Several years ago, the Department of the Navy (DON) implemented the use of smart cards as data storage and identification (ID) cards. We led the way in smart card implementation, and eventually, our smart card efforts evolved into the Department of Defense (DoD) Common Access Card (CAC), which is now the standard ID card for all DoD personnel.
The CAC has become integral to the way the DON and the entire DoD conduct secure logical access, online transactions, and physical access. There are 4 million CACs with Public Key Infrastructure (PKI) digital certificates in use throughout the DoD — the largest and most successful PKI/smart card initiative in the Western Hemisphere.
Recent mandates are requiring the use of the CAC for enhanced security and identity management. Homeland Security Presidential Directive-12 (HSPD-12) requires all federal agencies to issue "Personnel Identity Verification" cards to all civilians, military and support contractors. HSPD-12 requires the adoption of a common identification standard governing the interoperable use of identity credentials to allow physical and logical access to federal government facilities and systems. It also mandates a secure and reliable identification that is based on a sound vetting process for verifying an individual's identity, is strongly resistant to identity fraud, can be rapidly authenticated electronically, and is issued only by accredited providers. For DoD, the CAC will be our HSPD-12 identity card.
The DoD is also accelerating the implementation of PKI digital certificates for access via cryptographic logon to DoD networks and authentication to secure Web sites by summer of 2006. The Joint Task Force for Global Network Operations (JTF-GNO) has issued a tasking that addresses this implementation.
Aligning to a common smart card/PKI solution across all of DoD has been a great accomplishment. We are now using the CAC for applications that range from digitally signing and encrypting e-mail, to arranging travel, managing food service, and tracking weapons issuance.
The acceleration of our efforts to use the CAC across the Navy-Marine Corps team to: (1) gain access to our networks and secure Web sites; (2) replace labor intensive paper-based processes with electronic solutions that use digital signatures; and (3) implement a consistent enterprise-wide approach to physical access to our bases and facilities will not only improve the protection of our people and information systems, but also reduce costs.
While the JTF-GNO timeline is very aggressive, our shared commitment to this effort is crucial. I encourage you to fully support these efforts to accelerate the implementation of CAC and PKI technology and to continue to identify additional uses for these powerful identity management tools as we work together to achieve our vision of network-centric operations.