Peter Tomlinson
2004-09-08 06:33:21 UTC
In the US they have a Presidential Directive:
http://www.whitehouse.gov/news/releases/2004/08/20040827-8.html
but in the UK...
I'm sure this will use the GSC-IS spec, which is the generalised version
of the spec for the military CAC. As reported before, it includes space
for the material facts from the card holder's personnel file.
Peter
"Homeland Security Presidential Directive/Hspd-12
Subject: Policy for a Common Identification Standard for Federal
Employees and Contractors
(1) Wide variations in the quality and security of forms of
identification used to gain access to secure Federal and other
facilities where there is potential for terrorist attacks need to be
eliminated. Therefore, it is the policy of the United States to enhance
security, increase Government efficiency, reduce identity fraud, and
protect personal privacy by establishing a mandatory, Government-wide
standard for secure and reliable forms of identification issued by the
Federal Government to its employees and contractors (including
contractor employees).
(2) To implement the policy set forth in paragraph (1), the Secretary
of Commerce shall promulgate in accordance with applicable law a Federal
standard for secure and reliable forms of identification (the
"Standard") not later than 6 months after the date of this directive in
consultation with the Secretary of State, the Secretary of Defense, the
Attorney General, the Secretary of Homeland Security, the Director of
the Office of Management and Budget (OMB), and the Director of the
Office of Science and Technology Policy. The Secretary of Commerce shall
periodically review the Standard and update the Standard as appropriate
in consultation with the affected agencies.
(3) "Secure and reliable forms of identification" for purposes of this
directive means identification that (a) is issued based on sound
criteria for verifying an individual employee's identity; (b) is
strongly resistant to identity fraud, tampering, counterfeiting, and
terrorist exploitation; (c) can be rapidly authenticated electronically;
and (d) is issued only by providers whose reliability has been
established by an official accreditation process. The Standard will
include graduated criteria, from least secure to most secure, to ensure
flexibility in selecting the appropriate level of security for each
application.
(4) Not later than 4 months following promulgation of the Standard,
the heads of executive departments and agencies shall have a program in
place to ensure that identification issued by their departments and
agencies to Federal employees and contractors meets the Standard." ...
<snip>
and
" (6) This directive shall be implemented in a manner consistent with
the Constitution and applicable laws, including the Privacy Act (5
U.S.C. 552a) and other statutes protecting the rights of Americans."
http://www.whitehouse.gov/news/releases/2004/08/20040827-8.html
but in the UK...
I'm sure this will use the GSC-IS spec, which is the generalised version
of the spec for the military CAC. As reported before, it includes space
for the material facts from the card holder's personnel file.
Peter
"Homeland Security Presidential Directive/Hspd-12
Subject: Policy for a Common Identification Standard for Federal
Employees and Contractors
(1) Wide variations in the quality and security of forms of
identification used to gain access to secure Federal and other
facilities where there is potential for terrorist attacks need to be
eliminated. Therefore, it is the policy of the United States to enhance
security, increase Government efficiency, reduce identity fraud, and
protect personal privacy by establishing a mandatory, Government-wide
standard for secure and reliable forms of identification issued by the
Federal Government to its employees and contractors (including
contractor employees).
(2) To implement the policy set forth in paragraph (1), the Secretary
of Commerce shall promulgate in accordance with applicable law a Federal
standard for secure and reliable forms of identification (the
"Standard") not later than 6 months after the date of this directive in
consultation with the Secretary of State, the Secretary of Defense, the
Attorney General, the Secretary of Homeland Security, the Director of
the Office of Management and Budget (OMB), and the Director of the
Office of Science and Technology Policy. The Secretary of Commerce shall
periodically review the Standard and update the Standard as appropriate
in consultation with the affected agencies.
(3) "Secure and reliable forms of identification" for purposes of this
directive means identification that (a) is issued based on sound
criteria for verifying an individual employee's identity; (b) is
strongly resistant to identity fraud, tampering, counterfeiting, and
terrorist exploitation; (c) can be rapidly authenticated electronically;
and (d) is issued only by providers whose reliability has been
established by an official accreditation process. The Standard will
include graduated criteria, from least secure to most secure, to ensure
flexibility in selecting the appropriate level of security for each
application.
(4) Not later than 4 months following promulgation of the Standard,
the heads of executive departments and agencies shall have a program in
place to ensure that identification issued by their departments and
agencies to Federal employees and contractors meets the Standard." ...
<snip>
and
" (6) This directive shall be implemented in a manner consistent with
the Constitution and applicable laws, including the Privacy Act (5
U.S.C. 552a) and other statutes protecting the rights of Americans."