United States leading PKI pilot for allies

Recognizing the need to have a single security architecture for electronictransactions, NATO has launched a pilot to test a digital authenticationand authorization infrastructure across its 19 member countries.

The NATO public-key infrastructure pilot, run by the Supreme AlliedCommander, Atlantic (SACLANT) out of Norfolk, Va., officially kicked offthis month.

PKI uses digital certificates, which store user identification and authorizationinformation, to secure electronic transactions and communications.

The six-month NATO pilot builds on the governmentwide PKI establishedby Canada, which runs on solutions from Entrust Technologies Inc.

However, there are many challenges when working with technologies andpolicies from so many different countries, said Lt. Cmdr. Chris Kennedy,communications security officer for SACLANT, at the Entrust SecureSummit2001 conference in San Diego on Monday.

SACLANT will be serving as the certificate authority for the PKI, issuingand managing the digital certificates that store each user's authenticationand authorization information. But each member country has its own architecturein place with which the certificates must interact, and there is not alwaysan easy technical solution, Kennedy said.

There are also different policies, laws and cultures that will haveto be reconciled, and compromise cannot be forced. "There is no standardand no authority to impose one," Kennedy said.

So far only a few countries are online in the pilot, but before theend of February it will include representatives from Belgium, Canada, theCzech Republic, Denmark, Germany, Greece, Luxembourg, the Netherlands, Poland,Portugal, Spain, Turkey, the United Kingdom and the United States.