DOD expanding biometrics rules

Common Criteria home page

The Pentagon is considering a new policy that would require biometrics products — whether used for physical security or cybersecurity — to be evaluated

using the Common Criteria Scheme.

When acquiring information assurance products, the Defense Department

is required to give preference to products evaluated under the international

Common Criteria Evaluation and Validation Scheme.

Under the Common Criteria Scheme, products are tested by commercial

laboratories accredited by the National Information Assurance Partnership.

The process allows technologies certified in one country to be automatically

approved for government purchase in any of the 13 participating countries.

Even if used for physical security, biometrics products have information

assurance element and should therefore be subjected to thorough evaluation

prior to DOD purchase, said Phillip Loranger, who leads the office of the

Army's director for biometric technology integration and insertion.

The policy was drafted by Loranger's office and delivered Tuesday evening

to the Army chief information officer, after which it is destined for the

desk of Art Money, the Pentagon CIO.

The Army acts as the lead agency in DOD for biometrics systems. Loranger

said the document has been approved by the other services and that he foresees

no hurdles to final approval.

Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.