Slashdot Mirror

← Back to Stories (view on slashdot.org)

Single Government ID Moves Closer to Reality

Posted by samzenpus on from the papers-please dept.

NewbieV writes "The Washington Post is reporting that "federal officials are developing government-wide identification card standards for federal employees and contractors to prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems." The project is known as the Personal Identity Verification Project, and is being managed by the National Institute of Standards and Technology (NIST)."

6 of 239 comments (clear)

  1. Not so bad by tirefire · · Score: 3, Informative

    Doesn't sound too bad - a single ID card for federal employees would be very handy - you just need one key to get into everything you have access to, instead of fumbling around with multiple keys and passcards.

    Until the gov't starts implanting RFID tags in our skulls to track our every move, I don't really see the danger.

  2. interesting by LBArrettAnderson · · Score: 3, Informative

    I'm assuming that with the incredibly intelligent slashdot editors we have here, that the part we should be paying attention to is "contractors." Well, no, i still don't see why this is important news, let alone have anything to do with my rights online.

    I'm not a government employee, and I don't plan on sneaking in to any government building that i'm not supposed to be in. Are you trying to say that we have a right to have illegal access to all government property?

  3. Re:I'm against this.. take three guesses why? by mcg1969 · · Score: 2, Informative

    This is a very thoughtful analysis, and yet I still think it's a bit flawed, for two reasons.

    First of all, 10 security systems are not necessarily more secure than a single system if a successful breach is defined as breaking into any one of them. That's because now there are 10 times as many possible methods for compromise. In other words, if there are 10 security systems, and a terrorist wishes to compromise just one of them, he is now free to analyze all ten and choose the weakest. Granted, with a single security system the terrorists have only one to focus on. So I can't say one system is certainly stronger than ten, but I don't think ten is a clear winner either.

    Secondly, I think it's important to differentiate between a unified identification system and a unified security system. It's not enough for someone to forge the badge if he wishes to enter a secure building. That's because the building's security system limits access to only those badges pre-cleared for access. So the forger must now duplicate the valid ID of one of that building's occupants.

    The point being that while the identification system is indeed centralized, the security for each building need not be.

  4. Re:Christians won't like it by gmhowell · · Score: 2, Informative

    Largely correct, except that you must replace "Christian" with "fundamentalist Christian" in every instance.

    The Rapture also has little to do with not dying. Christ's appearance on Earth ca. 2000 years ago meant that none of us will 'die', but will live forever through Christ.

    Not sure why the fundies can't grasp that.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  5. Re:I'm against this.. take three guesses why? by mcg1969 · · Score: 4, Informative
    The terrorist that defeats this, will be one with a valid ID as janitorial staff. Not someone trying to fake an ID as a junior senator. Duh.

    Umm, I never said someone needed to impersonate a senator. In fact, a janitor is exactly the kind of thing I'd imagine, too. And yet, even janitors don't have access to every building in the government. My comment still applies.

    Don't you wonder a little bit, that they're rushing to protect all the official buildings, when people like you and I will still be unsafe in public buildings?

    Umm, no, I don't think they believe this would have stopped 9/11. In fact I'm hoping they go on the assumption that the terrorists are exploring different ideas as well. Besides, you sure do have some interesting logic: don't bother to protect anything because you're not protecting everything.

  6. Re:I'm against this.. take three guesses why? by John+Harrison · · Score: 2, Informative
    I am not yet familiar with the PIV card standards. I am very familiar with the use of the TWIC card. The card is issued to those that work in the transportation sector after a more extensive background check than was previously done. It is not tied to their job. They use it to prove their identity when they go to a new job so that the effort of an extensive background check does not need to be repeated. They are then issued credentials for the facility that they work at, which may be electronic credentials on the TWIC card or might be a dumb card, depending on the facility. In other words, you can't just show up some place and use your card. You still have to go to security, they verify that you have a legitimate reason to be there (such as a new job) and issue the appropriate local credentials.

    And, again, what is a 1024-bit cryptographic signature going to give me at work that the security guard at the front desk wouldn't have caught to begin with in terms of identification?

    You answered your own question. If you don't want to go over your post again, I'll tell you. The system has no concept of "good enough for government work". So you don't have to worry about the guy at the front desk sleeping on the job. This way you get all the benefits of the guy at the desk (he'll still be there) and don't have the drawbacks that he brings with him.

    --
    Lasers Controlled Games!