ITAA favors current smart card specs

Members of the Information Technology Association of America say they hope to persuade federal officials to modify a proposed biometric smart card specification being developed in response to Homeland Security Presidential Directive 12. Federal officials are rushing to ratify the new standard by the end of February.

Officials at ITAA, which represents some of the nation's largest computer hardware and software companies, have asked government officials to build upon federal smart card standards already in use in the Defense Department and several other large agencies. That standard is known as the Government Smart Card Interoperability Specification.

In comments on a draft version of the federal biometric smart card standard, ITAA's leaders also asked federal officials to consider pushing back an Oct. 25 deadline for agencies to begin issuing the new identification cards to executive branch employees and contractors who work in federal buildings. "We want them to move quickly but to take the time to do it right," said Jennifer Kerber, ITAA's director for homeland security.

ITAA officials submitted these and other comments to officials at the National Institute of Standards and Technology, where the card standards are being written. NIST officials say they have received more than 1,900 comments on the proposed biometric smart card specification, Federal Information Processing Standard 201.

NIST officials released a draft document this week containing revised specifications for interfacing with the proposed card standard. The period for public comment on the new document, Special Publication 800-73, ends Feb. 14.

ITAA members asked NIST officials to work with Office of Management and Budget officials to estimate what agencies will have spend to implement HSPD 12, which requires them to quickly adopt a common identification standard for executive branch employees and contractors.

ITAA officials also asked NIST officials to consider requiring agencies to use knowledge-based authentication and document verification technologies to supplement traditional background checks before issuing the cards.

In further advising NIST, ITAA officials said that OMB officials should consider creating an identity and access management line of business and making it part of the IT planning documents known as the Federal Enterprise Architecture. As part of that requirement, they said, agency officials would develop identity and access management business case documents and submit those with their budget requests.

In a separate action last week, NIST officials released a draft biometric data specification for personal identity verification to supplement FIPS 201. The new document, Special Publication 800-76, is a proposed standard for preparing biometric data such as fingerprints and facial images for submission to the FBI for employee background checks.

Government and industry officials and others have until Feb. 7 to submit comments on the document to NIST at the following e-mail address: DraftFips201@nist.gov.

A separate document, which is a final public draft of Special Publication 800-53 on recommended security controls for federal information systems, is also ready for public review, NIST officials said.

The document recommends security controls for low, moderate, and high impact information systems based upon a system's security categorization. A separate NIST document, FIPS 199, tells how to categorize systems for security purposes.

The final public draft is a precursor to a final document that will become FIPS 200 in December. FIPS 199 and FIPS 200 are standards that federal agencies must comply with under the Federal Information Security Management Act of 2002.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.