Within a few years, Justice Department employees should be able to swipe a government-issued biometric smartcard to open buildings, databases in the cloud and even iPhone apps with no need to enter multiple passwords, according to contractors rolling out the technology.
The departmentwide $62 million initiative latches on to a White House shared-first policy released May 2 that presses all major federal agencies to cut spending on basic “commodity” technologies -- such as email and identity cards -- by merging the systems internally. Most Justice personnel already carry smartcards for entering agency buildings and unlocking computers, a post-Sept. 11 requirement. But the IDs, for the most part, are not compatible with devices or locked doors outside an employee’s own bureau.
The new project aims to make the smartcards smarter and to save money by synching disparate IDs in line with the White House’s shared services policy, said officials with eMentum. The department’s long-time ID services provider, eMentum announced this contract expansion earlier in the week.
Today, Justice has about a dozen separate credentialing operations, the company’s president Carolyn Merek said. “We’re putting in measures that will federate those infrastructures with a single sign-on approach,” meaning a Bureau of Alcohol, Tobacco, Firearms and Explosives user can log on to an ATF laptop and navigate to a password-protected database at the Drug Enforcement Administration without reinserting a smartcard. “Single sign-on is a very big money-saver.”
The federal government is undergoing a $20 billion shift to cloud computing -- or farming out software and data storage to the Web -- that will tap a combination of private, government-restricted clouds and public server farms, such as those offered by Google. “These smartcards are a key enabler to any of those cloud offerings,” Merek said.
In response to employees’ pleas for permission to work on personal mobile devices, plans also are under way to equip tablets and smartphones with access rights, she added.
During the past five years, eMentum has distributed the personal identity verification, or PIV, cards to about 90 percent of the department, Merek said. Personnel used to carry a stash of IDs to pass through security at buildings. Today, there is one Justice Department badge. “The real focus now is just locking down this access with those PIV cards” across the computer assets, Merek said.
Currently, collaborating on presentations or documents using Microsoft’s SharePoint business software can be somewhat cumbersome because of various firewalls, she said. Under the new program, groups throughout Justice will be able to seamlessly interact on SharePoint with one smartcard.
In addition to connecting the department’s various ID systems, eMentum’s five-year contract involves installing card readers on buildings and computer devices. The Office of Justice Programs is standing up its own multimillion-dollar credentialing operations, though the project has been delayed by protests.
Merek said the linked ID environment will be designed to mesh with the worldwide “identity ecosystem” that the Commerce Department is spearheading in partnership with the private sector. The National Strategy for Trusted Identities in Cyberspace is envisioned as the computer account equivalent of a credit card payment system that accepts any form of certified ID for entry. A Justice employee, for instance, could book an office party on restaurant reservation service OpenTable.com by signing on with his agency credentials.