Thank you for attending the DoD Identity Protection and Management Conference, April 18-22, in Orlando, Florida! Below are the presentations from the Physical Security Track, April 19-20th, which focused on HSPD-12 and the resulting FIPS-201 and their impact on the Physical Security community.
PS2: HOMELAND SECURITY PRESIDENTIAL DIRECTIVE (HSPD) 12 & DOD POLICY
Mr. John L. Haberkern
Description: This track addressed the basics of the HSPD #12 policy and its implications to DOD programs. The session included the policy related requirements of the FIPS-201 and the Personal Identity Verification Levels 1 and 2. It discussed the changes required to current DOD policies and directives, and the necessity for change. The discussion provided the Department’s time line for effecting change and those things we may expect in the near and mid-term.
PS3: (SP 800-73)/ CENTRAL CARD HOLDER UNIQUE IDENTIFICATION (CHUID) ISSUANCE
Mr. Frank E. Mazzone
Description: As a result of the HSPD #12, the Department of Commerce was tasked to prepare policy standards for a Federal level Personal Identity Verification Credential. Mr. Mazzone discussed the content of Special Publication 800-73 and the Technical Implementation Guidance for Smart Card Enabled Physical Access Control Systems v2.2. He also discussed the characteristics and the methods for central issuance of the Card Holder Unique Identification (CHUID) information. This is the method to be adopted by Defense Manpower Data Center (DMDC) for future Common Access Cards (CACs).
PS4: HOMELAND SECURITY PRESIDENTIAL DIRECTIVE (HSPD), BIOMETRICS/SP 800-76
Mr. Min Chong
Description: This session discussed the implications of HSPD #12 on the implementation of biometrics within the DOD. The discussion included the events that are driving the widened use of biometrics in both Information assurance and physical access. The content and implications of the Special Publication 800-76 were addressed and their impact on DOD’s plans for implementing biometrics across the department. The discussion addressed the role of the Biometrics Management Office (BMO) in meeting DOD’s goals and objectives, as well as broad timelines for implementation.
PS5: DODD 5200.8, SECURITY OF DOD INSTALLATIONS AND RESOURCES Changes
Mr. John L. Haberkern
Description: DODD 5200.8 is the base document that underpins the implementation directives issued by the individual Services. As such, the policy and guidance set forth therein drives the Services to write instructions that meet the intent of the over-arching Directive. The proposed changes to this document, its implications to the Services and the rationale for the changes were discussed.
PS6: DODD 1000.25, DOD PERSONNEL IDENTITY PROTECTION (PIP) PROGRAM
Ms. Mary Van Mullekom
Description: This directive is the basis for the Common Access Card and the protection of Service members’ identities. This directive has implications affecting the Physical Security Community. The overall objectives of the Personal Identity Protection Program (PIP) and the directive’s intent as well as the impact to Physical Access Control programs Department wide were discussed.
Ms. Heidi Boyd
Description: With the issuance of the Presidential Directive and the subsequent standards and technical requirements, there has been much interest in what the actual credentials will look like and how much influence individual agencies will have in the appearance of the card.
PS8: DEFENSE BIOMETRIC IDENTIFICATION SYSTEM (DBIDS)
Mr. Mark Breckenridge
Description: The defense Manpower Data Center has created a system for the secure issuance of access credentials and for verifying identities at the point of use. This session discussed the development of this system, its potential to meet user requirements and future developments. Mr. Breckenridge explained how this tool can aid Security managers in meeting their security requirements within the policies and directives being issued by higher authority.
PS9: DEFENSE CROSS CREDENTIALING SYSTEM (DCCIS)
Mr. Perry Tsacoumis
Description: This presentation discussed the impact of recent mandates on real-world contractors–issues that were ranged, and how those issues were overcome (in some cases), or circumvented (in others). The presentation included the input and participation of other contractors.
PS10: U.S. NAVY “ENABLER”
Mr. Larry Hembree
Description: Enabler is a CNI standard solution for authentication and revocation for CAC applications across the entire CNI enterprise. It manages authoritative data sources for enterprise database, such as DEERS (ADR/ADW), DFAS, etc. Enabler provides a standard gateway for all applications using the CAC. CAC applications such as Food Service, manifest tracking, MWR and access control would use this CNI Solution as the single interface into these authoritative data sources for authentication and revocation purposes. Enabler bridges the gap between these enterprise data sources and local requirements for implementing applications to ensure that before any benefit, service or access is granted that the card and identity is properly authenticated and ensures the cardholder is not on any revocation list. Its implementation structure closely follows HSPD-12 and provides for a common IT framework for CNI applications to ensure they meet all current or future DoD/Navy directives for security.
PS11A: U.S. ARMY
Mr. Eddie Howton
Description: The Army has moved swiftly from an open base policy to one of identity verification and physical access controls at their gates. Several pilot projects have used a variety of technologies to achieve perimeter security and control. The Army presented their interpretation of the impact HSPD-12 will have on their programs, and what steps will be required to meet the overall goals and objectives of higher authority.
PS11B: U.S. AIR FORCE
Mr. Thomas Yaeger
Description: The Air Force has implemented several efforts to address Front Gate access using a variety of innovative processes and equipments. The Air Force presented their interpretation of the impact HSPD-12 will have on their programs, and what steps will be required to meet the overall goals and objectives of higher authority.
PS11C: U. S. MARINE CORPS
Mr. Tim Bootle
Description: The Marine Corps has long been an advocate of common credentialing and has implemented a version of physical access control that uses the Common Access Card. This presentation discussed how the Marine intends to expand their systems to include the requirements of the HSPD-12.
PS11D: U. S. NAVY
Cmdr. Chris Decker
Description: Several pilot projects are planned that use a variety of technologies to achieve perimeter security and control. The Navy presented their interpretation of the impact HSPD-12 will have on their programs, and how their pilot programs will lead to a Navy wide enterprise solution.
Research and evaluate FIPS 201 Approved Products and get the latest info on compliant credentialing systems at FIPS201.com. Click to visit FIPS201.com.