Navair pioneers military smart card

Naval Air Systems Command's NMCI site

The Naval Air Systems Command, the first organization to hook up to the

Navy Marine Corps Intranet, also will be among the first to use the Pentagon's

newly introduced smart card.

The Common Access Card is based on smart card technology that stores

and processes information on an embedded microprocessor chip. It was introduced

publicly Oct. 10 at the Pentagon and combines public-key infrastructure

technology for network security purposes and personal identification information.

The cards, which are in beta testing now, will become the departmentwide

identification card to be used for electronic commerce, access to facilities

or networks, creation of digital signatures for e-mail and storing encryption

information. In addition, the cards eventually could include such things

as medical and dental information.

"This will go to all of our active duty, reserve, civilians and select

contractors," said Bernard Rostker, undersecretary of Defense for personnel

and readiness. "It is a card that puts us in the forefront of e-commerce

and security with the advent of bar coding and magnetic strips and, for

the first time, a smart chip."

Because Navair, based in Patuxent River, Md., will be the first organization

to install NMCI, a $6.9 billion program awarded Oct. 6 to Electronic Data

Systems Corp., it also will be among the first to receive the Common Access

Cards. Computer workstations delivered to Navair as part of the NMCI program

will come equipped with readers for the smart cards, according to Pentagon

officials.

Paul Brubaker, DOD deputy chief information officer, said the length

of testing remains uncertain, but he added that DOD hopes to begin fielding

an initial capability in 01/and issue the cards department-wide within

a few years.

The cards also are being tested by several other organizations within

DOD, including the office of the assistant secretary of Defense for command,

control, communications and intelligence, which is ultimately in charge

of both NMCI and the smart card programs.

Beginning this month, the military intends to issue 50,000 cards. The

cards hold 32K of memory, 13K of which will be set aside for digital certificates

and another 7K for use as each service sees fit. Although the cards will

contain some personal information, such as name, rank, serial number and

blood type for military personnel, DOD might limit how much information

is placed on the cards.

"We're actually trying to dumb down the card a little bit so that when

you plug the card in, a computer registry somewhere will tell you information

about that person," Brubaker said. "We don't want a lot of that data, even

though it's encrypted, to be floating around on a card until we test it."