plan and costs, for utilising biometrics to identify humans. We focus on the biometric systems which use ICAO (Doc 9303) compliant Machine Readable Travel Documents, e.g. ePassports containing facial images, with Extended Access Control (EAC) secured documents, residence permits containing iris or fingerprint images. We have designed, developed and deployed inspection systems to validate these biometric enabled identity documents in order to perform biometric authentication of the holder at border control crossings and also, at other locations for police authorities.

Data Encryption & Digital Signatures

Data encryption and digital signatures are popular cryptographic services used by organisations to prevent fraud. We have assisted banks to digitally sign payment instructions, a European Drugs Regulator to digitally sign marketing authorisations to pharmaceutical companies and organisations to digitally sign their email communications and documents, e.g. time-stamped PDF documents. Our experience also extends to producing the registration and recovery procedures for smart meters which use encryption and digital signatures to protect the confidentiality and integrity of customers’ utility data. We are involved with the implementation of the EU eIDAS Regulation No 910/2014/EU in the UK, where a trust service provider and the trust services it provides may gain qualified status. Member State Trusted Lists form a predictable regulatory and security assurance framework upon which users (citizens, businesses or public administrations) may rely on digitally signed objects.

Public Key Infrastructure & Directories

We provide expertise to ensure that your PKI not only supports your immediate requirements but is also designed to fulfil your future needs. From over 20 years “hands on” experience, we future proof your PKI deployment by designing the hierarchy of your Certification Authorities, e.g. Root CA and Issuing CAs, to ensure alignment with the Registration Authority operations and Directory Services capabilities using protocols LDAP and Certificate Revocation Lists (CRLs) or Online Certificate Status Protocol (OCSP). We also produce documentation and manage key management ceremonies. We design subject registration processes and produce operating manuals specific for your PKI deployment. We also produce certificate policies (CPs) and Certification Practice Statement (CPS) documentation. We also assist organisations to evaluate whether to deploy an internal PKI or to use a technology provider to host their PKI and possible migration options.

We use a structured approach to provide consistent and technology-independent advice and recommendations on electronic authentication deployments.

As experienced consultants in this security discipline, typically, we:

  • establish the objectives for an electronic authentication deployment (e.g. two-factor authentication (2FA) or connecting external devices (BYOD) to your corporate network) through consultation with your stakeholders;
  • articulate your business and infrastructure requirements for an “in house” IAM enterprise deployment or for an heterogeneous deployment scheme (multiple issuing authorities and multiple relying parties);
  • produce the design for the deployment, which includes the production of documentation, such as Certification Authority (CA) hierarchy diagrams, certificate policies, certification practices statement and key management operating manual; and
  • work with your network/server administrators to ensure that the deployment is effective and efficient.

Digital Identity Security Consultants
Identity & Access Management | Biometric Authentication & Identification | Data Encryption & Digital Signatures | Public Key Infrastructures & Directories

Stacks Image p87_n61
Stacks Image p87_n58
Stacks Image p87_n64

The contents of this website are copyright © 2017 Symbiotic Consulting Services Limited. All rights reserved.
Symbiotic Consulting Services Limited is a company registered in England and Wales, No: 5368511. Registered office: 22 Birch Grove, Welling, Kent, DA16 2JW, United Kingdom.