Identity Assurance
From AFCEAWiki
Are you a DoD employee or military service member exasperated with having to carry around a handful of identification cards in addition to your DoD CAC?
The Common Access Card (CAC) was originally intended to replace all other cards and can be used to access buildings and systems, prove your eligibility for services, and authenticate your identity. Cogent Systems provided services to DoD during the development of the CAC standard and has 15 years of smart card application and integration experience that can assist your command in eliminating rogue cards and consolidating identity management throughout the organization.
During the past twelve years, the Department of Defense has promoted the use of smart cards as a means of realizing significant improvements to quality of life, security, and business processes. The potential for cost savings has and continues to be a contributing factor. With the proliferation of the CAC, the potential for additional improvements is being addressed. As of June 2007, in excess of ten million CACs have been issued to active duty, reserve, civilian and contractors. However, advances in utilizing the CAC as the definitive ‘common’ identification for physical and logical access has not kept pace and DoD commands and tenants continue to use locally developed and managed identity solutions. Many of these solutions require additional staff and are paper-based; in essence, they consume valuable resources at various levels throughout DoD. Numerous Federal, DOD and US Navy mandates require adherence to policies that are intended to reduce cost through various means such as the removal of duplication.
These policies, guidelines, and memos applicable to DOD CAC include:
- Smartcard Technology Directive, 13 AUG 2002
- DOD X.509 Certificate Policy Ver 7.0, 18 DEC 2002
- DON CIO Smart Card & PKI Policy, 19 May 2003
- CAC Operational Requirements Executive Summary, 25 JUL 2003
- DODI 8520.2 Public Key Infrastructure (PKI) and Public Key (PK) Enabling, 01 APR 2004
- DON PKI Implementation Guidance, 05 MAR 2004
- USN CAC Management Policy Decision Memo, 24 JUN 2004
- DODI 1000.13 DOD ID Cards, 13 DEC 1997
- SECDEF CAC MEMO, 16 JUN 2001
- CAC POLICY CHANGE MEMO, 18 APR 2002
- Revised Guidance for CAC POLICY CHANGE MEMO, 18 APR 2002
- DOD Directive 8190.3 Smart Card Technology, 31 AUG 2002
- Homeland Security Presidential Directive HSPD-12
- FIPS PUB 201 - Personal Identity Verification (PIV) of Federal Employees and Contractors
- BUPERS INST 1750.10B Identification Cards for Members of The Uniformed Services
DoD organizations can implement strategies and methodologies that will eliminate the use of duplicative identity tokens and measures, thus resulting in substantial long term cost savings. This will only be achieved by utilizing the Common Access Card (CAC) as the single “One Card” identification for all physical, logical, entitlement, and other processes where practical. The promotion of the widespread use of the CAC for identification and authentication to systems and activities must come from Commanders at all levels, particularly those responsible for Installations. In addition to removing functionally duplicative legacy systems and enhancing existing systems, the creation and wide-spread use of a unified enterprise process across DoD will significantly:
- Promote cost savings by streamlining paper-based processes, thus reducing time-in-line, lost documentation, and various other costly errors;
- Provide a more secure authentication system to protect facilities and systems through the use of CAC technologies such as PKI, digital fingerprints, digital photo, PIN, and data elements;
- Address system to system bridging requirements to enable efficient workflow and data sharing and close gaps created by disparate systems; and
- Promote improvements in quality of life by eliminating the need to be issued multiple identification cards for different purposes and decreasing time-to-process as the result of errors (e.g. data entry errors, lost paperwork).
Another objective is to reduce overhead and support structures in order to free resources while at the same time improving the efficiency and effectiveness of support. Four principles must be employed:
- Re-engineer: Adopt modern business practices to achieve world-class standards of performance.
- Consolidate: Streamline organizations to remove redundancy and maximize synergy.
- Analyze: Apply technologies available on the market to improve quality, reduce costs, and respond to customer needs.
- Eliminate: Reduce excess support structures to free resources and focus on core competencies.
Cogent Systems has the development and integration experience and the vision to provide information technology services in support of DoD to meet the objective of making the DoD CAC card single “One Card” identification for all physical, logical, entitlement, and other processes where practical. Through 15 years of smart card application development and systems integration in many functional areas, we possess an extensive knowledge and an extensive track record in the areas of planning, assessing, developing, training, and implementing CAC centric solutions. We have experience with the technologies incorporated with the CAC such as biometric, contactless (ISO 14443), contact (IS0 7816), digital photos, public key infrastructure (PKI), and barcode. We are able to demonstrate a track record of integrating the CAC and its technologies into web-based applications, mobile devices, and various other hardware devices.
To learn more about our solutions that integrate the use of the CAC as the One Card that replaces all other cards used for identification, access, and eligibility, please contact:
- Mr. Roger Scott
- Director of Software Engineering
- Cogent Systems
- Security Solutions Division
- 757.564.1407 (office)
- 757.897.4798 (mobile)
