The U.S. Department of Defense has recently issued its 1 millionth smart card-based Common Access Card (CAC). Enabled by digital identity management (IDM) from Fremont, Calif.-based ActivCard as well as secure card applets, the CAC is a military ID badge that enables building and site access. The DoD uses an open standards-based IDM system, known by the department as the “issuance portal,” to initialize, personalize and manage user credentials and applications on over one million chip-based smart cards issued to active duty personnel around the world.

The millionth CAC milestone was celebrated in a special ceremony at an issuance site at Fort Belvoir in the Washington, D.C. area.

“We are incredibly proud of accomplishing this milestone with the Defense Manpower Data Center (DMDC) team to create and manage the world’s largest deployment of multi-application smart card-based ID badges,” said Activcard CEO Steven Humphreys. “It is gratifying to be recognized for providing the digital identity management system, which has enabled a deployment of this magnitude and has tightened security for military personnel around the world.”

“Our team has worked very hard to use commercially available products and to push the smart card industry toward standards-based products and full interoperability,” said DMDC director Kenneth C. Scheflen. “What DoD has accomplished is now available to other governmental and private organizations who want to leverage the technology with minimal start up time and costs.”

The system consolidates multiple credentials and applications on a single card into the applets – special applications designed for smart cards stored in the cards – which are PIN, PKI and generic container (GC). CAC users are then enabled to digitally sign and encrypt/ decrypt e-mail, approve electronic purchases and provide user authentication for network access, while their demographic data and PKI certificates are stored in the GC. After issuance, the IDM system can add or update applications or information on the CAC card.

Creating the Cards

The IDM software is the foundation for the card system’s infrastructure. The company originally developed the specifications for the CAC card infrastructure, including secure channels for issuance and post-issuance management, usage and future applications, in 1999. The company then developed and licensed the CAC applets to the DMDC for 4.3 million users.

In conjunction with integration partner EDS, a Texas-based company founded by former presidential candidate H. Ross Perot, IDM software was deployed on user enrollment workstations in 900 locations around the world, including the Pentagon, military bases and aircraft carriers. ActivCard’s technology was the only kind deployed throughout the CAC infrastructure.

Now at 1 million users and counting, the Defense Department seems to be rather pleased with the results.

More information on smart cards? Go to Security magazine’s Web site at www.securitymagazine.com and check out the LINX search box at the top of the opening Web page. Choose Security in the right hand pulldown menu and use keywords such as smart card. Security’s LINX is powered by Google. You can use it to search for product sources as well as background articles.

Sidebar: Other CAC Applications

As the DoD approves department-specific applications, the Common Access Card will be used for streamlining a variety of personnel and logistics management operations:

Payment application

Medical and dental

Food service

Manifest tracking

Warrior readiness

Armory and property accountability

Morale, welfare and recreation tracking

Quarterdeck control

Government Smart Carders Form Physical Access Council

Earlier this year, smart card government and industry leaders announced they were forming a new Physical Access Council, created by the Smart Card Alliance of Princeton Junction, N.J.

“The Alliance task forces have done significant work in the areas of physical and logical access security in recent years. Now we’re launching a group that will work on focused activities and topics important to the physical access industry so that we can speed smart card adoption in this important market,” said Randy Vanderhoof, executive director of the Smart Card Alliance.

The Physical Access Council is managed by a combined government/industry steering committee. Among members: AMAG Technology, Axalto, Integrated Engineering, Northrop Grumman, MAXIMUS, Philips, SCM Microsystems and the U.S. Department of Homeland Security.