Smart cards advance in IT security, federated identity

The number of U.S. employees using smart card technology to access computers and networks at work continues to grow as enterprises look for better ways to protect information, according to presenters at the joint Smart Card Alliance annual meeting and CTST conference last week. Compounding this growth is the rise of federated identity networks in the pharmaceutical, aerospace and defense, and government sectors.

The pharmaceutical industry is moving rapidly to use digital identification and signatures, and the companies involved are mostly using smart cards or USB tokens. The organization’s membership is a who’s who of the industry, including Pfizer, Johnson & Johnson, Merck and Proctor & Gamble.

The most popular application is electronic lab notebooks. Researchers are required to have a witness sign and date records for every experiment they do, replacing these wet signatures is a big time saver.

The aerospace and defense industry, working with the UK Ministry of Defense and the U.S. Department of Defense, has a similar global initiative called the Transglobal Secure Collaboration Program (TSCP). It aims to provide a trust network for federated identities and secure information exchange between governments and defense contractors worldwide. This will ultimately impact some 300,000 companies in the global supply chain.

The Boeing Co. uses smart card credentials for medium or higher assurance identity authentication within the TSCP framework. Boeing was one of the first large corporations to issue smart cards to all of its employees, and has issued 160,600 “SecureBadges” for both proximity physical access control and strong authentication for desktop and network access. The company is starting to look at a next generation card that is FIPS 201 compliant.