Single Government ID Moves Closer to Reality

NewbieV writes "The Washington Post is reporting that "federal officials are developing government-wide identification card standards for federal employees and contractors to prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems." The project is known as the Personal Identity Verification Project, and is being managed by the National Institute of Standards and Technology (NIST)."

Oh?

[mythosaz]

Wow, similar IDs for government employees? This might prove as dangerous to our freedom as, say, Military IDs.

Re:Oh?

[Alabama_Man]

Dangerous to our freedom? Our freedom is already in the toilet. Hell, even the future isn't safe anymore,it's being sold! So much for all your plans of a "unified id card".

Re:Oh?

[Staplerh]

Wow, similar IDs for government employees? This might prove as dangerous to our freedom as, say, Military IDs.

Oh, give me a break, who modded this 'Flamebait'. Give me a break, he had a valid point.

If you don't want a Federal ID card for employees/contractors, don't join the Federal government? This is more akin to a Military ID card than a 'national ID card'. I think this is a great analogy, and if I had meta-mod points I'd mod that unfair.

Re:Oh?

[The+Snowman]

Wow, similar IDs for government employees? This might prove as dangerous to our freedom as, say, Military IDs.

Exactly. This is not a federal ID for the masses, it is a combination ID card and access badge for secure facilities. It provides a single ID so checking IDs is easier.

Checking IDs at public places is retarded. Checking IDs at restricted access places like military bases, NASA, NSA, etc. makes a hell of a lot of sense. Joe Blow should not be allowed in the CIA headquarters. As it stands right now, each agency has its own ID card. Let's say the FBI is investigating a military member. The gate guard has to know what an FBI ID looks like if he is to provide effective entry control. By creating a common ID across the government, the gate guard knows where to look on the ID for the relevant information and what should be there.

I have one of the new military IDs. Military, civil service civilians, contractors, everyone uses the same damn ID but certain words are different, color coding is different (e.g. civil servants have a green stripe), etc. It has a microchip built in with RSA keys unlocked by a PIN. I can use it to log in to Windows NT and Solaris boxes with card readers. If this is the future of IDs for government workers, the government finally did something right for once.

Re:Oh?

[Xoro]

Oh goody, in your world the government is controlled by market forces and voluntary participation. That means I can choose not to pay taxes or follow the laws if I don't like them.

You pinhead.

The system is for government employees. Surely you can decide if you want to become a government employee or not?

I'm against this.. take three guesses why?

[Ckwop]

Oh dear jesus god no. If you're going to put all your eggs in one basket at least guard the basket well! The problem is that by unifying all the ID card systems they don't defend the basket as much as they should.

This point can be illustrated well with Safes. If it costs fifty pounds to break into a safe and only put forty pounds worth of valuables in the safe my safe is secure. If I get ten of these safes, each with forty pounds in them then the total of four hundred pounds worth of valuables is secure. Now let's say I decide to replace my ten safes with a single safe! A safe that only takes three hundred and fifty pounds to break in to is no good; I need a safe that is secure in the face of a four hundred pound attack or more.

The problem with centralising identifications systems is that the new scheme is rarely more secure than numerous schemes it replaces. Except, Except, this time this one ID acts as identification for many types of service and this makes everything less secure. Just for the sake of argument. Let's suppose I choose to attack the system in a certain way. Let say I want to obtain a real "fake"; that is, a card that is authentic but I've paid an employee that produces the cards to put bogus information on to the card. Rather than finding two friends in two different branches of government to supply me with a real card in a fake name I only have to find a single person. This type of weaking isn't just true for this limited type of attack - this weaking is there across the board.

Having different IDs is a simple security mechanism. It's the same reason that Microsoft's Passport technology is dying. Yes it might be more convient to have a single "sign in" but it means that you've produced a single global failure point for the entire system. Such systems are brital so please, I ask these people: hire some security professionals to make these decisions. Silly politicians making "security" decisions is about as helpful as putting a football coach in control of skyscrapper construction.

Simon.

Re:I'm against this.. take three guesses why?

[floodo1]

single system = single point of failure
which means when a single point fails, it ALL fails.

Re:I'm against this.. take three guesses why?

[kun]

I agree, a single point of failure is just asking to be taken advantage of. However, a single well-secured standard is much better than several well-secured standards, since the latter gives more points of possible attack. I.e a well defended main gate or several gates with the security spread amongst them... Sadly, it looks like those who designed the system are going for the single point of entry which is secured in a "let's get this done as soon as we can" fashion... Just take a look at this maze of a flow diagram! http://csrc.nist.gov/piv-project/PIV_model.pdf If their plan is to confuse people with respect to the actual usage of the card... thus foiling false identification attempts with a spaghetti bolognese of verification methods then I think they're succeeding!

