DoD to make greater use of biometrics for access control
The U.S. Department of Defense (DoD) is expected to receive direction in January for its plan to replace the Common Access Card (CAC) with an identity management system making greater use of biometrics, Federal News Radio reports.
A 2004 e-authentication memo will soon be rescinded, after which the Office of Management and Budget will release an identity management policy under the IT Modernization Strategy for public comment within 45 days, according to National Institute of Standards and Technology (NIST) senior standards and technology advisor Paul Grassi.
The DoD is on the cusp of breakthroughs in biometrics that could be used to update its physical and logical access controls, according to the report. DoD deputy product manager and chief engineer for biometrics enabling capability Will Graves told an Armed Forces Communications and Electronics Association (AFCEA) panel at Bethesda that the Pentagon will test face, DNA, and other biometric modals over the next year in Iraq or Afghanistan.
“It’s kind of a baby-step type of process. We will start with the physical access and then we will move on to some of the logical access,” Graves said according to Federal News Radio. “DARPA has been doing some work on active authentication. As you are on the computer, it will take a face from the camera and confirm it’s you. They’ve also looked at keystroke, mouse stroke and other active authentication. If you steal my CAC and my PIN, you can’t actually access the information I’m allowed to access. That’s some of the stuff that is further down the road.”
The tests are part of the DoD’s adoption of biometrics for identity and access management, not just law enforcement, Graves says. He also said that the DoD is working with the University of Virginia on a rapid DNA device built on a CD which will cost less than $10,000, and will be deployed in the Central Command region next year.
Graves also said that the Mark Center in Alexandria, Virginia, which is equipped with fingerprint, iris and facial recognition capabilities, is an example of how the DoD uses different modalities.