Navy: One card is smart idea
Navy: One card is smart idea
Service's smart-card initiative exec eyes challenge of full interoperability
Tony Cieri, director of the Navy's smart-card initiatives, says the task of making one card do everything will not be easy.
By William Jackson
After scores of pilot programs, the government is committing itself in a big way to using smart cards'up to 10 million in the Navy alone over the next three years.
'Our intent is to do away with a multitude of cards,'' said Tony Cieri, director of the Navy's smart-card initiatives, at the recent annual meeting of the Smart Card Forum in Washington.
The Navy will begin issuing plastic cards with programmable chips to active Navy and Marine personnel next year. Distribution will expand to retired and reserve personnel, civilian employees, contractors and dependents over the following three years. The cards will serve not only for identification but for building and network access, records storage and financial management. They will incorporate digital certificates.
The goal is complete interoperability for 'any chip, any card, any reader, any host,'' Cieri said.
Making one card do everything everywhere will not be easy, however, because each will have to interoperate with numerous legacy Navy databases. 'We can't do that yet,'' Cieri said.
The General Services Administration expects to take a step toward interoperability with its Common Access ID program, a governmentwide contract for interoperable smart cards expected to be awarded in February.
GSA planned to release a request for proposals Oct. 15.
The Defense Department, which Cieri said could use up to 40 million cards, already is committed to using the contract, and the State Department, IRS and Social Security Administration are expected to be early adopters, said Mickey Femino, director of GSA's Office of Smart Card Initiatives.
'I really do believe this will be the vehicle that will jump-start'' smart cards in the government, Femino said.Carrying the load
The multipurpose card can carry not only a photo and lettering resembling a conventional ID card, but also a magnetic stripe, bar code and smart chip. The chip, which can hold 8M or more of data and interface with computer systems, is updatable and programmable.
At least a dozen departments and agencies have experimented with smart cards since 1997, with DOD running at least nine pilots. GSA has conducted four or more.
Others participating in pilots include the departments of Housing and Urban Development, Transportation, Veterans Affairs, Health and Human Services, and Agriculture, and SSA, NASA, the Health Care Financing Administration, and the Centers for Disease Control and Prevention.
The applications they have tried range from ID, building and computer access to equipment tracking, stored value, records storage and digital certificate authentication.
The Navy and the Army issue cards to incoming recruits for purchases at training bases and from nearby merchants. Even chapels on the bases are equipped with readers to accept digital donations.
Navy battle groups in the Atlantic and Pacific fleets have issued cards to access automated teller machines, track weapons and pay for food services.
'The migration and culture shift is still happening on ships,'' Cieri said.
He estimated the service has about 200,000 cards, many of which will have to be replaced when the service starts using digital certificates for secure authentication in a public-key infrastructure. The National Security Agency and the Defense Information Systems Agency will be certificate authorities for the Navy's PKI program.
Successful pilots have not sped up acceptance of the cards, however, because applications until now have been limited to one or two functions, making them too expensive.
'How do we expect these cards to succeed if we don't do multiple things with them?'' Cieri asked.
GSA formed a project managers' group about two years ago with representatives from more than 40 agencies. They set out to define technical guidelines for governmentwide cards that will work across agency boundaries. The result is Common Access ID.
'We're trying to communicate with everybody,'' Femino said.