U.S. working on federated biometrics-based identity management

When it comes to biometrics, the U.S. Department. of Defense has gained vast experience during the wars in Iraq and Afghanistan, where the military has captured millions of fingerprints, facial images and iris scans in order to identify and collect details about terrorists and dangerous insurgents.

Special Operations Forces (SOF) working in combat situations give real meaning to the term “mission-critical” computing: Suspects are tracked down based on fingerprints found on exploded bomb fragments, for instance, that are matched against a database in the United States in less than three minutes using satellite communications.

But what’s next for the Department of Defense’s biometrics program?

Officials from the U.S. Army, Navy, Air Force and SOF, along with the Department of Defense’s Biometrics Task Force (which guards the foundation biometrics database in West Virginia), acknowledged this week that the Defense Department lacks the common architecture it needs to create a more unified long-term biometrics capability but is working towards one based on some form of federated identity management. 

The Department of Defense is also eager to expand its biometrics efforts into new areas that include DNA, as well as what’s called “multi-modal biometrics” that fuse various types, like fingerprint or iris, in order to obtain a more perfect match on subjects.

The science of biometrics “strips away the ambiguity of a person’s identity,” said Dr. Myra Gray, director of the Biometrics Task Force. In “high-target tracking,” biometrics is a tool that will “deny anonymity to adversaries” and is now being used in Iraq and Afghanistan on detainees and suspected terrorists, Gray told attendees at the Biometric Consortium Conference going on in Tampa this week.

“We have 3.5 million records stored” on 2.3 million total identities, Gray said. From that database, which is maintained by the Biometrics Task Force, there have been a total of 1.4 million matches made, mostly in Iraq and Afghanistan, by warfighters equipped with rugged biometrics and communications kits. Biometrics data from suspects has been accumulated in various ways, including fingerprints found on shards of explosive devices.

ID management tips – 3 quick wins in identity management

“Our match rate is 31 per cent of the people we touch, we match against,” said Craig Archer, whose job title at the U.S. Special Operations Command is Identity Superiority Manager.

Special Operations units active in 72 countries use biometrics kits in the field that can link to Department of Defense and FBI databases to track down “high-value individuals” and “persons of interest.” Speaking at the conference, Archer said a total of 18,994 matches have been made on 60,620 submissions to check fingerprints and other biometric data, leading to the capture of entire terrorist networks. “It’s thanks to biometrics,” he said.

Physical and political obstacles

Today the military’s biometrics collection and suspect-tracking efforts are shifting from Iraq, where the U.S. role is changing as troops depart, to Afghanistan, where the mountainous terrain makes satellite communications more difficult. The problem posed by the Afghan mountain ranges can be mitigated by building extensive communications relays, Archer said, adding he’s not at liberty to say much about that.

Another problem, say many close to the effort, is that sharing biometric-related information over the Defense Department’s segmented networks – which are separated for security classification purposes — sometimes means data ends up being shared via storage media that’s handed around or mailed.

In addition, it has not been possible to get U.S. allies in Europe on board with this type of strenuous biometric collection, which has been worked out through bi-lateral agreements with Iraq and Afghanistan during the conflict.

“It’s complicated everywhere,” said Thomas Dee, the director of the Defense Biometrics Office of the Secretary of Defense, Acquisition, Technology & Logistics. “The U.S. has strict privacy rules, as do countries like Germany and Italy.” Policy for use of biometrics is worked out based on local law and agreements, but the U.S. military is so convinced of the merit of biometrics, it finds itself going to battle to argue for it when allies look on it askance.

Lt. Col. Thomas Pratt of the U.S. Marine Corps, the military operations branch chief on the Biometrics Task Force, acknowledged that allies are not usually comfortable with the U.S. practice of “harvesting biometrics.” But he perseveres in trying to convince them that “if you’re a bad actor in Afghanistan, you’ll be a bad actor in Germany.” But the word “biometrics,” and its suggestion of data related to body parts, retains a negative ring for many, Pratt said.

Still the Department of Defense is eager to “institutionalize” its use of biometric technologies for the long-term. The Defense Department estimates it spent about $1.5 billion on biometrics over the last few years, and is hoping for about $500 million for biometrics and forensics in the next year or so. The Department of Defense acquisitions so far have been done in war-time haste, irritating many biometrics vendors that crave more comprehensive standards.

Dee told the Biometrics Consortium audience, with many vendors present, that acquisition processes for biometrics products changed in July with an eye toward larger, tactical systems. In fact, the Department of Defense is already drawing up a wish list of what it wants to see in its biometrics future.

“We have to establish an enterprise architecture,” said Bill Zimmerman, the capabilities integration division chief on the Biometrics Task Force, adding an effort is underway to “engage the biometrics industry [in the] development of a biometrics data model” for storing, sharing, matching and management.

Col. Theodore Jennings, the U.S. Army biometrics program manager, is aiming for systems that could be used in the field to identify friend from foe. He pointed out the collection of DNA and voice is possible, that combining “multiple modalities of fingerprint, palm, print, iris and face” can now be done to “fuse them together to increase the likelihood of a match.” Technologies are also evolving to identify someone from a distance using biometrics matches.

“We’re still in the crawl phase with this,” admitted Ltc. Joe Lopez, branch chief for risk management at the U.S. Northern Command, which is responsible for homeland defense and anti-terrorism (plus coping with the challenges of nature, like wildfires or hurricanes).

He said in the Department of Defense’s future is the prospect of adding biometrics to the military’s Common Access Card for logical and physical access, a process that’s already started, plus coming up with a federated system for the military to use in conjunction with the FBI and Department of Homeland Security, though that may take at least five years.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now