Corporate Access Cards: Securing Corporate Networks With Military-Strength Digital Identity Solutions
by Marc Hudavert - Vice President and General Manager, ActivCard Europe - Thursday, 24 April 2003.
'Identity theft' has recently hit the headlines as a major security issue but the importance of digital identity and how to protect it has been a consideration for much longer. Even before the dramatic events of September 11, 2001, corporations worldwide were already well aware of the need to ensure a positive verification of the identity of people conducting business online. The concepts that there is no security without identity and that identity provides accountability are increasingly understood by an ever-wider audience. Fortunately the technology for strong user authentication, whether based on two or three factors, is already available to establish trusted digital ID credentials for secure access to multiple applications. And the issuance, usage and management of those credentials can now be achieved in a very rapid, convenient and cost-efficient way while at the same time meeting the network security needs of governments, corporations and financial institutions worldwide.Digital IDs Gaining Recognition In Government Circles The recognition that digital IDs can ensure the level of confidence needed to do business online has gained significant ground, not least in the government sector as strategies are put in place to deal with the threat of international cyber terrorism. In addition, national, regional and local government organisations are increasingly looking to deploy digital identity solutions for a host of applications such as national ID card schemes, student cards, online voting, online tax return submissions, online passport applications, health benefits cards and drivers' licences. For example, protecting and managing those digital IDs on a large scale is at the heart of the deployment by the US Department of Defense of its Common Access Card (CAC), a smart card-based ID badge. The US Defense Manpower Data Center has recognised the dual benefits of increased security and a strong return on investment that result from being able to consolidate and manage multiple user credentials on a single chip-based ID card. The Common Access Card has already been issued to over 1.3 million military and civilian personnel out of an initial target population of 4.3 million people. The cards enable staff to access physical areas and logical systems such as computer networks. To access these systems, staff strongly authenticate themselves by inserting their Common Access Card into the smart card reader of the terminal and keying in a PIN code on its keyboard. In doing so, staff are not changing anything in their ATM user experience. Then, in a totally transparent and automatic manner, staff will use all of the ID credentials that are loaded on the chip of the ID card. Depending on the nature of the applications, these ID credentials can be static passwords, PKI keys and certificates for digital signing and encryption, fingerprint biometrics as well as demographic credentials required, for example, to manage medical benefits and other entitlements.This infrastructure has been rolled out to around 60% of over 900 DMDC locations worldwide and issuance is continuing at an average rate of around 10,000 cards per day.Today, the IDentity Management (IDM) system that has been developed by ActivCard and its partners for the U.S. DoD Common Access Card project has become a 'commercial off-the-shelf' solution for enterprise applications.Enterprises Seek to Maximise Return on Investment The decision-making process as to which digital identity solution to deploy extends well beyond issues of security. In today's corporate environment security for security's sake is no longer sufficient to justify the significant IT investment involved.