Defense changes tack in issuing smart cards
- By Dawn S. Onley
- May 14, 2004
Mary Dixon, director of the Access Card Office in the Defense Manpower Data Center, says delays are common for large-scale PKI implementations.
Despite having a strong supply chain, the Defense Department missed its deadline last month for issuing smart cards to 3.4 million service members, civilian employees and contract workers, so the department is tweaking demand.
DOD plans to use the cards to govern physical and electronic access, and, after a grace period, users who don't have them will be denied access. The department expects users to seek out the cards if they can't get into bases and systems.
Under such a strategy, the department expects that, by year's end, all military employees will have a Common Access Card in what Defense officials say is the largest deployment of a public-key infrastructure in the world.
The April 2004 target was the third time since late 2001 that Defense set a goal for all DOD users to receive smart cards. But Mary Dixon, director of the Access Card Office in the Defense Manpower Data Center, said delays are common for such large-scale PKI implementations.
'I think it's important to remember there are always going to be implementation issues for any project that is this size,' Dixon said.
'Anybody who tries to implement a program of this size would be crazy if they thought it would go off perfectly. Ask Microsoft when was the last time it implemented any of its releases without any problems. Or AOL,' she said.
The cards, which use the Java Card Runtime Environment and have 32K of memory, will control physical access to Defense facilities as well as logical access to military information systems.
The next wave of smart cards will have 64K of memory and include digital images and biometric identifiers of their holders.
More than 2.9 million DOD users have received cards, which are used at about 2,000 workstations at 900 locations worldwide. The department has also issued about a million CAC readers.Benefits, too
'The military people use this card as an identification card to get their benefits, get into the commissary and for some physical-access applications,' Dixon said.
Part of the challenge has been issuing cards at the intake points such as military academies and basic training sites where recruits arrive in large numbers but often don't stay very long. Issuing each card takes about 15 minutes.
'They have a very high volume of people that we need to issue cards in a very short period of time. Until we have that, we're constantly trying to catch up with the young men and women who come into our military after they leave basic training,' Dixon said.
She described the military as a 'large mobile population' and her office's task as 'trying to issue cards to people who move around from place to place.'
To help solve the problem, DOD will open a new central issuance facility in October, its primary mission being to hand out cards to new military employees'a move that is expected to make things easier and more centralized, Dixon said.
From that point, Defense users will have six months to get the smart cards or be penalized, Dixon said.
Such measures may include denying users access to PKI-enabled Web sites.
'It's going to be a pull and a push. We've pushed people to get cards, now they're going to start wanting the cards when they can't do their business without them,' Dixon said.
Users who still don't have the access cards after that six-month period will find that their old forms of identification, such as Fortezza cards, will become invalid. In essence, they will no longer have access to military sites and computers.