Department of Defense and Private Federation Sign Agreement Creating Interoperable Identity Network
HERNDON, Va., Feb. 6 /PRNewswire/ -- A federation that includes many of the nation's largest information technology companies announced today that it has signed an agreement with the Department of Defense (DoD) to connect identity systems and establish an interoperable authentication network. The agreement formalizes the relationship between the Federation for Identity and Cross-Credentialing Systems, Inc. (FiXs) and the Defense Manpower Data Center (DMDC), which have been working together since 2003 to develop a secure means of authenticating one another's employees while protecting their personal information.
"Over the last two years the Department of Defense has worked aggressively on policies, processes, and technologies to substantively raise the bar on force protection," said DMDC Deputy Director Mary Dixon. "To do this effectively, we must ensure that the person coming through our gates or in our doors has been given access, that we can confirm that person's identity, and when that person's affiliation or trustworthiness changes, you know that in as near real-time as possible. To accomplish this we are moving towards federated agreements and solutions that allow members to trust each others' credentials. This trust is built on establishing clear, documented, and auditable rules dealing with identity proofing, vetting, authentication, privacy protection, timely revocation, and use of biometrics."
The network established by connecting the DoD and FiXs systems verifies an employee's identity by relying on a federated approach whereby each employee's personal information is maintained by his or her employer. The system is based on the model of commercial ATM networks, in which each customer can use his or her bank's card and each bank retains its customers' account information and relationship. DMDC and all private sector federation members retain their own employees' information; there is no central database. To ensure trust and interoperability, Federation members adhere to a common set of operating rules and a uniform trust model.
The Founding Members of FiXs are:
* BearingPoint, Inc.
* Data Systems Analysts, Inc
* Lockheed Martin Corporation
* NACHA - The Electronic Payments Association
* Northrop Grumman
* SAFLINK Corporation
* SRA International, Inc.
* SRP Consulting Group, LLC
* Unlimited New Dimensions, LLC
* Wave Systems Corp.
The Full Members of FiXs are:
* Citigroup Inc.
* ChoicePoint Government Services
* Disaster Management Solutions, Inc.
* EID Passport
* Giesecke & Devrient Cardtech, Inc.
* Wells Fargo
Mike Mestrovich, President-Elect of FiXs, explained that the FiXs Board of Directors and other FiXs committees will include a DMDC member and that FiXs will have representation at related DMDC forums and meetings. Mestrovich said, "To ensure interoperability and security within this public/private network, the lines of communication and governance must be open and inclusive."
In keeping with the agreement, FiXs is operating its own trust broker, which will route identification (ID) verification requests between the participating companies. DoD will operate a separate, but connected, trust broker for its employees. The network will include major credentialing systems operated by DMDC.
By relying on both the public and private sectors, the interoperable network will be able to achieve consistency with Homeland Security Presidential Directive-12 - a mandate from President Bush that all federal employees and contractors have secure credentials to enter federal buildings and log on to federal computers - in a way that spreads development and implementation costs between all network participants. The costs of complying with HSPD-12 are further mitigated because in many cases participants can use their own company or government ID and existing legacy systems will remain intact. FiXs will also meet HSPD-12 requirements for secure smart cards when those standards are set in 2006.
For additional information on FiXs, please visit http://www.fixs.org .
Source: Federation for Identity and Cross-Credentialing Systems, Inc.