Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Intelink-U's acceptance of HSPD-12 cards boosts identity management
Wednesday - 12/11/2013, 6:14am EST
Several non-intelligence community or non-Defense Department agencies can use their smart identity cards under Homeland Security Presidential Directive-12 (HSPD-12) to log onto the network.
Mike Kennedy, the executive for assured interoperability for the Program Manager of the Information Sharing Environment, said Intelink-U's acceptance of HSPD-12 cards marks another step toward creating a secure information sharing environment.
"It can be people that have a need for their mission related purpose. It is for the extended intelligence community that is out there. There are certain law enforcement search capabilities so the intelligence portion of a law enforcement agency can get in there and get information," Kennedy said. "And it provides real- time information sharing in a collaborative environment for all of them. It is in the unclassified environment, but a protected unclassified environment."
Intelink-U started in 1994 as a common platform to share data in a protected, but unclassified setting. Over time, the program has expanded to include a series of tools, such as enterprise search and discovery, which includes video, pictures and maps, instant messaging/chat capabilities, a microblogging site called eChirp, Intellipedia and ivideo and picture gallery functions.
Expansion is underway
Kennedy said the departments of Treasury, Homeland Security and State already have access to the system through their HSPD-12 cards. Most recently, Intelink-U added the departments of Health and Human Services, Veterans Affairs and the Justice Department's Bureau of Alcohol, Tobacco, Firearms and Explosives.
"By accepting the [HSPD-12 cards] through there, it provides the credentials in an automated fashion, provides ease of access and brings it in so it's done," Kennedy said. "By doing this, it provides the recognition at the front door. And Intelink adopted HSPD-12 as a standard, reduced the dependence of Intelink accounts and leveraged the agencies authoritative processes to validate the users."
For several years, the platform accepted the Defense Department's Common Access Card (CAC).
Kennedy said the expansion to HSPD-12 cards is a major event because of how it creates that secure information sharing environment.
He said it was the part of protecting the information and the environment that was missing previously.
"It provides a high level authentication and verification," Kennedy said. "It demonstrates one of Intelink's guiding principles for identity-credential once, credential at the edge and trust the credential. What this means is HSPD-12 users have seamless access to Intelink-U. What it does is it meets federal standards, simplifies the users' experience and strengthens cybersecurity."
Kennedy added by recognizing HSPD-12 credentials, Intelink-U reduced the number of accounts it maintained by two thirds, and achieved public key infrastructure (PKI) authentication for almost 90 percent of active Intelink-U users.
Long-standing, difficult goals
The goal of responsible information sharing has been hard to achieve over the past decade. Beyond DoD, agency progress to use smart cards for computer and physical security access has been slow. The idea of connecting the data on the card to a roles and responsibilities function to ensure users only have access to data and systems they are allowed to also has been slow to take off.
Kennedy said several initiatives supported by the ISE, including the back-end attribute exchange, are showing agencies are more ready today than ever to take advantage of the technology and tools.
"Implementing the Federal Identity Credential and Access Management (FICAM) framework across all fabrics of government is one of the primary directives we are doing, and these are pieces of the puzzle that help to do that," he said. "It provides very big and very good tools. I see us advancing the overall capability for the federal government for all whole of nation and whole of government."
Over time, the broader use of these smart cards also will help with the insider threat. Most recently, leaks of classified documents by Edward Snowden and through the WikiLeaks site could have been blunted with these technologies.
Kennedy said the government has been trying to address the insider threat for many years, but those two cases brings more attention to these issues.
"The visibility does promote it, gain attention and provide impetus to move forward," he said. "It would go a long way in the prevention and auditing of information. Implementing FICAM across all fabrics is going to happen, where years ago, I'd have said 'It will never happen in my lifetime.' Now it will happen in my lifetime and I see the light at the end of the tunnel. It's not a train coming at me, but it's actually a light we can actually achieve. We can make it."