Army leads DOD's biometrics

The Army has established a basic plan to implement the Defense Department's policy on biometric technologies that calls for an enterprise solution to be fully operational by January 2005.

Lt. Gen. Peter Cuviello, the Army's chief information officer, said as the executive agent for DOD's management of biometrics, the Army is heading up the two offices leading this endeavor: the Biometrics Management Office and the Biometric Fusion Center.

The management office, which is in the Washington, D.C., area, has oversight responsibilities, including planning and budgeting, and has every military service represented as well as liaisons from other federal agencies, Cuviello said during a June 12 panel discussion at the Armed Forces Communications and Electronics Association's TechNet International 2002 conference in Washington, D.C.

The Biometric Fusion Center, located in West Virginia near the FBI's fingerprint lab, handles testing and evaluation, pilot projects and establishing an approved products lists for DOD, he said.

Cuviello said biometrics for DOD is centered on the Common Access Card initiative and "not trying to figure out who the good guys are, but who the bad guys are."

He added that a contract for the first phase in creating biometrics for the CAC was awarded earlier this year to Northrop Grumman Corp. and KPMG Consulting Inc.

DOD's biometrics implementation plan has been placed on the Program Objective Memorandum for funding in fiscal years 2004 to 2009, with the following timeline goals:

* October 2002 — Partnering with the Defense Manpower and Data Center, the universal database for CAC information.

* May 2003 — Technology demonstrations and architecture design.

* October 2003 — Establishing a policy framework.

* January 2004 — Initial operational capability for the enterprise solution.

* January 2005 — Full enterprise operational capability.

DOD currently has allocated about $35 million for biometrics, and Cuviello said future funding levels are difficult to predict. "We know the funding needed to implement the process, but we don't know the procurement dollars yet because we don't have the requirements yet — and that's where the big bucks are."

Going forward, Cuviello asked for industry to lead in many areas, including:

* Technology demonstrations, namely integrating biometrics into the CAC and making it "spoof proof," so an individual's identity can't be stolen.

* Standards compliance.

* Middleware to integrate multiple systems and equipment.

* Decreasing response times.

"The bottom line is we need help," he said. "We have a road map, and we're moving fast." However, he added that bases are buying what's good for them and not necessarily what will be needed for the Army, DOD or American enterprise.

Joseph Atick, chairman and chief executive officer of Visionics Corp., which is working with the Army and other government agencies on facial-recognition technologies, said that a national biometric system could be built by scaling existing components — such as the FBI's massive fingerprint database and developing a platform for interoperability.

Atick said the new framework must have a "human-centric" approach, focused on enabling and preventing actions, as opposed to the traditional security stance of adding barriers. He also acknowledged that the accuracy and speed of biometrics must be improved.

Catherine Tilton, director of special projects at SAFlink Corp. and chairwoman of the steering committee for the Biometrics Application Programming Interface Consortium, agreed and said that standards adoption is a way to speed biometrics into the field for national security and defense initiatives.

"People have compared making sausage to making standards in that you don't want to see either done," Tilton said. "But making sausage is much faster than making standards [and] if standards are important to national security," then government and industry need to fund them.