Todd E. Johnson

Contact: tej.eth

Professional Profile

Todd Johnson is a US Identity, Credentialing and Access Management (ICAM) subject matter expert (SME).  He has over 26 years of experience with a focus on cryptography and public key infrastructures (PKI), federation and trust frameworks, strong authentication, identity management, and smartcards.  

Mr. Johnson’s strengths encompass synthesizing policy requirements, standards, and technology offerings to architect programs and technical solutions.  By collaborating directly with all levels of an organization – from policy makers to end users - he maintains a deep understanding of how existing and emerging technology standards, policies, and regulations are used to solve real-world problems.  Mr. Johnson engages with business stakeholders and fellow technologists to understand the standards and develop strategies to successfully design, integrate and deploy technology solutions and programs.

Mr. Johnson interfaces with Federal, State, Local and Commercial organizations and participates in various identity industry workgroups and standards development organizations.  During his career, he has designed and deployed solutions for a range of Federal Agencies.

Experience Summary (Years)

Recent Professional Experience

IDevity: October 2013 – June 2014

Title: Chief Technologist

IDevity is a small business founded on the principal of providing focused subject matter expertise to help organizations overcome their toughest problems in authentication, public key infrastructures, secure element usage, and logical and physical access.  IDevity currently publishes an IDOne app for reading identity based smartcards, has multiple private companies (non-consumer based) testing a smartcard emulation mobile penetration app for physical access control systems, and mobile email encryption beta apps.  

Mr. Johnson performs development of consumer oriented products for IDevity on the Android platform, and influences the strategic definition of joint product and R&D efforts with innovative technology partners.  

Technologies Used:

Android, smartcard ISO 7816 and ISO 14443, host card emulation (HCE), enterprise and open source public key infrastructure tools, multiple US based smartcard derivations and data model versions (NIST, TWIC, PIV-I, PIV, non-PIV, Gemalto, Oberthur, Axalto, etc), OpenSC, OpenSSL, enterprise java bean certificate authority / PrimeKey, Apple/Microsoft/Linux, Thunderbird, K-9, Arduino, physical access control systems (multiple), ForgeRock Identity Suite

Department of the Treasury, Bureau of the Fiscal Service: January 1997 – Present

Title(s): IT Specialist

In 1998, Mr. Johnson initially started the PKI program in the Bureau of the Fiscal Service’s legacy bureau, the Bureau of the Public Debt.  In 2006, the PKI operations matured to a Federal PKI Shared Service provider, where Mr. Johnson provided substantial assistance in the application and approval process.  The program now provides services to nearly 50% of all federal civilian employees.

Mr. Johnson collaborates with colleagues to implement single sign on, digital signatures, encryption, network, VPN, and identity management solutions across the enterprise.  This includes designing and developing solutions, as well authoring software to implement solutions as a proof of concept, and supporting deployment into a Production implementation.

Mr. Johnson continues to be directly engaged by a number of US Federal Agencies and Commercial Organizations as a standards, policy, and technical subject matter expert for PKI, eAuthentication, identity management, and emerging F/ICAM programs.   He has participated on and led teams from trivial solution implementations, to large projects having an impact on government wide programs, as well as projects within the intelligence community which have a collateral impact on national security.  

Technologies Used:

Programming Languages (Java, C, C++, Perl, Python, PHP, Ruby), Card Management Systems (ActivIdentity, Intercede, various custom or proprietary options), Public Key Infrastructure products (Microsoft, Entrust, Verizon/UniCert), Biometrics (Aware, CrossMatch, Identrix, Precise), Identity Management products (Sun/Oracle IDM), Access Management products (Sun Access Manager, Tivoli Access Manager, CA SiteMinder), Smartcards (Oberthur, Gemalto, SafeNet, HID), CoreStreet products, multiple digital signature and encryption products.

Background Investigation and Clearance

Single Scope Background Investigation (SSBI), April 2014, Top Secret

Programs and Projects

Education and Background

Publications, Presentations, and Open Source Contributions

Open Source Software