SANTA CLARA, Calif., April 9 /PRNewswire/ — NAI Labs, a division of PGP Security, a Network Associates, Inc. (Nasdaq: NETA) company, today announced they are joining with the National Security Agency (NSA) and its other partners to further develop the NSA’s Security-Enhanced Linux (SELinux) prototype. The $1.2 million will be paid over the life of the two-year contract, and the work will focus on research and development to improve the security of open-source operating system platforms, the core of Internet infrastructures that have become business critical in today’s economy.
The work will reduce the threat of security breaches caused by flawed or even malicious applications. The contract builds upon NSA’s prior work in developing a set of new security controls for the Linux kernel and NAI Labs’ prior work in developing an example security policy configuration for these controls and several additional kernel controls.
“NAI Labs continues to work with the government to ensure secure Internet infrastructure. The President’s National Coordinator for Security and the President’s Information Technology Advisory Committee have called for increasing the federal government’s role as both a user and contributor of open source software,” said Terry Benzel, Vice President, Advanced Security Research and Director of NAI Labs. “Open source platforms provide the basis for developing online communication and business strategies, and our work ensures that the building blocks are secure.”
Operating systems provide the foundation for system security, yet mainstream operating systems lack critical security features needed to enforce security policies. NSA and NAI Labs have recognized the need to improve the security of operating systems. Linux was chosen by the NSA because its growing success and open development environment provided an opportunity to demonstrate that the security functionality added by SELinux can be successful in a mainstream operating system. NAI Labs will work with the NSA and its other partners to develop additional security controls, configure the security policy and represent the security enhancements to the Linux community. SELinux includes security enhancements to the operating system that can enforce the separation of information based on the confidentiality and integrity requirements.
The security mechanisms of SELinux provide flexible support that allows customization for a wide range of security policies in order to meet various security requirements. Support for security policies is required in order to protect data on end systems; however, needs are different for every company and every industry. Flexible support for policies is required, since an organization must be able to tailor the policy to meet its particular security requirements and threat environment. NAI Labs’ and NSA’s efforts will improve the security of open source operating systems so that they can be effectively applied to protect corporate data.
NAI Labs is an industry leading security research organization with 100 dedicated researchers in four research facilities throughout the United States and is a founding member of the Security Research Alliance. NAI Labs is a multi-discipline research organization with world-renowned expertise in the areas of network security, applied cryptographic technologies, secure execution environments, security infrastructure, adaptive network defenses, distributed systems security, and information assurance. In addition to its prominent role in the security research community, all unclassified network and cryptographic research is shared with Network Associates’ product development and support organizations to enable superior solutions for Network Associates customers.
PGP Security, a Network Associates company, is a worldwide leader in products and services focusing on solving privacy and data confidentiality issues, and has a strong history of setting security industry standards. PGP Security’s breadth of security products, including firewall, encryption, intrusion detection, risk assessment and VPN technologies, address the full range of security and privacy issues, anywhere information is transmitted or stored. PGP Security’s products secure over seven million users and include several of the industry’s well-known security brands, including Gauntlet Firewall and VPN, PGP Data Security, CyberCop Scanner, and PGP e-ppliances. PGP Security’s COVERT research team identifies and works to resolve serious vulnerabilities before attackers are able to exploit them. The findings are incorporated into the product offerings, ensuring protection from the latest vulnerabilities. For more information and software evaluations, visit http://www.pgp.com .
About Network Associates
With headquarters in Santa Clara, Calif., Network Associates, Inc. is a leading supplier of security and availability solutions for e-businesses. Network Associates is comprised of four business units: McAfee, delivering world class anti-virus products; PGP Security, providing firewall, intrusion detection and encryption products; Sniffer Technologies, a leader in network and application management; and Magic Solutions, providing web-based service desk solutions. For more information, Network Associates can be reached at 972-308-9960 or on the Internet at http://www.nai.com . NOTE: Network Associates, PGP, McAfee, Sniffer, Magic Solutions, Gauntlet, CyberCop and CyberCop Scanner are registered trademarks of Network Associates, Inc. and/or its affiliates in the U.S. and/or other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners.