Jan 26 2018

The Next Biometric Authentication Method for DISA? Your Gait

The Defense Information Systems Agency explores expanding biometric validation technologies beyond the usual suspects.

Iris recognition is so archaic.

The Defense Information Systems Agency is exploring new ways to validate users' identities through biometrics that go beyond the normal methods of authentication. That includes a user's gait, or manner of walking.

The goal is to make authentication via biometrics easier for soldiers in the field. Identity management is becoming more critical as war fighters become more mobile. DISA, which provides IT and secure communications services across the Defense Department and military service branches, needs to provide ways for officers and DOD officials to access classified and sensitive data on the go.

DISA is working to develop a suite of seven multifactor authentication tools that would include a user's gait, outgoing DISA Director Lt. Gen. Alan Lynn said on Jan. 11 at an AFCEA luncheon in Washington, D.C., according to FCW.

SIGN UP: Get more news from the FedTech newsletter in your inbox every two weeks!

DISA Seeks to Expand Multifactor Authentication

DISA wants to make authentication easier for soldiers, Lynn explained, and fingerprint and facial recognition authentication methods can prove difficult for war fighters in the field.

"Fingerprints and facial recognition are problematic for a war fighter," Lynn said, according to FCW. For example, gloves, dirty hands, goggles or face masks could make it difficult for a soldier to authenticate their identity using traditional biometric methods. However, he said "you're going to always have … your walk," he said.

"That's as individual as a fingerprint," Lynn added, according to FedScoop.

It's not surprising that DISA would explore biometrics that include gait. In August, SIGNAL, AFCEA's magazine, reported that DISA was exploring new authentication methods. 

As FCW reports, in a video DISA posted in December, the seven factors include GPS location, voice recognition, facial recognition, device orientation, trusted peripherals and trusted networks, as well as gait. Taken together, Lynn said, those authentication factors are "better than just your credentials — it's who you are."

DISA is evaluating a proposal to deliver gait-based authentication, and Lynn said, "that's the first one that's coming out," according to FCW.

Lynn announced at the event that he will retire from his director position and active duty on Feb. 2, FedScoop reports. Defense Secretary Jim Mattis has nominated Rear Adm. Nancy Norton to be the next head of DISA.

Authentication Must Sync with Mobile Warfighters

With a growing number of soldiers and Pentagon officials accessing information on mobile devices, DISA must ensure that authentication methods can work on those devices as well, Lynn said.

Lynn noted that DISA already allows senior officers to view classified data on commercial mobile devices "that we've modified slightly," FCW reports. For example, a commander with decision-making authority can view drone footage so that a strike can be authorized in real time.

DISA has worked with industry stakeholders on the new authentication methods. Lynn said. "What we are building is something that I think could easily transition to the commercial side," he said, according to FedScoop. "Because your identity is out there. You see all of these commercial guys perform with pieces or parts of it. If we could pull it all together so it's kind of a platform and it's informed by all the work we do with highly classified folks to really harden it, it's kind of a win-win."

SergeyNivens/Getty Images

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.