Full Disk Encryption solutions selected for US Government use

Arshad Noor arshad.noor at strongauth.com
Mon Oct 8 09:47:50 EDT 2007


We submitted a letter to the Program Manager, that while they RFP
was asking for an FDE solution, they really needed to focus on Key
Management across the agency, rather than the actual encryption
solution itself, before they deployed any encryption product.  

We proposed our open-source Symmetric Key Management System (SKMS) 
software - StrongKey - as a solution since it includes utilities to 
perform file, directory and column-level database encryption using 
FIPS-certified tokens: smartcards, HSMs and software modules (NSS).

Given that the solution we proposed was OSS, that it could leverage
any FIPS-certified token through their published JCE/PKCS11 library,
and that the StrongKey protocol is winding its way through OASIS 
towards becoming the Symmetric Key Services Markup Language (SKSML) 
with the support of 33 companies/individuals including the DoD, we 
believed that this solution was optimal for the government from many 
different points of view.

However, because the RFP was narrowly written for FDE products only,
our submission was not accepted.  That's life in the Federal
procurement lane.... they think they're buying a state of the art
security solution and they don't realize that the state of the art
has already shifted under their feet.  

Arshad Noor
StrongAuth, Inc.

----- Original Message -----
From: "Steven M. Bellovin" <smb at cs.columbia.edu>

On Mon, 18 Jun 2007 22:57:36 -0700
"Ali, Saqib" <docbook.xml at gmail.com> wrote:

> US Government has select 9 security vendors that will product drive
> and file level encryption software.
> 
> See:
> http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html
> OR
> http://tinyurl.com/2xffax
> 

Out of curiousity, are any open source FDE products being evaluated?

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list