Infrastructure plan: Governmentwide PKI key to cyberdefense

Protecting critical information infrastructures within the federal government requires the development of a governmentwide public-key infrastructure to ensure data integrity and user identification and authentication for traffic, such as e-mail, carried over public networks.

While individual agencies have ongoing PKI initiatives — with DOD the leader in rolling out services — President Clinton's National Plan for Information Systems Protection, released yesterday, calls for interconnection of these PKIs. "Full protection [of federal information systems] requires an integrated, fully functional PKI," the plan states.

Since PKIs also will serve as the basis for electronic commerce transactions, the plan also calls for interconnection of federal systems with private-sector systems because "isolated PKIs do not [protect infrastructures that cross government or industry sector boundaries," according to the plan.

The plan states that the Federal PKI Steering Committee, housed at the Treasury Department, has started developing a Federal Bridge Certification Authority, which will facilitate the interconnection of separate federal agency PKIs into an overall federal PKI. The Federal Bridge CA will set up the mechanism with private-sector PKIs, enabling federal users to conduct secure transactions with private firms.

Featured

  • Defense
    concept image of radio communication (DARPA)

    What to look for in DOD's coming spectrum strategy

    Interoperability, integration and JADC2 are likely to figure into an updated electromagnetic spectrum strategy expected soon from the Department of Defense.

  • FCW Perspectives
    data funnel (anttoniart/Shutterstock.com)

    Real-world data management

    The pandemic has put new demands on data teams, but old obstacles are still hindering agency efforts.

Stay Connected