Thursday, May 12, 2011

TWIC Isn't Keeping Ports Secure, GAO Says

Less Secure than state driver's licenses (National Journal)
Despite nine years of fine-tuning and more than $400 million in funding, a government-issued picture ID card used at U.S. ports provides less security than the average state-issued driver's license, a federal auditor told lawmakers Tuesday.
One of the biggest problems with the TWIC system is interoperability. If you own one location where your customers receive a service, it's all fine and good to have a proprietary, un-networked identity management system. If you're trying to control access at facilities scattered across the globe and managed by many different agencies, you have an ID management challenge of a completely different order.

Part of the solution is technical and part is political.

Interoperability is a term that covers a bit of both the technical and political aspects of ID management.

The solution to the TWIC problem is either a top down agreement among all ports to adopt the same ID management protocols and verification system or a strong standards based solution with a robust middleware integration.

SecurLinx can be of much help with the latter.