Intelink-U's acceptance of HSPD-12 cards boosts identity management

Wednesday - 12/11/2013, 6:14am EST

Jason Miller interviews Mike Kennedy, the executive for assured interoperability for the Program Manager of the Information Sharing Environment

Download mp3

The Intelligence Community is making it easier and more secure for federal partners to access its community sharing platform, Intelink-U.

Several non-intelligence community or non-Defense Department agencies can use their smart identity cards under Homeland Security Presidential Directive-12 (HSPD-12) to log onto the network.

Mike Kennedy, the executive for assured interoperability for the Program Manager of the Information Sharing Environment, said Intelink-U's acceptance of HSPD-12 cards marks another step toward creating a secure information sharing environment.

"It can be people that have a need for their mission related purpose. It is for the extended intelligence community that is out there. There are certain law enforcement search capabilities so the intelligence portion of a law enforcement agency can get in there and get information," Kennedy said. "And it provides real- time information sharing in a collaborative environment for all of them. It is in the unclassified environment, but a protected unclassified environment."

Intelink-U started in 1994 as a common platform to share data in a protected, but unclassified setting. Over time, the program has expanded to include a series of tools, such as enterprise search and discovery, which includes video, pictures and maps, instant messaging/chat capabilities, a microblogging site called eChirp, Intellipedia and ivideo and picture gallery functions.

Expansion is underway

Kennedy said the departments of Treasury, Homeland Security and State already have access to the system through their HSPD-12 cards. Most recently, Intelink-U added the departments of Health and Human Services, Veterans Affairs and the Justice Department's Bureau of Alcohol, Tobacco, Firearms and Explosives.

"By accepting the [HSPD-12 cards] through there, it provides the credentials in an automated fashion, provides ease of access and brings it in so it's done," Kennedy said. "By doing this, it provides the recognition at the front door. And Intelink adopted HSPD-12 as a standard, reduced the dependence of Intelink accounts and leveraged the agencies authoritative processes to validate the users."

For several years, the platform accepted the Defense Department's Common Access Card (CAC).

Kennedy said the expansion to HSPD-12 cards is a major event because of how it creates that secure information sharing environment.

He said it was the part of protecting the information and the environment that was missing previously.

"It provides a high level authentication and verification," Kennedy said. "It demonstrates one of Intelink's guiding principles for identity-credential once, credential at the edge and trust the credential. What this means is HSPD-12 users have seamless access to Intelink-U. What it does is it meets federal standards, simplifies the users' experience and strengthens cybersecurity."

Kennedy added by recognizing HSPD-12 credentials, Intelink-U reduced the number of accounts it maintained by two thirds, and achieved public key infrastructure (PKI) authentication for almost 90 percent of active Intelink-U users.

Long-standing, difficult goals

The goal of responsible information sharing has been hard to achieve over the past decade. Beyond DoD, agency progress to use smart cards for computer and physical security access has been slow. The idea of connecting the data on the card to a roles and responsibilities function to ensure users only have access to data and systems they are allowed to also has been slow to take off.

Kennedy said several initiatives supported by the ISE, including the back-end attribute exchange, are showing agencies are more ready today than ever to take advantage of the technology and tools.

"Implementing the Federal Identity Credential and Access Management (FICAM) framework across all fabrics of government is one of the primary directives we are doing, and these are pieces of the puzzle that help to do that," he said. "It provides very big and very good tools. I see us advancing the overall capability for the federal government for all whole of nation and whole of government."

Over time, the broader use of these smart cards also will help with the insider threat. Most recently, leaks of classified documents by Edward Snowden and through the WikiLeaks site could have been blunted with these technologies.

Kennedy said the government has been trying to address the insider threat for many years, but those two cases brings more attention to these issues.

"The visibility does promote it, gain attention and provide impetus to move forward," he said. "It would go a long way in the prevention and auditing of information. Implementing FICAM across all fabrics is going to happen, where years ago, I'd have said 'It will never happen in my lifetime.' Now it will happen in my lifetime and I see the light at the end of the tunnel. It's not a train coming at me, but it's actually a light we can actually achieve. We can make it."

RELATED STORIES:

PM-ISE shepherds secure data sharing tools from validation to expansion

White House: Information sharing a key ingredient in cyber efforts

Agencies finally figuring out how HSPD-12 cards can improve security