Smarter cards control access at Treasury

Who's in charge

Drew Ladner


Mike Parker

Deputy CIO

Tim Hurr

Chief Information Security Officer

Steve Bryant

Director of IT Governance and Budget

Gayle Bracy

Director of Policy and Planning

Top contractors

(in millions, Fiscal 2000)

Computer & Hi-Tech Management


Northrup Grumman Corp.


Computer Sciences Corp.


IBM Corp.


Booz Allen Hamilton Inc.


Accenture LLP


Paradigm Solutions Corp.


Unisys Corp.


Presidio Corp.


ITS Services Inc.




Sources for Inside Treasury include the Treasury Department and Input of Reston, Va.

'It's about authenticating that people who get on the network should be getting on the network, and doing that in an efficient way.'

'Treasury CIO Drew Ladner

Henrik G. de Gyor

Treasury Department employees no longer show a laminated photo identification card to Secret Service agents to enter department headquarters. Now they simply swipe a smart card through readers installed on turnstiles at the building's entrance.

The cards, which contain a digital photo, fingerprint biometrics, public-key credentials and an access code, also have replaced the passwords that got users into their Treasury networks.

The Electronic Treasury Enterprise Card project, which began Jan. 5, is the only government smart-card project intended for departmentwide physical, computer and network access, Treasury CIO Drew Ladner said. 'Our card is shooting for single sign-on,' he said.

Treasury ran its first test in early 2003, issuing 7,000 cards to users at six bureaus to evaluate a variety of technologies for physical access. The department issued 2,000 more cards at headquarters from June through September to test IT access.

The CIO Council is working with the department on phasing in the program at remote bureaus. The Bureau of Engraving and Printing and the Alcohol and Tobacco Tax and Trade Bureau, both in Washington, will next deploy E-trec. The bureaus have each completed a pilot, and Engraving and Printing already has more than 200 cards in use, said Trung Nguyen, E-trec program manager in the Office of the Treasury CIO.

E-trec has more functionality than other federal smart cards because it combines fingerprint biometrics, radio-frequency identification and public-key credentials so it can be used for both physical and electronic access, he said. It conforms to the current National Institute of Standards and Technology smart-card interoperability specification.

The card has a digitized signature, embedded proximity antenna, bar code and magnetic stripe, Nguyen said. Bureaus can pick and choose among the smart-card capabilities, although there is a baseline of requirements that everybody uses, he said.

Treasury committed to a departmentwide security governance framework and architecture after the Sept. 11, 2001, terrorist attacks, Ladner said. Treasury's physical assets are more distributed now, making physical and electronic access more of a business problem. 'It makes sense to integrate a solution that attacks both the physical and logical access. It's cheaper, and it makes for better security,' he said.

Critical to security

An integrated program that pulls together different facets of physical and electronic authentication is considered critical to securing the department. 'This card helps us leap forward in doing that,' Ladner said.

For example, when a new worker joins the department or someone leaves, Treasury's human resources office makes the necessary security modifications to personnel records, either adding or deleting the person's authentication.

Treasury does not incorporate personal information into the card, only access control information such as biometrics and digital certificates. 'Its purpose is just to make sure who is here and who is entering and exiting,' Nguyen said.

'It's about authenticating that people who get on the network should be getting on the network, and doing that in an efficient way,' Ladner said. Making the process more efficient cuts costs on password-related activities and boosts security.

Maximus Corp. of Reston, Va., manages the cards, and Trinity software from ActivCard Corp, of Fremont, Calif., manages the biometrics and single sign-on. Entrust Inc. of Dallas provides public-key credentials, digital signatures and encryption.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.