Full Disk Encryption solutions selected for US Government use

Ali, Saqib docbook.xml at gmail.com
Mon Oct 8 14:52:28 EDT 2007 

Arshad,

Some of the solutions already include a KMS. One of the key
requirements of this particular RFP was "Transparency". Can you please
elaborate more on how StrongKey KMS would have improved on
transparency?

Thanks
saqib
http://security-basics.blogspot.com/



On 10/8/07, Arshad Noor <arshad.noor at strongauth.com> wrote:
> We submitted a letter to the Program Manager, that while they RFP
> was asking for an FDE solution, they really needed to focus on Key
> Management across the agency, rather than the actual encryption
> solution itself, before they deployed any encryption product.
>
> We proposed our open-source Symmetric Key Management System (SKMS)
> software - StrongKey - as a solution since it includes utilities to
> perform file, directory and column-level database encryption using
> FIPS-certified tokens: smartcards, HSMs and software modules (NSS).
>
> Given that the solution we proposed was OSS, that it could leverage
> any FIPS-certified token through their published JCE/PKCS11 library,
> and that the StrongKey protocol is winding its way through OASIS
> towards becoming the Symmetric Key Services Markup Language (SKSML)
> with the support of 33 companies/individuals including the DoD, we
> believed that this solution was optimal for the government from many
> different points of view.
>
> However, because the RFP was narrowly written for FDE products only,
> our submission was not accepted.  That's life in the Federal
> procurement lane.... they think they're buying a state of the art
> security solution and they don't realize that the state of the art
> has already shifted under their feet.
>
> Arshad Noor
> StrongAuth, Inc.
>
> ----- Original Message -----
> From: "Steven M. Bellovin" <smb at cs.columbia.edu>
>
> On Mon, 18 Jun 2007 22:57:36 -0700
> "Ali, Saqib" <docbook.xml at gmail.com> wrote:
>
> > US Government has select 9 security vendors that will product drive
> > and file level encryption software.
> >
> > See:
> > http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html
> > OR
> > http://tinyurl.com/2xffax
> >
>
> Out of curiousity, are any open source FDE products being evaluated?
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list