Re:I'm against this.. take three guesses why?

[Talrias]

A safe's security does not depend on its contents if the contents are hidden (which most safes are, and so will ID cards). A locked box containing the Crown Jewels is no less safe than a box locked with the same type of device, containing 10 euros.

I think you are confusing the consequences of having the safe broken into with the ability to break into the box.

Chris

Re:I'm against this.. take three guesses why?

[mcg1969]

This is a very thoughtful analysis, and yet I still think it's a bit flawed, for two reasons.

First of all, 10 security systems are not necessarily more secure than a single system if a successful breach is defined as breaking into any one of them. That's because now there are 10 times as many possible methods for compromise. In other words, if there are 10 security systems, and a terrorist wishes to compromise just one of them, he is now free to analyze all ten and choose the weakest. Granted, with a single security system the terrorists have only one to focus on. So I can't say one system is certainly stronger than ten, but I don't think ten is a clear winner either.

Secondly, I think it's important to differentiate between a unified identification system and a unified security system. It's not enough for someone to forge the badge if he wishes to enter a secure building. That's because the building's security system limits access to only those badges pre-cleared for access. So the forger must now duplicate the valid ID of one of that building's occupants.

The point being that while the identification system is indeed centralized, the security for each building need not be.

Re:I'm against this.. take three guesses why?

[complete+loony]

But, a manager in building A should only be able to grant access to builing A, and query if you have permission to access building A, not the entire government. And anyone should be able to query the system to confirm your identity. Of course the system might be vulnerable to attacks that elevate privliges.

Re:I'm against this.. take three guesses why?

[John+Harrison]

hire some security professionals to make these decisions

Having been involved in the process for the TWIC card, I can tell you that security experts are involved. I can also tell you that a well-designed smart card based ID system is much harder to crack than the exisiting government ID badges, since the smart card can have all the same security features that dumb plastic card has plus the cryptographic protections of a smart card. Also it will be much easier to train people to verify the cards since there will only be one type of card to verify and it can be done electronically in addition to visually.

Of course as you point out, it might become more worthwhile to find a way to obtain a legitimate through fake breeder docs or simply bribery. However in a well designed system the smart card will only have permissions for accessing the agency that issued it, so a card from one agency will verify your id at another, but won't let you do anything that you couldn't do with a fake dumb card currently.

In short, I fail to see the downside if the system is implemented by someone with the slightest of clues.

Re:I'm against this.. take three guesses why?

[NoMoreNicksLeft]

Except that this isn't about protection from terrorists at all, its about control-freakism on a rampage.

The terrorist that defeats this, will be one with a valid ID as janitorial staff. Not someone trying to fake an ID as a junior senator. Duh.

Don't you wonder a little bit, that they're rushing to protect all the official buildings, when people like you and I will still be unsafe in public buildings? Do they think this will have protected us at the airport prior to 9/11, or in the towers? Even the pentagon, that was attacked, wasn't infiltrated with a fake ID, but with a 757 hellbent for the ground. Duh.

Centralization is a fetish for the elected nazi wannabees. It won't do a damn bit of good for you and me, and only a fool can't dream up at least one way for it to be abused...

Re:I'm against this.. take three guesses why?

[SilverspurG]

In short, I fail to see the downside if the system is implemented by someone with the slightest of clues.

Oh Lord. MOD THIS FUNNY.

You have seen the people who've been hired as security screeners at airports, haven't you? You are familiar with the perfection of implementation that DC is famous world-wide for, aren't you? You are familiar with the first rule of thumb which every 18-year old learns if they have to do any sort of real labor,"Good enough for government work."

And, again, what is a 1024-bit cryptographic signature going to give me at work that the security guard at the front desk wouldn't have caught to begin with in terms of identification? In the hiring process new employees are paraded around for everyone to see. Some unknown can't just walk in with an ID card and pretend he's worked there for years. Even visitors from off-site, who legitimately work for our company, are introduced to the front desk and escorted around.

Re:I'm against this.. take three guesses why?

[mcg1969]

The terrorist that defeats this, will be one with a valid ID as janitorial staff. Not someone trying to fake an ID as a junior senator. Duh.

Umm, I never said someone needed to impersonate a senator. In fact, a janitor is exactly the kind of thing I'd imagine, too. And yet, even janitors don't have access to every building in the government. My comment still applies.

