1 / 19

Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview

Spring 2004 ADP IT and Acquisition Training Conference 27-29 April 2004. Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview. http://www.biometrics.dod.mil Phone: ( 703) 604-2096 Fax: (703) 604-3031 DSN: 761-2096 biometricsoffice@hqda.army.mil.

lis
Download Presentation

Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spring 2004 ADP IT and Acquisition Training Conference 27-29 April 2004 Department of Defense (DoD) Common Access Card (CAC) and Biometrics Integration (CBI) Overview http://www.biometrics.dod.mil Phone: (703) 604-2096 Fax: (703) 604-3031DSN: 761-2096 biometricsoffice@hqda.army.mil Min Chong ISS Program Manager Department of Defense Biometrics Management Office mchong@iss-md.com

  2. Purpose To provide an overview of the CAC-Biometric Working Group (CAC-BWG) efforts in pursuing the inclusion of biometrics technology with the CAC

  3. Agenda • Background • CAC-Biometrics Technology Demonstrations • Road Ahead

  4. 1. Background Biometrics Biometrics is the automated recognition of a person using distinguishing characteristics

  5. Biometrics and DoD • Changes in today’s military… • Global operations • Distributed working & warfighting scenarios • Increased reliance on information technology • Dependence on extensive electronic situational awareness in the battle space • …require a paradigm shift in identity assurance. • Connect identity to biometrics • Link actions with identity • Employ a “human-centric” approach

  6. Biometrics Addresses the Gap Objective • 100% Identity Management • Biometrics • Enterprise Solution Status Quo The Gap • Claimed Identity • “Official” Documents • Tokens & Keys • PINs & Passwords • Deficiencies in • Identity Authentication • Access Control

  7. Common Access Card CAC is a Smart Card that serves as… Armed Forces of the United States Personnel Identification Replaces the “ID” Card SAMPLE Army Active Duty Parker IV, Christopher J. Rank LTCOL Pay Grade O5 Issue Date 1999SEP03 Expiration Date 2002SEP01 Geneva Conventions Identification Card Building Access Systems & Network Accesswith PKI Application Provides: - Digital Signature - Data Encryption

  8. 1. Coordinate and analyze requirements for CAC-Biometrics. 2. Seek commonality and interoperability in applications. 3.Assist combatant commands, Services, Agencies, and Functional Community Panels. 4. Evaluate biometrics alternatives. 5. Develop and recommend a CAC-Biometrics integration solution. 6. Recommend related CAC-biometrics hardware and software. 7. Recommend related CAC-biometrics policy and legal Issues. 8. Develop the business case. 9. Develop the roadmap for successful integration of biometrics with the CAC. “CAC-BWG Objectives” Smart Card Senior Coordinating Group (SCSCG) Establishes the CAC-Biometrics Working Group (CAC-BWG) Identity Management Senior Coordinating Group (26 Sept 2001)

  9. Inclusion of Biometrics Technology 2. CAC-Biometrics TD • The strategy to achieve a DoD Enterprise CAC-Biometrics solution is a two-phased approach • Phase I: Technology Demonstrations • Phase II: Demonstrate suitable Enterprise Solution • The three Technology Demonstration Concepts are: • CAC-A: Biometrics/PIN • CAC-B: Template on CAC Application • CAC-C: Contactless with CAC

  10. CAC-A Access to CAC Armed Forces of the United States SAMPLE Army Active Duty PIN Parker IV, Christopher J. Rank LTC Issue Date 1999SEP03 Pay Grade O5 Technology Demonstration CAC-A (Biometric/PIN) • Four scenario proof-of-concept: • Store on Server-Match on Server • Store on PC-Match on PC • Store on CAC-Match on server • Store on CAC-Match on CAC • Phase I of CAC-A has two distinct parts: • Part 1: develop biometrics solutions • Part 2: DMDC develops an applet (“Access Control Applet”) that supports a generic PIN/key solution Biometrics as an Alternative to the PIN

  11. Next Generation CAC 64k smart cards Contactless capability (TBD) Version 2 Applet Utilizes the Access Control Applet (ACA) Set Access Control Rules to access the CAC Current Status Version 1 Applet Must utilize the PIN Users often forget their PIN Interim CAC PIN Reset (CPR) Solution Armed Forces of the United States SAMPLE Army Active Duty Parker IV, Christopher J. Rank LTCOL Pay Grade O5 Issue Date 1999SEP03 Expiration Date 2002SEP01 Geneva Conventions Identification Card Access the CAC Integrated Circuit Chip (ICC)

  12. CAC-B Armed Forces of the United States Biometric On CAC SAMPLE Army Active Duty Parker IV, Christopher J. Rank LTC Logical Physical Issue Date 1999SEP03 Pay Grade O5 Technology Demonstration CAC-B (Template on CAC Application) • CAC-B is a follow on effort from CAC-A Scenario 3 • CAC-B focuses on placing the Biometric Attribute Certificate on the CAC • Logical Access • Log on to Windows 2000 • Secure Website • Physical Access • CAC + Biometric • Biometric + PIN The CAC as a carrier for the Biometrics

  13. Pay Grade O5 Technology Demonstration CAC-C (Contactless with CAC) • CAC-C focuses on three biometrics contactless solution: • Physical Access System • Portable Physical Access System • Physical Access System that uses a turnstile • Provide an interoperable contactless physical security solution • Evaluation in progress CAC-C Mifare and DESFire Contactless Technology Armed Forces of the United States SAMPLE Army Active Duty Parker IV, Christopher J. Rank LTC Issue Date 1999SEP03 Contactless

  14. 3. Road Ahead Proposed CAC-A /B Phase II Efforts • Merge CAC-A and CAC-B into one Phase II effort • CAC-A/B Phase II effort is a two parts process: • Part 1: Concept Refinement • Part 2: Technology Development

  15. Part 1: Concept Refinement • Focus the scope and evaluate two distinct capabilities • Store Biometrics on Card and perform Match-On-Card Capability • Store Biometrics on Card and perform Match-Off-Card Capability • Coordinate the Match-On-Card development effort between the CAC-BWG and the DMDC-West • Conduct further analysis and study to determine the optimal capability for DoD

  16. Part 2: Technology Development • Leverage the results and lessons learned from the CAC-Biometrics Phase I efforts • Develop prototype capability that reflects the optimized CAC-Biometrics solution for DoD • Identify operational and security requirements • Demonstrate the business process and systems architecture • Recommend appropriate standards

  17. Summary • Biometrics on or with the CAC may open the door to enterprise use of biometrics throughout the DoD • The use of CAC with the biometrics authentication capability is vital to achieving a secure Information Assurance posture for the Defense Information Infrastructure

  18. Questions ?

  19. Department of Defense Biometrics Management Office Biometrics Fusion Center http://www.biometrics.dod.mil/ BFC Help Desk: (304) 842-0730 x 2233 helpdesk@dodbfc.army.mil

More Related