Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Cyberdefense students using PKI

From: InfoSec News <isn () C4I ORG>
Date: Thu, 22 Feb 2001 03:39:05 -0600
http://www.fcw.com/fcw/articles/2001/0219/web-pki-02-21-01.asp

BY Bill Murray
02/21/2001

Students and alumni of the Defense Departments school to train
investigators in computer crime techniques are using public-key
infrastructure technology to communicate via a private Web site.

The Defense Computer Investigations Training Program in Linthicum,
Md., started handing out digital certificates to its students two
weeks ago, said Greg Redfern, the programs executive director.

Students receive Common Access Cards, which they use to access the Web
site by placing them into a PC card reader, Redfern said. Such "smart
cards" feature a bar code, a magnetic strip and an embedded chip.

Once they access the site, users can chat with fellow students and
graduates of the program, find out about course updates and engage in
threaded discussions. All data on the site is sensitive but at the
unclassified level or below, Redfern said.

Because the Web site has a .gov address rather than a .mil one, users
can access the site through any domain. Access was a key issue because
some state and local law enforcement officials are involved in DCITP,
and some users will want to access the site from their home PCs via a
commercial Internet service provider.

"Were ahead of DOD" in using PKI technology, Redfern said. "They sent
training and reviewed our network topology. They scrubbed us" for
security vulnerabilities. A "black hat" team of hackers from Computer
Sciences Corp. battled DCITPs "white hat" protectors of the Web site
to find any systems vulnerabilities.

Symantec Corp.s Raptor Firewalls protect the system, which also
features 128-bit encryption, said Darren Keil, a network security
administrator at DCITP. A Secure Sockets Layer link encrypts the Web
sites transmissions.

More than 1,300 DOD, federal, state and local law enforcement
officials took DCITPs course during the past 18 months. The programs
basic course enables students to conduct forensic investigations on
computers by taking them apart and putting them back together.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: