The neutrality of this article is disputed. Please see the discussion on the talk page.

Common Access Card issued to Contractor personnel

The Common Access Card (CAC) is a United States Department of Defense (DoD) smartcard issued as standard identification for active duty military personnel, reserve personnel, civilian employees, and eligible contractor personnel. Image File history File links Unbalanced_scales. ... Image File history File links RedactedCAC.jpg Summary A Common Access Card, with personal data redacted. ... Image File history File links RedactedCAC.jpg Summary A Common Access Card, with personal data redacted. ... The United States Department of Defense (DOD or DoD) is the federal department charged with coordinating and supervising all agencies and functions of the government relating directly to national security and the military. ... A smart card, or integrated circuit(s) card (ICC), is defined as any integrated circuitry embedded into a flat, plastic body. ...

The CAC is used as a general identification card as well as for authentication to enable access to DoD computers, networks, and certain DoD facilities. It also serves as an identification card under the Geneva Conventions.^[1] The CAC enables encrypting and crytographically signing email, facilitating the use of PKI authentication tools, and establishes an authoritative process for the use of identity credentials. Development of the Geneva Conventions from 1864 to 1949. ... In cryptography, a public key infrastructure (PKI) is an arrangement that provides for trusted third party vetting of, and vouching for, user identities. ...

Objectives

The CAC has many objectives, including controlling access to computer networks, enabling users to sign documents electronically, encrypt email messages, and enter controlled facilities. This new DoD identification (ID) card, or CAC, is being issued to all active duty military, Reserves, National Guard, DoD civilians and eligible DoD contractors who need access to DoD facilities or DoD computer network systems:

• Active Duty Armed Forces
• Reservists
• National Guard members
• National Oceanic and Atmospheric Administration
• Public Health Service
• Emergency-Essential Employees
• Contingency Contractor Employees
• Deployed Overseas Civilian
• Non-Combatant Personnel
• DoD/Uniformed Service Civilians residing on military installation in CONUS, HI, AK, Puerto Rico, or Guam
• DoD/Uniformed Service Civilians or Contracted Civilian residing in a foreign country for at least 365 days
• Presidential Appointees approved by the Senate
• DoD Civilian Employees
• Eligible Contractor Employees

Future plans include the ability to store additional information the incorporation of RFID chips or other contactless technology to allow seamless access to DoD facilities. An EPC RFID tag used for Wal-Mart Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags or transponders. ...

Implementation

As of July 2004, DoD has issued over 5.4 million smart cards. (This number includes reissues to accommodate changes in name, rank, or status and to replace lost or stolen cards.) As of the same date, approximately 3 million unterminated or active CACs are in circulation. DoD has deployed an issuance infrastructure at over 930 sites in more than 25 countries around the world and is rolling out more than 1 million card readers and associated middleware. July is the seventh month of the year in the Gregorian Calendar and one of seven Gregorian months with the length of 31 days. ... 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ...

Currently, it can be used for access into DoD computers and networks. It can be used in conjunction with a smartcard reader to gain access to a computer. Also, certain US military web sites, such as Army Knowledge Online (AKO), require a user to log-in using a CAC to perform certain functions that require stronger credential authentication than a traditional HTTP basic authentication. A smart card, or integrated circuit(s) card (ICC), is defined as any integrated circuitry embedded into a flat, plastic body. ... Army Knowledge Online (AKO) is the worlds largest corporate intranet, and the US Armys single approved enterprise-class web portal. ... In the context of a HTTP transaction, the basic authentication scheme is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request. ...

The program that is currently used to issue CAC IDs is called RAPIDS. The system is secure and monitored by the DOD at all times. Users have to go through a special course and be certified to issue CAC Cards. Different RAPIDS sites have been setup throughout military installations in and out of combat theater to issue new ids.

Objections

There are several objections to the use of this card, including mission capability, and scalability.

Mission capability

While most CAC users remain at the same workstation, an ever-increasing number of government websites are requiring the use of the CAC for authentication. The problem with this approach is that many people who have a legitimate requirement to access these websites, are, by the very nature of their duties, required to access those sites from non-CAC enabled workstations, often while TDY or deployed, and at workstations over which they have no administrative control, and on which they may be prohibited from installing a CAC reader. Thus, the username/password approach must be kept as a backup to CAC employment for these personnel.

Scalability

The US Army has enjoyed password scalability, or single point access to many SSL-secured websites through its Army Knowledge Online program for several years. However, some authorities believe that password-based logins are obsolete: “Passwords are a flawed technology,” according to Tom Gilbert, CTO of Blue Ridge Networks, "They aggravate the users who have to remember them and the administrators who rely on them to secure their systems." Similarly, “Passwords don’t scale,” said Mary Dixon, director of the Common Access Card Office in the Defense Manpower Data Center ^[2]. Army Knowledge Online (AKO) is the worlds largest corporate intranet, and the US Armys single approved enterprise-class web portal. ...

Non-Windows Support

The Common Access Card, historically, has only been supported by Windows machines, however an increasing number of Department of Defense workstations are using operating systems such as Linux or Mac OS X. Fortunately, Apple has done work for adding support for Common Access Cards to their operating system right out of the box using the MUSCLE (Movement for the Use of Smartcards in a Linux Environment) project. The procedure for this has been well documented by the Naval Postgraduate School in the publication "CAC on a Mac" at http://cisr.nps.edu/pub_techrep.html . Some work has also been done in the Linux realm. Some users are using the MUSCLE project combined with Apple's Apple Public Source Licensed Common Access Card software. Another approach to solve this problem, which is now well documented, involves the use of a new project, CoolKey, to gain Common Access Card functionality. This document is available publically from the Naval Research Laboratory's Ocean Dynamics and Prediction's publications page by the author, Kenneth Van Alstyne, http://www7320.nrlssc.navy.mil/pubs.php . Linux (IPA pronunciation: ) is a Unix-like computer operating system family that uses the Linux kernel. ... Mac OS X (official IPA pronunciation: ) is a line of proprietary, graphical operating systems developed, marketed, and sold by Apple Inc. ... The Naval Postgraduate School in Monterey, California, United States is a graduate school operated by the United States Navy. ... The Apple Public Source License is the open source license under which Apple Computers Darwin Project was released. ... -1...

Common Problems

The CAC card is far from perfect due to design flaws. The microchip can be damaged easily from foriegn objects scratches such as sand. Looking at the card at a more technical level, the cards have certificate issues where users can't log on even through their computers are setup correctly. Also different brands of cards have posed an issue with different systems.

References

The English language is a West Germanic language that originates in England. ... 1991 (MCMXCI) was a common year starting on Tuesday of the Gregorian calendar. ... June 5 is the 156th day of the year in the Gregorian calendar (157th in leap years), with 209 days remaining. ... For the Manfred Mann album, see 2006 (album). ... December 1 is the 335th (in leap years the 336th) day of the year in the Gregorian calendar. ...

External links

• CAC: Common Access Card
• Defense Manpower Data Center
• Smart Card Alliance: Department of Defense Common Access Card Profile
• ActivIdentity Common Access Card middleware