Pentagon to launch high-assurance PKI test

The Defense Department this week selected General Dynamics Communications Systems to conduct a one-year pilot program that will evaluate the feasibility of outsourcing systems that protect some of the department's most privileged information.

Under its public-key infrastructure (PKI) roadmap — the plan that assures that only authorized people have access to the agency's electronic information — DOD already issues medium-assurance Class 3 certificates to its employees and contractors. Digital certificates hold encrypted information that often includes a user's identity and a user's authorization for applications.

But the more intensive high-assurance Class 4 certificates require a hardware token, such as a smart card, and in-person registration to make them more secure. The pilot will help determine whether industry can provide the level of security DOD requires, said Sandra Wheeler, business development manager for General Dynamics.

"It's trying to look at the existing commercial infrastructure and see if those are enough to meet the DOD Class 4 certificate needs," she said.

The current DOD model has local DOD-owned registration authorities that issue, maintain and update certificates. Under a commercial model, there would be a central certificate authority operated either by DOD or a vendor, but only the local DOD registration authorities would issue the certificates, Wheeler said.

"I think [the two models] are kind of moving together," she said. "Government is moving away from the [government-owned] systems, and industry is moving toward more high-security awareness."

For the pilot, General Dynamics has partnered with a division of its former company, GTE CyberTrust, to provide the technology component. General Dynamics also will train DOD personnel on the tasks that registration authorities perform versus certificate authorities. The company also will show DOD how to incorporate the PKI and certificates into their applications, Wheeler said.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected