NSA concerned about PKI scalability
Senior official from the supersecret agency warns that deploying a PKI infrastructure throughout DOD may be costly and more difficult than originally thought
Protecting access to Defense Department information systems with public-key infrastructure software tokens presents an "enormous problem'" because of the scale of the effort involved in issuing digital certificates to a uniformed and civilian work force that totals more than a million users, a top National Security Agency official said.
Mike Jacobs, deputy director for information systems security at the NSA, said the scalability challenges of providing PKI to all DOD users — as well as military dependents for access to benefit systems — is an effort that will test both the agency and industry, adding that officials "don't know whether or not you can scale up" to millions of users.
Jacobs, speaking last week at the West 2000 conference sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute, also said DOD has to follow the PKI route because highly secure encryption algorithms housed in hardware — PCMCIA cards, developed by the NSA — cost too much.
Jacobs added that NSA will soon "put out to bid" its PKI requirements, trying to determine "if it is possible" to field the kind of certificates it requires to protect its global enterprise.
NEXT STORY: A PC for every sailor