ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

NSA Closes Air Gaps

Chooses Linux for security


ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.


NSA Opts High-Security Linux Over Windows NT/2000

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder Behind miles of wire, spiked fences and thousands of concrete barriers, the world's smartest computer scientists toil in relative obscurity.

Unacknowledged for decades, the National Security Agency (NSA) is still referred to by its employees as "the Department of Defense" or simply "No Such Agency."

But within these mirrored glass and electronically-protected walls incubates new security technology that will have repercussions in the business community for years to come.

Currently NSA, like all sensitive military operations, separates data by classification. Confidential and secret are common classifications. To ensure higher-classified data doesn't leak to unauthorized recipients, NSA maintains separate and distinct computer networks. According to one report, as many as six networked computers are assigned to some agency employees. By using "air gaps," network administrators ensure cross-talk and accidental miswiring doesn't allow the unsecured dissemination of highly-classified data.

Imagine having multiple PCs on your desk, each used to access, modify, and transmit different classifications of data. What a nightmare!

Software firm VMware has teamed with NSA researchers to develop an alternative solution that provides security comparable to air gaps - to having multiple computers.

Called "NetTop," VMware's software-in-development would turn each computer into a number of virtual PCs running on a Linux computer that would sit on each worker's desk. The NetTop security system creates virtual walls between public and classified data and becomes an impenetrable barrier to inadvertent dissemination.

If successful, the project could mean huge cost savings and convenience for the NSA and other security-conscious government agencies by eliminating one or more computers--and a variety of network components--cluttering desktops at the agency. And it will mean big commercial deals for VMware, too. When NSA adopts new technology, thousands of it's vendors are often required to use the products to maintain the same high-level of information security.

The following paragraph is an excerpt from VMware's press release: "Users in the national security community have an increasing need for commercial off-the-shelf software, and to provide them with this functionality without compromising on security, we currently require them to use different computers for different applications," said Paul Pittelli, Director of Information Assurance Research at the National Security Agency. "A security enhanced virtual machine monitor is an important component to help us provide practical security solutions for our customers by allowing them to use commercial software safely. We are impressed with the VMware technology and look forward to a productive research partnership."

VMware's plan is to use an offshoot of the company's current virtual machine technology that allows Linux users to install and run Windows or any other PC-based operating system on top of Linux.

NSA has selected Linux as its preferred operating system because it's open source architecture ensures no trap doors or hidden security back doors are present.

According to Fred Cohen, the University of New Haven's professor of digital forensics investigation, VMware's idea seems to be a good one and he agreed the decision to run the VMware technology on top of Linux, not Windows, is key to a government agency like the NSA.

"You wouldn't want to do it on Windows NT, because you know nothing about what is going on inside NT," Cohen added.

Call for Comments

What do you think? Leave your comments on the message center.

References

VMware
NSA
Message Center


Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2001 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/2001/it010202.html
updated February 2, 2001