Boeing is implementing a smartcard-based employee identification card, called SecureBadge.
More than 200 000 Boeing employees, contractors and partners are scheduled to receive the multifunction smartcard over the next five years. The new SecureBadge supports Boeing's goal: to increase access security for both information systems and buildings.
A number of business issues drove Boeing to implement a smartcard-based employee ID card. Mergers and acquisitions had resulted in multiple identity management processes. After a new standard identity management process was defined, the Boeing employee badge needed to be updated to support the process. Boeing also wanted to deploy stronger authentication methods and replace the inherently weak password approach. While using extremely long passwords mitigates the risk of weak passwords, Boeing needed a way to store these keys that was controlled by the user.
The result was the definition of the Boeing SmartBadge programme, which uses a standardised badge with a smart chip. The smart ID card integrates the current Boeing physical access control system, directory infrastructure, and Web-based single sign-on portal. The smartcard contains PIN, PKI and biometrics applications that support Windows 2000 logon, Web single sign-on, password wallet and VPN authentication applications. Boeing plans to implement new applications in the future to support data and e-mail encryption, electronic signatures, cafeteria payments, personal data storage and role-based access.
Boeing has found that the SmartBadge delivers multiple benefits to the organisation. Two-factor authentication strengthens the security of desktop access, replacing the less secure user IDs and passwords. The single badge for access to both enterprise facilities and IT resources provides greater overall security for the organisation. Interoperability among different entities using the SmartBadge is enhanced through the definition of trust relationships. Finally, Boeing expects to see savings in excess of what might have been achieved by using other two-factor remote authentication approaches.
"The Boeing Company Chooses Siemens to Enhance Physical and Information Security with Identity Management System," Siemens and Boeing press release, 8 September 2003, http://www.siemens.com/index.jsp?sdc_p=cs4uo1093899pnflm
"Boeing SecureBadge Program," Sharon Lindley, SecureBadge program director, Boeing, Smart Card Alliance Annual Conference presentation, 16 October 2003.
© Technews Publishing (Pty) Ltd | All Rights Reserved