By Thomas Corder, CEO of IDFACTORS
DoD’s first access system that used the Government Smart Card (CAC) was Installed 20 Years ago this Month – let’s look back at how this came to be and what’s next.
The Situation
The DoD first deployed the Common Access Card (CAC) in 1999 as a credential to access secured networks, databases and websites. Shortly after the 9/11 terrorist attacks, a forward-thinking officer in the US Army, LTC Greta Lehman, concluded that a real-world installation of CAC readers for door access was needed.
LTC Lehman was the senior officer responsible for deploying the CAC, Public Key Infrastructure (CAC/PKI) and Enterprise Biometrics Program globally for the Army’s PEO/EIS at Ft. Belvoir, VA.
While others in Government wanted to fund lab experiments, in her view “experiments were great but would a CAC reader work in the real world?” She wanted to know.
At the same time, I had been meeting with executives from the DOD DMDC, both in Monterey CA and Washington DC, to demonstrate our smart card reader technology. In January of 2002, through an introduction made by DMDC, I met with LTC Lehman and demonstrated our CAC reader prototype, which was exactly what she wanted to see.
The Challenge
She had been searching for a firm willing to take on the task of using the CAC and Biometrics for door access. IDFACTORS was one of the few firms in the U.S. with expertise in smart cards, embedded systems and software.
LTC Lehman dropped a challenge; could we develop and install an 8-door access system at the PEO/EIS building in 8-months?
- Requirements included use of the CAC and PIN to grant access during duty hours and CAC + PIN + BIO fingerprint match to grant access during off-duty hours.
- And, of course, it had to be managed by software that controlled the doors by personnel access level and record all transactions.
The Solution
In January 2003, our extraordinary team of engineers and technicians successfully installed and commissioned the system at Fi. Belvoir.
LTC Lehman referred to the mission – which she had named “Lead Dog” – as “very successful” and it lead to other installations at Ft. Rucker, Ft. Hood, Ramstein AFB in Germany, Travis AFB in California and many more.
My thought bubble: It still amazes me what LTC Lehman and the team at IDFACTORS were able to achieve in 8 months on a limited budget. There is still a lot of work left, however. Today the Government and the security industry must adopt use of the one secure element on the Government Smart Card; the public key certificate.
The security industry needs to provide more encouragement to Government and the critical infrastructure community to deploy systems that utilize the cryptographic tools available for strong security.