Navy sets PKI implementation test, will try smart cards during pilots

Navy sets PKI implementation test, will try smart cards during pilots

By Bill Murray

GCN Staff

The Navy will implement a public-key infrastructure through several pilots of multipurpose smart cards.

The service defined its PKI project following a planning conference late last month.

'We're moving from a software token to a hardware token' for the storage of cryptologic keys, said Joseph T. Broghamer, the leader for information assurance in the Navy's Chief Information Office. 'We think it will be a smart card that can serve multiple purposes,' including giving physical access to buildings and devices such as Web servers, he said.

The first Navy PKI users will be users of the Defense Travel System in DOD's Region 6, which covers 11 midwestern states, and personnel at the Naval Supply Systems Command in Mechanicsburg, Pa., Broghamer said.

The ultimate goal

Eventually, the Navy wants to use PKI technology to validate computer code, so an operating system would only run the authenticated code, Broghamer said. The technology, which runs under Microsoft Windows NT Workstation 4.0, could give remote users access to the Secret IP Router Network, although Defense Department officials are most interested in protecting sensitive but unclassified information, he said.

PKI technology could also eliminate the need for user names and passwords, which are sometimes easily stolen, Broghamer said.

The Navy's Chief Information Office sets policy for the department. About 150 Navy officials attended the PKI implementation planning conference last month.

Navy officials are awaiting word from deputy Defense secretary John Hamre as to likely funding for PKI projects in fiscal 2001. For next year, the Navy will fund PKI efforts through information management and information assurance budgets.

'We plan to use PKI in high-visibility areas [at first] and later on it will be more widely used,' Broghamer said. The main certificate authorities for Defense PKI initiatives are the Defense Information Systems Agency and National Security Agency.

Second-echelon Navy commands such as the Naval Space Command and Naval Sea Systems Command will act as local registration authorities to sign up Navy PKI users, he said.

Through DISA's site license with Logicon Inc. of Herndon, Va., the Navy can obtain Netscape Communications Corp. PKI products at no charge. But the service will consider deploying standards-based products from other vendors, Broghamer said. 'Netscape's is the most standards-based,' Broghamer said. 'The technology is working, but it's not a shrink-wrapped thing.' The service plans to use off-the-shelf products as much as possible.

The Navy is primarily interested in PKI technology to identify people and then allow them access based on authorization, Broghamer said.

inside gcn

  • data wrangler

    Data wrangling: How data goes from raw to refined

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group