What comes after common access cards?
- By Mark Pomerleau
- Apr 26, 2016
While the military currently grants permission to its networks through common access cards, some Defense Department officials are already thinking about the next generation of authentication technology.
One of the problem spots with the Internet right now is that “you can be whoever you want to be…you can pretend to be somebody else,” Lt. Gen. Alan Lynn, director of the Defense Information Systems Agency, told an audience at a recent AFCEA event.
Although the access cards work reasonably well, 100 percent assured identity could make it much harder for someone to break into and make trouble on the network. “You might be able to do it once, but then we know who you are and we block you from being on the network,” he said. “We really need to take a look at doing identity differently.”
Lynn speculated that one approach could start with mobile devices that are already “keeping track of you.” The popular crowdsourced mobile traffic app Waze, for example, monitor users’ travel patterns, exact location, speed and other data points to figure out how best to get drivers where they’re going, he said. Putting together various pieces of a puzzle, such as work routes, speed, GPS, etc., “could be a portion of identity,” Lynn said.
“What comes after a CAC card for us?” Lynn asked. Determining the next generation of identity will not only be important for the future of the Internet 2.0, but also “for the future of my networks,” he said.
Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.