Folks, while we argue fine points we drift towards irrelevance
[1] National ID in Development (USA Today) [2] Computer Security, Biometrics Dominate NIST Agenda (Washington Post) --dan [1] National ID in Development USA Today, 22 January 2002 Federal and state groups are moving to create a national ID card that contains fingerprints or magnetic strips, according to officials at the Justice Department and General Services Administration. According to a recent poll, 54 percent of adults support the creation of a national ID card. The figure is lower than those of polls from two month ago, in which two-thirds of adults supported such a move. A group of state officials, meanwhile, is seeking congressional approval to standardize documents for verifying identity when issuing driver's licenses. Sen. Dick Durbin (D-Ill.) has proposed federal funding for developing driver's license standards, including studies on fingerprints, palm prints, iris scans, face scans, or DNA. Durbin's proposals also allow motor vehicle authorities to access databases from the INS, the Social Security Administration, and unspecified law enforcement agencies. The bill would make the driver's license more reliable, he said. Similarly, the American Association of Motor Vehicle Administrators wants Congress to pass laws to fund a data-sharing network between the license agencies and federal agencies. Privacy advocates believe that the public will eventually come out in opposition of a national ID system. [2] ****Computer Security, Biometrics Dominate NIST Agenda By Brian Krebs, Newsbytes. WASHINGTON, D.C., U.S.A., 16 Jan 2002, 4:33 PM CST The events of Sept. 11 and the subsequent anthrax attacks have caused a major shift in priorities for the National Institute of Standard & Technology, prompting the agency to double its efforts to develop new standards for everything from security scanners to biometrics to computer security, the agency's new chief said today. NIST Director Arden Bement said while many of the projects were begun prior to Sept. 11, the non-regulatory agency's new role in the Bush administration's Homeland Security initiative has added a sense of urgency to the mix. "September 11 really focused our activities and gave them a sense of immediacy," Bement said in a meeting with reporters today. "Our primary goal now is to take whatever technologies are available for application and to develop standards and test methods (that will) make them available to the public as quickly as possible." Bement said NIST is just a few months away from announcing a new biometric standard that will be used to confirm the identity of people seeking U.S. visas or using a visa to enter the United States. NIST also is working with the Biometric Consortium, which represents hundreds of companies that are developing technologies to identify people by their individual physical characteristics, such as thumbprints, facial recognition technology, iris and retinal scans. The biometric standards chosen by NIST could allow one or two technologies to gain early adoption and a strong foothold in an increasingly crowded market. Bement said biometric identifiers are being considered as a prerequisite for entry into government buildings, and the states are pushing ahead on a plan to link an as yet undetermined biometric technology to identity cards and driver's licenses. NIST also is working to develop more effective security standards for wireless communication networks, and is prepared to assume an even greater role in developing computer security standards for the federal government. "I expect that role will expand significantly," Bement said. NIST recently released an updated standard for encryption technology that will soon be used to beef up security for a range of electronic transactions, from e-mail to e-commerce to ATM withdrawals. The agency also is bracing for more responsibility over the computer security standards adopted by the federal civilian agencies. Rep. Tom Davis, R-Va., chairman of the House Government Reform subcommittee on technology and procurement policy, is drafting legislation to reauthorize the Government Information Security Reform Act, a law passed in November 2000 that requires federal agencies to assess and test the security of their non-classified information systems. Davis plans to add a provision to the bill that would require NIST to establish minimum technology and security standards that all agencies must follow. NIST also is crafting new standards to protect the nation's most critical infrastructures, Bement said. The software that monitors and regulates the distribution of juice over the national power grid, for example, is not yet completely integrated. "Grid control is a major issue now ... because a lot of the monitoring of power flows on the grid is done with different types of software and standards," Bement said. "There's a fair amount of work necessary to raise the level of security so it can't be taken down by hackers or otherwise interrupted." In addition, NIST has helped to re-assess standards for machines that irradiated mail in the wake of last year's anthrax attacks, and is reviewing standards that will govern some 2,000 new metal detectors to be installed at the nation's airports. While NIST is eager to have many of its new security standards adopted by companies in the private sector, the future of the Advanced Technology Program - the Commerce Department arm that provides support for moving experimental technologies from the laboratory into the marketplace - remains in question. Many House lawmakers have for years advocated terminating the ATP, and Commerce Secretary Donald Evans has said he would like to see the ATP recoup more of its investment from private sector companies. Benjamin Wu, deputy undersecretary for technology at Commerce, said Evans has come to recognize that the program has its merits. "He feels strongly that - irrespective of the funding issues - the reforms he would like to propose will help bring stability to the program," Wu said. Bement said he was optimistic that NIST would get all the funding it needs to handle its expanded role. "There are a number of pending bills that not only better define this role with regards to homeland security but also provide additional funding," he said. "So far, we've got a pretty big plate of activities, and we're prepared to even do more." --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
