The next generation of smart card - Smart Card Logon/Next Generation

By Edward Landers

75 ABW/SCOOS

September 13, 2012

Do you log on to the Air Force network to do your job? If so, Smart Card Logon/Next Generation (SCL/NG) will have a direct impact on you the first time you log on during Smart Card Logon/Next Generation implementation. SCL/NG took affect with the release of the Air Force Standard Desk Configuration 3.3 on Sept. 12. SCL/NG is evolving technology that will empower most Air Force network users with the ability to log on to multiple unclassified Air Force network accounts with a single Common Access Card.

Smart cards, including Common Access Cards (CAC) and alternative tokens (representations seen above), contain Public Key Infrastructure (PKI) certificates used to log on to Air Force networks. The current way we log on to the network, however, has some limitations. Network users with multiple unclassified accounts and permissions have been forced to use different smart cards for each account. Some examples of network users who may have multiple unclassified accounts/permissions include: network administrators, customer support technicians, help desk personnel and Air Force medical staff.

Smart Card Logon/Next Generation specifically provides increased convenience and security for the network user groups previously identified. However, for those individuals with multiple DoD affiliations (i.e., active duty, Reserves, National Guard, civilian, and contractor), who have been issued multiple CACs, SCL/NG will NOT combine your multiple CAC roles, but will affect your logon experience for each CAC.

SCL/NG will arrive at your Air Force desktop in two phases -- one has already begun. You will notice a subtle but important difference on the screen when inserting your CAC to logon. Specifically, you will see additional certificates, represented by icons you are able to select for logon. We are accustomed to loggingg on to the Air Force network with our DoD email signature certificate. For most, your usual logon screen looks like the image below.

During Phase I of SCL/NG implementation, you will begin to see two PKI certificates displayed logging on for the first time to your Air Force. One is the DoD email signing certificate, and the other is the DoD identity certificate (pictured below). Select the Email Signature Certificate, displayed on the left, to successfully log on to your workstation.

How can you tell the difference between the two certificates? You may notice from the above image that both certificate icons appear identical. Select the certificate on the left, and you will be prompted for your CAC Personal Identification Number (PIN). If your User Primary Name (UPN), circled in red (pictured below), is a 10-digit number followed by "@mil," you have successfully selected your email signing certificate. If you see something different, click Switch User to go back and select the email signing certificate. If you choose the wrong certificate you'll get an error--just go back and select the other certificate.

For those currently using alternate tokens, like system administrators, an additional certificate is available on your CAC called the Personal Identity Verification (PIV) authority certificate. The PIV authority certificate will function like your alternative token, enabling access to your individual alternate account. You can easily activate the PIV authority certificate on your CAC by using a tool called the User Maintenance Portal/Post Issuance Portal (UMP/PIP). For additional guidance visit: https://www.dmdc.osd.mil/ump/support/usermanual.pdf or contact your Hill AFB alternate token trusted agent in the Hill PKI office. Action is only required if you have an Alt Token.

Once you have activated your PIV authority certificate, your logon screen will display three certificates: the email signing certificate, PIV authorization certificate, and DoD identity certificate. The PIV authority certificate is displayed in the center (pictured below). To verify, select the center certificate icon displayed during logon. If the UPN is a 16-digit number followed by "@mil," you have found the PIV authority certificate to log on to your individual alternate account. Once you have activated your PIV authority certificate, turn your alternative token in to Hill PKI personnel.

You may be asking why is the Air Force going to Smart Card Logon/Next Generation The new smart card provides significant benefits to network users and the Air Force. It will result in cost/manpower savings, increased convenience for alternative token users and reduced security scenarios of lost or compromised alternative tokens.

For additional details, visit the Air Force PKI SPO web site: https://afpki.lackland.af.mil/html/sclogon.cfm.

Topics:

In The Know

Volunteers needed to help with rodeo The 75th Air Base Wing Public Affairs Office is seeking 120... more

I-15 near I-84 to close periodically I-15 near I-84 to close periodically for work RIVERDALE —... more

Coupon Power Print, clip and save!

Notice

This website is maintained and published by Ogden Publishing Corporation, a private firm in no way connected with the U.S. Air Force, under and in compliance with a Memorandum of Understanding with Hill Air Force Base. The content of the Hilltop Times website does not necessarily represent the views of, nor is it endorsed by, the U.S. Government, the Department of Defense, the Department of the Air Force or Hill Air Force Base (collectively, the Government). The appearance of advertising on this website and in the Hilltop Times publication, including inserts or supplements, does not constitute endorsement by the Government of the products or services advertised.

Everything advertised on this website shall be made available for purchase, use or patronage without regard to race, color, religion, sex, national origin, age, marital status, physical handicap, political affiliation or any other non-merit factor of the purchaser, user or patron.

Editorial content is edited, prepared and provided by the Standard-Examiner, 332 Standard Way, Ogden, Utah, 84404. Additional editorial content is provided by various military and civilian wire services and Hill Air Force Base public affairs departments.

Call 801-625-4273 with story ideas or comments, or contact the editor, Mary Lou Gorny, at mgorny@standard.net.

Call 801-625-4300 for Classified Advertising or 801-625-4388 for Retail Advertising.

Copyright 2010 Ogden Publishing