NCASSR’s Public Key Infrastructure Laboratory is currently engaged in testing secure smartcard credentials used to authenticate State of Illinois emergency personnel at the scene of an accident, disaster, or possible terrorist attack.

Online identity increasingly depends on multiple usernames and passwords, many of them sent across the Internet unencrypted as clear text. Not only does this threaten the safety of the individual user, but the integrity of financial, defense, and other critical online systems also depends on ensuring user identity. One solution to this problem is a digital signature, a kind of secure global electronic "passport" which can be used to keep crucial transactions secure and to establish the user's identity beyond doubt. This "passport" is extremely difficult to forge because every time a user's digital certificate is called for, a new one is generated.

The system used for managing digital certificates is called a Public Key Infrastructure (PKI). PKI differs from other security and authentication systems in that it uses both a public and private key to identify a user and authenticate that user's identity. To enable a user to access resources, his or her private key is paired with a public key, and a request for a digital certificate is sent to a third party, called a Certificate Authority (CA). The CA vouches for the identity of the user and sends that user a digital certificate which serves as the user's proof of identity.

In 2005 NCASSR set up the PKI Laboratory at NCSA to support ongoing PKI research and testing activities. The lab consists of secure development servers, laptops, smartcards and smartcard readers, fingerprint readers, and one-time password tokens. The PKI Laboratory has been used for testing and validation of other NCASSR-funded technologies, such as prototyping the use of hardware tokens for access to production supercomputers during the Mithril project and testing the Secure Email List Services (SELS) secure group-to-group messaging system.

The PKI Laboratory also partners with Entrust Corporation to provide PKI technology for the Illinois Terrorism Task Force (ITTF), which coordinates federal, state, and local agencies throughout Illinois for emergency preparedness, terrorism prevention, and first-responder training. One of the ITTF's goals is to create a tamper-proof, counterfeit-proof credential that can used to identify which emergency workers, such as police, firefighters, and HAZMAT team members, are qualified and/or required to be at an incident scene. The PKI Laboratory tests the credentialing system developed by Entrust, which consists of secure smart cards containing State-issued PKI identity credentials and fingerprint templates for biometric authorization and include signed certifications about a first-responder's affiliation and capabilities (such as weapons authorization or HAZMAT certification). Identity can be verified quickly by a stand-alone application on a field laptop; because all necessary information is available on the card, a wireless connection is not necessary to authorize personnel—essential for remote areas of the state where wireless networking may be unavailable.