Don't you wonder a little bit, that they're rushing to protect all the official buildings, when people like you and I will still be unsafe in public buildings?

Umm, no, I don't think they believe this would have stopped 9/11. In fact I'm hoping they go on the assumption that the terrorists are exploring different ideas as well. Besides, you sure do have some interesting logic: don't bother to protect anything because you're not protecting everything.

Re:I'm against this.. take three guesses why?

[John+Harrison]

I am not yet familiar with the PIV card standards. I am very familiar with the use of the TWIC card. The card is issued to those that work in the transportation sector after a more extensive background check than was previously done. It is not tied to their job. They use it to prove their identity when they go to a new job so that the effort of an extensive background check does not need to be repeated. They are then issued credentials for the facility that they work at, which may be electronic credentials on the TWIC card or might be a dumb card, depending on the facility. In other words, you can't just show up some place and use your card. You still have to go to security, they verify that you have a legitimate reason to be there (such as a new job) and issue the appropriate local credentials.

And, again, what is a 1024-bit cryptographic signature going to give me at work that the security guard at the front desk wouldn't have caught to begin with in terms of identification?

You answered your own question. If you don't want to go over your post again, I'll tell you. The system has no concept of "good enough for government work". So you don't have to worry about the guy at the front desk sleeping on the job. This way you get all the benefits of the guy at the desk (he'll still be there) and don't have the drawbacks that he brings with him.

Re:I'm against this.. take three guesses why?

[trimbach]

An identity card system is not the same as a security system; in fact, the governmental standards for single ID specifically preclude its use as a privilege system. The proposed ID's have the capability of identifying the individual as a government employee/contractor, and, combined with some other security systems, will grant or deny access to different assets (buildings, computer systems, etc.) But the card is not a magic golden ticket to let you do whatever you want. Just because I'm a fed and can walk into a Federal courthouse in Dallas doesn't mean I can walk into the Federal Reserve Building in New York.

That said, though, most government employees can enter most non-sensitive federal buildings with the ID's they already have. Federal employees from lots of different agencies need to do business with other agencies, and there's so much crossover that it's not practical for building access to be defined on an employee-by-employee basis. It's easier to say "no" to those few high-security buildings and areas than it is to say "yes" to the umpteen zillion buildings with minimal security concerns.

This is really a non-issue... for physical access this system is just a consolidated, unified approach to a system already in place. For electronic access (i.e., computers) this is just a varient of the secure smart card system already used by numerous private industries. The only real "universality" is that the ID's will look the same and the tech will come from a few contractors, instead of many. It will certainly save money as it replaces smaller, localized contracts that do the same thing. But it will not open the government to a single point of attack as many posters are implying. We will not be worse off than before, and will probably be better off.

Paranoia is fun, but this is not a big deal.

Not so bad

[tirefire]

Doesn't sound too bad - a single ID card for federal employees would be very handy - you just need one key to get into everything you have access to, instead of fumbling around with multiple keys and passcards.

Until the gov't starts implanting RFID tags in our skulls to track our every move, I don't really see the danger.

Or...

A single ID can be forged and used by terrorists for access to any government building! Brilliant!

Re:Or...

[mcg1969]

Let's forget terrorists for a moment, do you really believe these badges would be designed so that an employee of the Department of Agriculture can gain access to an NSA building?

Re:Or...

[Zocalo]

Exactly. These things will almost certainly be like swipe cards on steroids with multiple levels of validation as to what and what isn't permitted. In a typical swipe card system you divide your secured areas into zones, then assign each swipe card access on a zone by zone basis. That covers the "something you have" aspect of security, and you can still add in the "something you know" (keypad or other password system) and "something you are" (biometic) if you wish. Hell, you can even keep the people standing around with guns too if the situation merits it.

I've been at large multi-building, multi-location sites that have implemented this kind of thing using smartcards. The obvious gains of increased convenience, cost savings through having a common system and ease of management are all there, but a loss in operational security isn't. It's not that such systems are invulnerable (they're not by a long shot), but they are no more vulnerable than individual systems and it's *much* easier to be sure ex-employees are completely locked out.

Re:Or...

[chill]

No, I believe one of those badges given to a sub-contracted janitor would get them into an NSA building. Or do you believe the super agents scrub their own toilets at work?

It also depends on how they are implemented. I believe a stolen smart chip from card A, implanted into easier-to-get card B would be a major threat.

The devil is in the details.

Re:Or...

[chill]

If an agency like the NSA or CIA requires security clearance for their cleaning staff, and some do, then it is very likely that the same staff will be used for multiple locations and rotated around.

