The U.S. Department of Defense has launched an initiative called Common Access Card, which features a smart card enabled with public-key-infrastructure capabilities that runs the Java Card run-time environment on chips with 32 Kbytes of memory. The department has issued more than 3 million cards to military personnel and contractors. They are used to gain access to military bases around the world, log on to computers, obtain medical or other benefits, and digitally sign and encrypt E-mail. The military is issuing 10,000 cards a day at about 1,500 locations in 15 countries and hopes to have 4.3 million cards deployed by the end of the year. More than 150,000 smart-card readers also have been deployed.

"We've always said that we're trying to bring the Department of Defense to the same place that the credit-card world has always been," says Bill Boggess, a division chief for the access- and authentication-technology division at the Defense Manpower Data Center. "Today, you can't buy at McDonald's without them prechecking your card." The department hopes its card will provide that type of swift authorization for its personnel around the world. In addition to protecting against enemy threats, just keeping track of the large number of people entering and exiting military facilities poses a challenge. One base in the Midwest has 400,000 personnel coming and going each day, Boggess notes. "When you're dealing with numbers like 4.4 million active duty and reservists, knowing who they are and where they are when they log on to systems is a huge step forward," he says.