Executive Director's Letter
Dear members and friends of the Alliance,
You must excuse me if it sounds like I am rambling on this month, but the adrenalin rush from the just-concluded 4th Annual Smart Cards in eGovernment Conference has not subsided yet. The months of preparation leading up to event paid off royally for the Smart Card Alliance organization, the smart card industry, and our government audience. The conference attendance surpassed 500 people, up 40% from last year's event. More importantly, extending the conference an extra day to 3 days did not dilute the program agenda, as each panel and session was well-attended up until the afternoon of the final day, when Friday afternoon fever finally set in. Having the FIPS 201 signed and released, the accompanying SP 800-73 technical document out for comment, the Federal Identity Management Handbook published for review, and the ePassport interoperability testing in Japan happening all at the same time as the conference was being held made this conference particularly momentous - and it delivered!
To all of the speakers from government and industry, I offer my sincere thanks for preparing informative and valuable presentations on government identity credentials, including ePassports. I especially want to thank Judith Spencer (FICC chair) and John Moore (Federal Smart Card Project Managers Group chair) for their contributions to the conference program. Additional credit goes to the government smart card standards team from NIST, led by Ed Roback, Division Chief of NIST, along with Tim Grance, Jim Dray and Terry Schwarzhoff, for their dedicated work leading the standards committee on the FIPS 201 Personal Identity Verification (PIV) specification. Also, my thanks go out to the many contributors from the Interagency Advisory Board, chaired by Bob Donelson, who shared the knowledge and advice that only comes from first-hand experience within their own organizations and gave encouragement and hope to the eager Federal agency representatives who must now follow their lead. With so many government spokespeople to hear from, it was a challenge to find enough time for our smart card industry experts to give their reaction to the new standards and applications for smart cards in government. Those industry experts who we were able to make room for gave straightforward, non-commercial, informative talks that added to the upbeat atmosphere surrounding the conference. Finally, my sincere appreciation goes out to the many exhibitors and sponsors who contributed their personnel and resources to allow us to put on such a great event.
This month Smart Card Talk spoke with Robert Wilberger, Sr. Executive, Identity Management Solutions, Northrop Grumman Corporation, and member of the Smart Card Alliance Executive Board.
1. What are Northrop Grumman's main business profile and offerings?
Northrop Grumman Corporation is a global defense company headquartered in Los Angeles, California. Northrop Grumman provides technologically advanced, innovative products, services and solutions in systems integration, defense electronics, information technology, advanced aircraft, shipbuilding and space technology. With more than 125,000 employees, and operations in all 50 states and 25 countries, Northrop Grumman serves U.S. and international military, government and commercial customers.
Northrop Grumman Information Technology, headquartered in McLean, Va., is a trusted IT leader and premier provider of advanced IT solutions, engineering and business services for government and commercial clients. The company's technological leadership spans such areas as homeland security solutions, health IT solutions, secure wireless, cyber and physical assurance, IT and network infrastructure, managed services, knowledge management, modeling and simulation, and geospatial intelligence solutions.
Feature of the Month
Identity Management Systems, Smart Cards and Privacy
No matter where you go today, it is likely that at some point someone will ask to see your ID. Today identity verification is routinely requested in a variety of familiar situations--when someone wants to obtain health care, enter a public building or corporate office, or get on an airplane.
Organizations that need to verify identities find that concerns about privacy and the protection of personal information quickly emerge as key issues when they consider new identity management systems. An organization's specific requirements for safety and security must be balanced against the genuine desire to protect the privacy of the individuals whose identities need to be verified. This requirement--how to identify people unequivocally while also protecting their privacy--shapes every discussion of how to design, build, or implement a new, secure, identity management system.
Designing a new identity management system is complex, and the requirement to balance security and privacy affects everything about a system design, from the policies and processes formulated to support and maintain the system to the system's architecture and the particular technology chosen to authenticate individuals.