Getting clearance is expensive and it isn't just done on a whim. Once they have someone with clearance, that person is going to be used as often as possible.

If a person temporarily loses clearance, they will be rotated to a non-clearance required position until their clearance is reinstated. It happens all the time with military contractors.

reaching?

[sailforsingapore]

This is a ways away from a "single government ID". That makes it sound like we are all going to get barcodes on our necks, this is simply a way to streamline the process of verifying federal employees, just as corporations have for years...this is not a problem. It becomes an issue when the ID starts to become mandatory for the non-governmental public, where the potential for abuse is.

Online single sign on

[SilverspurG]

Does anyone really think that you should have a single sign on name and password for every online service, site, e-mail account? Would you want that single sign on to be linked with all of your bank accounts? Why is it bad to have everything linked together? What makes identity theft easier?

Forget trolling about tin-foil hats or paranoid people who have nothing to hide. Let's get back to the nuts and bolts of why, from the very beginnings of nature, squirrels put nuts in many different places.

interesting

[LBArrettAnderson]

I'm assuming that with the incredibly intelligent slashdot editors we have here, that the part we should be paying attention to is "contractors." Well, no, i still don't see why this is important news, let alone have anything to do with my rights online.

I'm not a government employee, and I don't plan on sneaking in to any government building that i'm not supposed to be in. Are you trying to say that we have a right to have illegal access to all government property?

Mixed bag

[wapanesechick]

It seems innocent the way it's being presented now. Yeah, this does run the risk of making it easier for terrorists to forge the ID because there's only one kind instead fo many, but I could see how it can be convienent. The only problem is that if this is suscessful, who's to say they aren't beyond a National ID for everyone, like some people were reading into it?

Re:Hey Slashdot,

[Gentlewhisper]

Given the recent articles today, do they put in a GPS transponder and a personal laser defense system on each of these?

Government-issued IDs are already here.

[Pendersempai]

Drivers' licenses are ubiquitous and necessary. They are marked with identifying data and a unique number. They have your picture. Authorities are allowed to ask for it, and in general citizens are expected to cough it up. They must be checked by private parties in certain circumstances (to prove your age, for example), and in other circumstance private parties insist on checking your drivers' license as a prerequisite to doing business with you (Blockbuster, e.g.)

Granted, each state keeps track of its own citizens' licenses, so I suppose that's one difference between the status quo and the ballyhooed National ID Card. But really, what else are we afraid of? Why don't we just bite the bullet and make citizens' identification cards necessary? The states can take care of issuing them and tracking the relevant data, and we can have laws about when authorities are not allowed to ask for identification, or when a citizen is not obligated to identify himself, just like we do with licenses. But not arbitrarily tying our ID cards to driving would be much more efficient. Why should it be harder for a blind man to identify himself at will simply because he cannot drive?

So to everyone terrified of national ID cards, wake up: that reality arrived long ago.

Security is related to competence, not plastic

[t_allardyce]

Im pretty sure most break-ins come from things like "can you swipe me in? i left my card in the car" or "i work for bob but they havnt put me on the system yet" and "hey can i just use your computer for a minute to print this?"

Yeah, right.

[audacity242]

I work for the VA, and one of my duties is to make ID cards...Somehow I doubt this is gonna happen anytime soon. I mean, heck, IDs aren't even standardized throughout the VA, each medical center has its own format. About a year ago they told us we'd have a new system in place "soon." Still don't have it.

Threat analysis

[TrumpetPower!]

Let's say you're a terrorist. And, further, let's say you want to hurt Americans. What will you do?

1) try to get into a government facility with a faked ID to do your terrorizing;

b) get a job at said government facility and then do your terrorizing with legitimate access;

or III) strap a bunch of explosives to your body, go to a movie theatre, buy a ticket, sit down, and blow yourself up halfway through the opening credits?

Cheers,

b&

They can't even do fingerprints!

[IO+ERROR]

Considering all the trouble the U.S. has putting together even a simple fingerprint database, I think this project is going to go nowhere fast.

Oh, and this story is a duplicate.

Re:Christians won't like it

[gmhowell]

Largely correct, except that you must replace "Christian" with "fundamentalist Christian" in every instance.

The Rapture also has little to do with not dying. Christ's appearance on Earth ca. 2000 years ago meant that none of us will 'die', but will live forever through Christ.

Not sure why the fundies can't grasp that.

Mexican Bandit says

[cpt_rhetoric]

Badges...We don't need no stinkin badges!

