Army Begins CAC Cryptographic Logon
January 24, 2006
The U.S. Army began implementing this month the Common Access Card Cryptographic Logon which requires a special identification card, known as a CAC, and a personal identification number to log on to the Army’s unclassified network. By March, approximately 10,000 Army headquarters users are expected to be CAC-cryptographic-logon compliant. By summer, implementation should be Army-wide.
“Protecting identity is critical as the Army moves forward to deliver a joint net-centric, information enterprise,” said Lt. Gen. Boutelle, Chief Information Officer/G-6 (CIO/G-6).
“One of the greatest vulnerabilities of our networks is posed by weak user names and passwords,” Boutelle said. “Spyware or keystroke tracking software can steal your username and password, and even your personal identification number or PIN. It cannot steal your CAC. The Army’s goal is to eliminate the use of username and password.”
CAC logon allows you to be authenticated with something you know—your PIN, and something you have—a CAC. CAC is a type of smart card with electronic information about an owner and digital public key infrastructure (PKI) certificates that insure identity.
Part of the CIO/G-6 mission is to protect and defend the Army systems, networks and information. Key to that mission is reducing vulnerability of the unclassified network through security measures such as card-cryptographic logon. Common Access Card Cryptographic Logon also meets the directives on identity protection published by the Army Vice Chief of Staff in 2005 and the President in 2004 (Homeland Security Presidential Directive 12).
Recently, DoD’s Joint Task Force Global Network Operations started accelerating PKI implementation throughout DoD.
In the near future, the Army’s intranet Army Knowledge Online will also require CAC logon. The Army is currently testing and vetting the capability to use CAC logon outside Army networks.
- 30 -
For more information, contact Ms. Margaret McBride, CIO/G-6, at (703) 693-3067 or Ms. Alisa Petitt, PKI Division, at (703) 769-4501
|Join the GlobalSecurity.org mailing list|