Army takes aim at PKI for its portal

Army takes aim at PKI for its portal

AKO has spurred Army leaders to push for more portal services fast, Lt. Col. Roderick E. Wade says.

The Army has sped up plans for a servicewide Web portal open to every soldier, active or not, and secured by digital certificates.

The service 'is going to create its own AOL'call it Army OnLine'and we're going to execute by 1 October,' the Signal Command's Col. John C. Deal said.

That's the deadline for signing up every one of 2.2 million active-duty, retired, Army Reserve and Army National Guard personnel for an Army Knowledge Online account.

By year's end, each account holder is to have a digital certificate for access authentication, and by October of next year the portal will offer applications, including encrypted e-mail, using the Defense Department's public-key infrastructure.

Deal discussed the tight deadlines during a recent meeting of the federal users group of Opnet Technologies Inc. of Washington.

'Am I optimistic? I put in my retirement papers,' Deal said. Although he was joking, some of the deadlines are unlikely to be met.

'For the Guard and Reserve, we realize there probably will be a delay' because many units have finished their season's activities, said Lt. Col. Roderick K. Wade, chief of the Army Knowledge Online (AKO) site, at www.us.army.mil.

Whether the deadline for digital certificates is met will depend on Defense's Common Access smart card. In May, DOD began a 13-month rollout of Common Access cards containing digital certificates for 4 million active military, Reserve and civilian personnel.

DOD personnel initially are getting the Cyberflex Palmera card from Schlumberger Ltd. of New York, which uses the Java Card 2.1.1 runtime environment on a 32K chip.

Online appetizer

AKO had about 170,000 users before an Aug. 8 edict from the secretary of the Army mandated accounts for everyone.

As late as July, projections called for 1 million users by October and about 2 million by fiscal 2004. The program in some ways has become a victim of its own success.

'The few projects we've got already have whetted the appetite of leadership,' Wade said. 'Over the last year, the vision of what it could be has expanded significantly.'

AKO's one-stop access to Army information can be personalized for each user. It takes a step up in security from the Army's unrestricted public site, www.army.mil. Access is unrestricted via the Non-Classified IP Router Network and highly restricted via the Secret IP Router Network.

For now, access to the nonsecret version of AKO is password-controlled until users receive digital certificates on the Common Access smart card. Private keys from the DOD PKI will link to the AKO accounts so users can encrypt e-mail.

AKO e-mail addresses will remain the same throughout a soldier's career and into retirement.

The rush to register by next month is already under way. The AKO home page warns about possible delays because of heavy traffic from registration. Soldiers are responsible for opening their own accounts. 'We aren't going to assign accounts,' Wade said; when that was tried in a pilot two years ago, 'people forgot their IDs and passwords almost immediately.' Also, frequent moves mean a high rate of returned mail.

A recent Army survey showed that about 83 percent of enlisted personnel have access to the Internet either at home or at work. Getting everyone signed up does not guarantee they will use the portal, Wade said, but 'you have to take the first step and then move to the next.'

The next step will be making the site more useful. Applications already available on AKO include command preference statements and career field designation forms for officers, and weekly summaries from the chief of staff. There also is a white-pages listing of all personnel with AKO accounts, plus a search engine for .mil sites.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above