New applet to expand Common Access Card's controls
- By Joab Jackson
- Jan 07, 2004
The Defense Department's Common Access Card Office plans to introduce a new software applet to the card that will increase the ways users can be identified, said Mary Dixon, director of the CAC Office of the Defense Manpower Data Center.
'It will change the way we do business,' Dixon said. 'It will allow us to use more access control rules than we use now.'
The office wants to replace the applet that stores a personal identification number with an access control applet with an expanded set of access controls, such as passwords, tokens or biometrics. An applet is a small program executed on the Java platform.
The PIN management applet used today controls access to the card. But if a developer of an applet to be used on the card wants additional forms of identification, then that applet must include additional access rules. Multiple applets with nearly identical access rules would 'take up a certain amount of overhead,' on the card, Dixon said. Each card now has only 32K of memory.
'The access control applet will take all those access rules and put them into one applet, so the remaining applets will only have to reference the rule they want to use,' Dixon said. An applet can call the access control applet to determine if the appropriate criteria has been met. If it has, the individual can execute that program.
The access control applet will not only save space on the card, but also allow applet developers to use multiple forms of authorization.
'There can be any variety of rules, but they would be in all one applet,' Dixon said. 'In order to open one applet, you would need a PIN and a fingerprint. To open another, you would need two fingerprints and an iris scan.'
The applet, written by ActivCard Corp. of Fremont, Calif., is currently undergoing certification for the Federal Information Processing Standards. It is also being tested with the services for ensure compatibility.
So far, the CAC program has issued almost 4 million of the 4.5 million total cards estimated to be issued.
Dixon estimated that the services have installed 1 million to 2 million CAC readers on personal computers. SCM Microsystems Inc., of Fremont, Calif. has delivered 1.5 million card readers to the program, said Jason Schouw, vice president and general manager of American sales for SCM.
Joab Jackson is the senior technology editor for Government Computer News.