How it Works

CAC/PIV/PKI Certificates are stored in a public directory

Ozone® Authority uses certificates to manage authorizations

Application owners use Ozone® Console to manage authorization proofs

Ozone® Authority routinely publishes proofs to a public directory

Ozone® Server routinely fetches signed authorization proofs from a directory

Entity authenticates to an agency application and authorizes the entity accordingly

Application makes XACML/SOAP call to Ozone® Server to check authorization privileges