SynchroCyber developed SynchroSIP, a COTS application, to provide USAccess bi-directional client (agency) side interface with the USAccess SIP. SynchroSIP allows USAccess client agencies to manage their PIV data, business, and functional requirements, which are available through this interface. The agency must sign up for this service through the GSA USAccess MSO for SynchroSIP to function.
SynchroSIP operational capabilities are divided into the following modules:
- SynchroSIP Module: Client application that runs as a service providing regular (hourly) updates to the agency’s data. Translates and maps USAccess values to DHS CDM values to assist Master User Record (MUR) reporting.
- SynchroSIPAPI Module: A REST API interface to request a USAccess Web method/function to be executed immediately vs. waiting for the hourly update to run.
- SynchroSIPAD Module: Runs as a service to query Microsoft Active Directory (AD). This service reads a user value from the database and queries the associated user in Active Directory and maps their values to the Department of Homeland Security (DHS) Continuous Diagnostic and Mitigation (CDM) values.
- SynchroSIPOD Module: Client application Run “On Demand.” This allows the customer to specify a time frame to request a data update. For example, run an update for everything since January 1, 2010.
- SynchroSIPGUI Module: A web service that runs as a Graphical User Interface (GUI) to visualize the customer's data available within the SynchroSIP database. Ability to create custom agency reporting based on USAccess SIP attributes.
SynchroSIP was developed to be used as the USAccess bi-directional client (agency) side system interface protocol (SIP) to connect with the USAccess system for the agency to create, update, and query sponsorship and adjudication data for PIV card applicants.
The SynchroSIP web service operates as the way for agencies to connect with the USAccess system and supports the following sponsorship and adjudication functions:
- Create a new employee or contractor data record
- Update an employee or contractor data record
- Query an existing employee or contractor information
- Query for a list of modified applicants within a specified time range
- Query for a list of role holders within the agency
- Query for checking if an applicant already exists within USAccess
- Request USAccess to submit the Electronic Fingerprint Transaction System (EFTS) to the Defense CounterIntelligence and Security Agency (DCSA) as part of the background investigation process.
- Query or take card action for applicant
- Take post issuance action on applicant credentials
- Delete erroneous records from USAccess
- Mark terminated credential destroyed
With SynchroSIP, these capabilities are enabled by installing different modules within the solution. The current version of the USAccess Interface is 4.8.2 (November 2022) and is fully compliant with this version.
Web Service Security:
SynchroSIP was developed using Microsoft Windows Communication Foundation (WCF) within the Microsoft .NET framework. It provides a custom Simple Object Access Protocol (SOAP) binding.
The components of this binding satisfy all aspects of the WS-Security requirements within the WS-Trust specification by requiring SOAP signatures to assure message integrity, SOAP encryption to ensure confidentiality, and SOAP tokens to ascertain the sender’s identification.
The connection between the SynchroSIP client and the database may be encrypted when a certificate is deployed/installed on the database server.
SynchroCyber Corporation, an SBA Certified HUBZone company, designs and delivers digital identity, credentialing, and access management (ICAM) solutions across the physical and logical domains. SynchroCyber provides expert professional services and information and network security to mitigate modern security challenges organizations encounter on a daily basis.
Copyright SynchroCyber Corp.