Administration touts smart cards, but some agencies are skeptical

Administration touts smart cards, but some agencies are skeptical

While the Office of Cyberspace Security prepares a governmentwide security plan for release this summer, Paul Kurtz, its senior director for national security, is urging agencies to think seriously about using smart cards to protect their systems against a terrorist attack.

The Cold War model won’t work this time, he said at a conference sponsored by the Smart Card Alliance. “We can’t use those radars in Alaska to find that cyberattack,” he said.

“Smart cards obviously will be a part of the solution set,” he said. “We need to connect all agencies and private-sector operating systems.”

Theresa Schwarzhoff, senior computer scientist and program manager at the National Institute of Standards and Technology, said her agency is developing a road map to help agencies understand their security needs.

The technology exists for smart-card adoption, but individual agency policy can be a barrier to governmentwide adoption of the card. “Even though there are standards, there are different ways standards can be implemented,” she said.

Version 2.0 of the Government Smart Card Interoperability Specification will include standards for agencies to store biometric templates on the smart cards. “We want to see smart cards with security in mind,” Kurtz said. “We want security built in up-front.”

Freda Paintsil, an information security analyst at the General Accounting Office who is working on a report that could be released as early as August, said the government will have to overcome at least three barriers to smart-card adoption.

The biggest barrier is that civilian agencies, unlike the Defense Department, do not have a mandate—or the funding that goes with it—to adopt smart cards.

And because there are no technical standards for smart-card readers for physical access, agencies can only use cards for network access.

Some Defense offices in commercial buildings have the added pressure of convincing commercial owners to install smart-card readers at building entrances.

“There’s no federal legislation,” Paintsil said. “That’s probably the biggest barrier.”

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.