Broader tests involves new round of first responders and security technologies
By Marisa Torrieri, Contributing editor
The Office of the National Capital Region and the Department of Homeland Security will host at least three additional interoperability tests over the next five months, now that the first major test of smart-card interoperability for the nation’s first responder community panned out successfully.
In February, first responders from the National Capital Region, including the Pentagon, the Maryland and Virginia Departments of Transportation and the Port of Baltimore conducted the first of the first-responder tests, also known as the “Winter Fox” exercises. The tests simulated real-life national emergencies, with the purpose of ensuring interoperability of existing smart-card technology during a real-life incident.
“When 9/11 took place, one of the things [the government] found out was that there were people who wanted to respond, but couldn’t because the pentagon couldn’t figure out a way to make sure trusted people would come through,” says Tom Greco, VP of enabling technologies for Cybertrust, the contracted shared service provider for the Maryland DOT’s first responder smart cards. “Hence, the need for an interoperable identity card, so you can control access to the perimeter.”
As such, the forthcoming tests will focus on the lessons learned from the first exercises, and include a broader range of emergency personnel from the National Capital Region and other FEMA regions, says Anthony Cieri, senior advisor to Department of Homeland Security head Tom Lockwood.
“It’s for a whole group of people who have to respond to a crisis outside of government communities,” Mr. Cieri says. This includes “utility workers, medical workers, telecom workers … the idea was to show that credentialing, by those who owned the identities, can be trusted (by other organizations).” The tests are a testament to the government’s capability to set up a trust infrastructure across multiple jurisdictions, Mr. Cieri adds.
“We’ve set up a trust model, so (an authority) can make a much more informed decision,” Mr. Cieri continued. “An incident commander knows they have “x amount of law enforcement, x amount of telecom workers” so they can put them to work in a much better response and recovery mode.”
In addition to improving the response rate of federal and state-level emergency responders, the tests coincide with the larger federal government mandate – HSPD 12 – that calls for the use of high-level access control technology to improve the security of government workers (and access to government facilities). For the current exercises, DHS Is leveraging the technology aspects of FIPS 201 (the standard developed to meet HSPD-12) to improve the response rate of l emergency responders defined in HSPD 8 (a Presidential directive to increase national preparedness in the event of attack or disaster), Mr. Cieri adds. Such emergency personnel are essential during time-sensitive crises such as the Sept. 11, 2001, attacks, as well as the Hurricane Katrina relief efforts. Had such technology been used during these incidents, there would have been fewer holdups to first-responder personnel, including firefighters, physicians and nurses, getting access to emergency epicenters.
The ultimate goal of the continued real-life exercises is to ensure the first responder community has secure access to scenes of crisis – and a variety of methodologies to authenticate identity. As such, a wider audience will be invited to participate. The next tests will include broader range of participants and technologies that conform to the specification, such as biometrics fingerprint technology. Facial biometrics was tested in the first exercise because the latest standard of fingerprint biometrics was only recently approved for the new FIPS 201 PIV cards, Mr. Cieri says.
But the fact that the tests are underway is a huge sigh of relief, say authorities involved with the tests. “You’re going to have people who make up the first responder community who may be credentialed by a number of authorities. You have people with emergency medical skills who might be issued a card through one process, and utility workers who use another card,” notes Mr. Greco. “The real challenge is, making sure that when these credentials are issued, that they can interoperate in the same environment.”
Research and evaluate FIPS 201 Approved Products and get the latest info on compliant credentialing systems at FIPS201.com. Click to visit FIPS201.com.