Defense Transformation Banner
 
Computer Logon Changes to Improve Security

Smart cards will be mandatory for people gaining access to government computers.

By Dennis S. Hernit / Air Force Materiel Command

WRIGHT-PATTERSON AIR FORCE BASE, Ohio, April 4, 2006 – Logging onto a government computer will never be the same for most people starting in August thanks to tighter security measures taking place across the Defense Department. 

The changes are a response to ongoing attacks on government computer systems by organized groups, which are often outside the United States.

The Air Force Materiel Command will begin transitioning to the new logon procedure this month.

Once the new system is operable, people will have to use their Common Access Card and a personal identification number (PIN) to access a government computer.

"Information riding our networks is more valuable than ever, while the threats facing our networks grow in sophistication on a daily basis," said Lt. Gen. Michael Peterson, the Air Force Chief Information Officer, in an Air Force Times interview. "The simplest and most effective way to mitigate the risk is with smart card logon."

"Information riding our networks is more valuable than ever, while the threats facing our networks grow in sophistication on a daily basis. The simplest and most effective way to mitigate the risk is with smart card logon."

U.S. Air Force Lt. Gen. Michael Peterson

Requiring people to use their smart card to log on to their computers will add an extra layer of protection the Defense Department is looking for in a time when information security is so crucial.

"Air Force smart card logon (Common Access Card logon) is more secure than a traditional username and password logon because it requires two factors," said Daniel O'Neal, the director and program manager of the Air Force Public Key Infrastructure System Program Office, Lackland Air Force Base, Texas.

"The first factor is called 'something you have', the CAC.  The second factor is 'something you know,' your PIN,” noted O'Neal.

"The current way we access a government computer uses two things we know from memory, a username and password," he explained. "The username and password system can be easily compromised and easily stolen without a person even knowing it."

The focus on computer security is an extension of what Michael W. Wynne, Secretary of the Air Force, has been focusing on since he was appointed.

In a letter to airmen in November 2005 the secretary introduced the new Air Force mission that included delivering options for defense of the United States "in Air, Space, and Cyberspace."

The new emphasis on cyberspace is a result of continued threats and attacks on government computer systems.

In a February 2006 speech at an air warfare symposium at Lake Buena Vista, Fla., Wynne discussed the Air Force's various projects with cyberspace technology.

About using new technology and anticipating what an adversary may do, he said "Our enemies, unfettered by the traditional constraints of distance, space, time, and funding, could strike us anonymously and lethally."

"Cyberspace is an important component of our plan, " Wynne noted. "Its national boundaries and social/political divides are minimal barriers to operations, and anyone can become a peer competitor with the United States in this arena."

With an increased emphasis on protecting government information, the people responsible for operating and protecting the Defense Department's information grid, Joint Task Force - Global Network Operations, told them to push up its plan for desktop, laptop, server and Web site security.

One of the actions of this tasking was to implement the new logon procedures by the end of July 2006.

To satisfy the mandate, Air Force Materiel Command will implement SCL-only (smart card logon-only) base-by-base starting in April, and will continue through July, officials said.

Tinker Air Force Base, Okla., and Eglin Air Force Base, Fla. are set to implement the changes no later than April 30. 

"People should ensure their computers have a CAC reader installed, along with the ActivCard Gold software," O'Neal said.

ActivCard Gold allows computers to communicate with software programs that are coded into the CAC's computer chip.

People should contact their unit's client support administrator, formerly called the workgroup manager, if they need the reader or the software installed.

"People should also make sure their cards (CAC) are working properly," said Maj. Martin Solis, Chief of the Identity Management Branch at the Air Force Communications Agency.

The process for checking CAC cards varies by base, officials said. Some bases may create a Web site that people can access to check their cards. Other bases may use email for people to send a CAC-signed message to a specific mailbox.

Another added security feature to the process allows a user only three attempts total to gain access to a government computer.

When an incorrect personal identification number is entered three times, the CAC will have to be reset from a special workstation.

"CAC PIN reset workstations are already available on all Air Force Materiel Command bases," said O'Neal. "This will help people who have forgotten their PIN or put in the wrong PIN three times."

A list of reset workstations is available from a link on the Air Force Materiel Command Web site. Unit client support administrators can assist those who need to find the nearest PIN reset workstation.

Air Force Materiel Command bases are preparing for the changes and getting people ready by individual and large briefings.

More information about the new logon procedures can be accessed through a briefing on the Air Force Materiel Command and Air Force Public Key Infrastructure Web sites. 

(Capt. Paul Baldwin, Air Force Materiel Command Public Affairs, contributed to this article)

DoD Homepage War on Terror News Products Press Resources Images Contact Us
Oct. 22, 2014
Search
  SPECIAL REPORTS
  Defense Transformation Banner
-