PKI tools build user trust in Pennsylvania's JNet

Pennsylvania's integrated Justice Network, JNet, is upgrading its security with a managed public-key infrastructure application from VeriSign Inc. of Mountain View, Calif.

JNet uses the VeriSign tools to verify identities and messages of 11,000 local, state and federal users, executive director Linda Rosenberg said.

The digital certificate is a small file that users can download.

See what you need

'We're also using it for Secure Sockets Layer encryption, to secure internal messages and to provide timely information to all JNet users,' she said.

JNet users have so-called granular rights, meaning their network privileges are restricted to what they need to see. A police officer, for example, can access rap sheets, whereas someone working in a Justice Department office most likely couldn't.

After JNet helped identify the terrorists that hijacked United Airlines Flight 93 on Sept. 11, 2001, government officials at many levels have hailed it as a possible model for homeland defense data sharing.

Getting 51 disparate federal, state and local agencies to share data was a matter of making them feel safe, Rosenberg said. The VeriSign tools give them confidence about whom they are dealing with, she said.

Users who pass a certification exam can upgrade their access rights. The upgrade program reflects how PKI technology has evolved in the past two years.

'The old process took 54 days to explain to a technician,' Rosenberg said. 'Now it can be done in three easy steps.'

But perhaps the thing that has validated JNet the most is that 'it caught bad guys,' Rosenberg said. 'That's what it's all about.'

JNet officials are hoping to expand the system into the contiguous states of Maryland, Ohio, New York and New Jersey. 'We've agreed collectively that there's a benefit to doing this, but we need to determine how to proceed,' Rosenberg said. 'Just sharing driver's license photos would be great.'

About the Author

Trudy Walsh is a senior writer for GCN.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group