Sure.

[Dirtside]

federal officials are developing government-wide identification card standards for federal employees and contractors to prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems.

Yeah. I'm sure that this new ID card will "prevent terrorists, criminals and other unauthorized people from getting into government buildings and computer systems."

I smell someone trying to convince people that security can be had in a product, rather than requiring constant vigilance, like it really does.

Suprise! Already here

[TheCabal]

OK, apart from the fact that all of you who drive are already carrying a form of government-issued ID, the Department of Defense is already using something like this. It's called a CAC card. It's a combination identification and smartcard. It gets me onto the base, into the PX and helps decrypt my email. It's a straw-man argument to say that "the terrorists" are going to mass producing these and getting in and out of Ft. Meade at will. Just as it is not with my CAC card, I get get to every place on post. The level of effort is going to be far too difficult when there's so many other software targets to hit.

Spain had ID cards

[permaculture]

UK Parliamentary Committee Releases Report Damning ID System http://www.privacyinternational.org/article.shtml? cmd%5B347%5D=x-347-63601

Spain has ID cards, but that didn't prevent the Madrid train bomb: http://news.bbc.co.uk/2/hi/europe/3500452.stm

The British Parliament has abandoned their new ID cards for the Houses of Parliament despite the recent security breaches, as some hundreds have 'gone missing'.

Reasons against ID cards: http://www.bbc.co.uk/dna/ican/A2319176

------------

ID cards might well:

* Worsen harassment of ethnic minorities: They'll provide another pretext for stop-and-search, often directed at ethnic minorities

* Have little impact on counter-terrorism: Sophisticated terror networks would soon be able to produce counterfeit cards or papers enabling people to get legitimate cards

* Have little effect on illegal working: Employers who are already willing to break the law won't be put off by identity cards

* Lead to 'function creep': The functions of the card will grow over time as it stores more personal information. More people could demand to see it, effectively making it compulsory to carry one

* Lead to loss of privacy: There will be a massive database containing an unprecedented amount of personal information on people

* Be costly and impractical: There is scepticism about the cost and operability of the scheme, as well as the government's ability to manage the technology

----------------

Doubts over ID card scheme http://news.bbc.co.uk/1/hi/technology/2688697.stm

The human factor

[parvati]

What proponents of high-tech IDs tend to overlook is the importance of having people involved. A few years ago, I worked in a hospital/research center in NYC that had very tight security (for example, everyone was finger-printed before being issued an ID). The ID itself would presumably not be impossible for someone--especially someone motivated--to fake, but the security guards were another matter. They lived at the entrance to the building, and they pretty much recognized everyone who worked there. If they didn't recognize you, they stopped you, checked your ID, and called up to wherever you said you were going. This isn't a system that would work for a bulding accessible to the general public, but the majority of government buildings are only frequented by the people who work there ... for these buildings, attentive security guards are at least as important as fancy IDs.

Re:Not really

[crawling_chaos]

Passwords can be cracked. Should we stop using them? Locks can be picked. Do you leave your house door open?

Properly handled IDs do contribute to security, but they are not a panacea. Nor is anything else for that matter. Security is a process, not a technology, but dismissing a unified government employee ID as "totally useless" is just disengenous. At a minimum, it increases security by lowering the training burden on the officers responsible for checking on access rights. Can it be defeated? Sure. Is it harder to defeat than the hodgepodge of identification systems currently in use by federal agencies? Yes, it is. The current FDA IDs are a joke, for example. I would bet any talented forger would have no trouble producing a reasonable copy of one with today's technology.

How, exactly?

[jazman]

When will govts stop just saying that it will prevent terrorism and start saying how exactly?

Recently the UK government discussed returning motorbikes to having front number plates, which were removed because they were mounted on the front wheel sideways and in collisions with pedestrians the latter ended up with bits sliced off. The basis for the discussion was that it would stop terrorists and drug barons (and of course had nothing to do with the fact that front facing cash, er, safety cameras cannot identify motorbikes).

Now I don't know about anyone else but I really can't see how returning front number plates to motorbikes will do anything about drugs and terrorism. Perhaps they're hoping that drug barons and terrorists won't think to put front number plates on their motorbikes, and that therefore anyone without one must be one of these people?

It will of course make the whole policy completely ineffective when terrorists and drug barons start putting front plates back on their bikes. After all, it was a real bummer when they stopped going around in sandwich boards that had printed front and back I AM A DRUG DEALER, GET YOUR DRUGS HERE, and I HAVE A BOMB, PLEASE DON'T RUN AWAY.