PKI carries the mail for U.S. Postal Service

At a time when most private-sector corporations are still figuring out ways to exploit public-key infrastructure (PKI) technology, the U.S. Postal Service is quietly forging ahead with a project that uses PKI services to secure vital government-to-government and government-to-consumer transactions.

Called NetPost.Certified (NPC), the service uses PKI technologies, such as digital certificates and smart cards, to prove identities and ensure confidentiality and authenticity in transactions involving sensitive information, such as Social Security benefits, medical records and employment history.

Approximately 7 billion of the 61 billion transactions that federal agencies process each year are suitable for the sort of PKI-based automation that's offered by NPC, says Bob Krause, director of e-commerce at the Postal Service.

For example, the Baltimore-based Health Care Financing Administration (HCFA), which administers the Medicare, Medicaid and State Children's Health Insurance programs, is using NPC for securely receiving and filing patient health care information into its central insurance benefits management system.

Access to the information is restricted by a user's predefined role -- for example, doctors have access only to clinical information, and accounting staff have access only to billing information.

The Postal Service provides the secure infrastructure for this to happen and even sends digital receipts with time stamps to the parties in a transaction.

But at no point does it actually handle the transaction content.

NetPost.Certified is the result of a long-standing attempt by the Postal Service to tap the growing demand for secure electronic transactions, Krause says.

"Customers want to be able to communicate effectively online with the same kind of security and trust that they have come to expect with physical mail," Krause says.

But putting together the infrastructure needed to support such trusted services is a major challenge, says Elaine Rimel, manager of new business programs at the Postal Service.

"It certainly works in that it adds a certain level of trust and security that is unequaled," Rimel says. "But you've got to be careful about how you invest and how you seek out your partners [in building out a PKI framework]."

For one thing, despite vendor claims to the contrary, no single vendor offers a complete range of PKI services, Krause says.

Where vendors claim to have end-to-end capabilities, the technologies are often immature and don't interoperate with similar products from other vendors.

For instance, the way digital signatures are parsed and reassembled varies with each vendor's tool kits, and smart cards and smart-card readers vary as well. Even the manner in which Web browsers handle PKI services varies with each version, says Rimel. The result can be a lot of integration work if users aren't careful.

The Postal Service worked with early users, such as the Social Security Administration and the HCFA, to establish baseline product parameters and standards that had to be met to enhance configuration control and reduce integration work.

The NPC's features include the following:

  • The Postal Service is using smart cards that hold the digital identification and smart card readers to access the PKI services.
  • NetAuthority server software from Santa Clara, Calif.-based Cylink Corp. is the core certificate authority. It issues the digital certificates that establish a person's electronic identity.
  • The Postal Service is also using Validation Authority, an outsourced service from Mountain View, Calif.-based ValiCert Inc., to check the authenticity and validity of the certificates. Among other things, the service checks to see if a digital certificate is current or has been revoked for any reason.
  • For applications that require the highest levels of security, the Postal Service's 38,000 post offices act as registration authorities to get documentation in person from customers who want electronic IDs.
  • Annandale, Va.-based WareOnEarth Communications Inc. provides an IP-to-IP file transfer suite that acts as a transportation layer for encrypted transactions between different parties.
  • A key management suite from Vienna, Va.-based TecSec Inc. provides role-based encryption of and access to data.

Looking ahead, Krouse notes that there are legal issues to consider. For example, "if a transaction does not work well, who is on the hook?" he asks.

Special Report

Security Risk and Reward

Stories in this report:

Related:

Copyright © 2001 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon