Northrop Grumman demos common credentialing system

Newport News shipyard

Northrop Grumman Corp. and the Department of Homeland Security's Federal Emergency Management Agency (FEMA) recently coordinated a nationwide demonstration that deployed a common, interoperable credentialing system enabling electronic identity authentication for government and industry personnel.

The demonstration, which Northrop dubbed "Autumn Blend," used standardized personal identity credentials operating across multiple domains, such as a government's or company's credential authentication infrastructure that could be applied to access management decisions, situational awareness, cyber-secure capabilities and post-event reconstruction, according to Northrop. Participants included federal, state, local, and private sector emergency response and recovery officials who are assigned to the front lines for rescue or recovery missions, it said.

"Northrop Grumman has an established commitment with the Department of Homeland Security and we recognize the importance and national significance of this demonstration," said Alan Leckenby, vice president of International and Identity Management for Northrop Grumman's Information Systems sector. "We have worked with great diligence and in partnership with all levels of government to become the only company able to validate credentials for both physical and logical access, which provides an extra layer of security around information sharing during crisis situations."

One of the scenarios of the Autumn Blend demonstration simulated a collaborative incident at Northrop Grumman's Shipbuilding facility in Newport News, VA. As first responders from the city, state and federal government officials convened on the site, their individual personal identity credentials were presented and read electronically at various authentication points for physical and logical access to the demonstration. Credentials included the U.S. Department of Defense Common Access Card, First Responder Authentication Credential, Personal Identity Verification and Personal Identity Verification-Interoperable credentials, the company said.

Participants were electronically validated for physical access using mobile and fixed devices, according to Northrop. The devices verified identities using personal identification credentials, personal identification number, and biometrics. Logical access through personal identification credentials allowed participants to use computers for secure e-mail collaboration. As participants' identities were cleared and individuals permitted access to the demonstration venue, Virginia's Interoperability Picture for Emergency Response (VIPER) geospatial application tracked and displayed their actions in near real-time at fusion centers and emergency operations centers throughout the United States.

"Northrop Grumman's corporate-wide personal identity verification credential, called OneBadge, was the use case for this demonstration scenario. It effectively incorporated the requirements of all levels of government to electronically validate identity, designate roles, authorizations and privileges (called attributes), and securely transmit information back to the government identity management system," Leckenby added. "Autumn Blend was considered a success and will have important implications for a broad range of future emergency response situations."