Madison, military team up to boost PC security

[InfoSec News <isn () c4i org>]

http://rtnews.globetechnology.com/servlet/RTGAMArticleHTMLTemplate/C/20020513/gtcenturion?tf=tgam%252Frealtime%252Ffullstory_Tech.html&cf=globetechnology/tech-config-neutral&slug=gtcenturion&date=20020513&archive=RTGAM&site=Technology

By IAN JOHNSON
Globe and Mail Update
Monday, May 13 2002

Keith McNally says "divine intervention" led his company to team up
with the Canadian military to build a new computer security device.

"I would love to say we did it all ourselves, but the [military]
engineers were the ones who were the key to making this all come
together," Mr. McNally, president of Madison Systems Inc., said. "It
really came about a bit by fluke, we were just in the right place at
the right time while the same idea was turning through everyone's
head."

Several years ago, the Aurora, Ont.-based company developed the
Centurion Network Security Switch RJ45/11 to protect network
connections against hackers. But Mr. McNally, a security buff, had
bigger plans for the company's next product, the Centurion II.

He wanted to protect hard drives with a piece of virus- and hack-proof
hardware so that even if network security was breached, there would be
no way to steal or alter the files.

While on a trip to the NORAD military base under Cheyenne Mountain in
Colorado Springs, Colo., for another project in 1999, Mr. McNally
happened to bring up his pet project in a conversation with some of
the engineers and military brass. He was given a contact at Canada's
Communications Security Establishment, the equivalent of the U.S.  
National Security Agency.

"I kept banging on their door and getting put off, but finally they
gave me an interview. An engineer said I had 15 minutes so I'd better
make it quick, and when I showed him the diagrams and rough drafts, it
turned into a three-and-a-half hour meeting," Mr. McNally said.

The engineer showed him a patented prototype card that worked along
similar lines to Madison's proposal, a concept device that had been
developed for the military but never put into production.

"It was disheartening, because we'd been working on something similar
for more than a year. I asked if they'd sell the patent and he said
no, but then he said a partnership of some sort might be possible," he
said.

The groups negotiated over the course of several months, and a deal
was hammered out on April 4, 2000. Since then, Madison has been
tweaking the technology to make it marketable, and tracking down
hard-to-find components for full-scale manufacturing.

"The card was so archaic when we first got it, the prototype board was
about two feet long with wires and things all over it. Now we've
miniaturized everything into a standard PCI or ISA card to fit any
PC," Mr. McNally said.

"Without word of a lie, it was just breadboarded in a single
logic-type chip design, I've never seen anything like it," said
software designer James Mitchell, head of Aurora-based Mitchell
consulting and engineering, who has been helping Madison perfect the
product. "But Madison took the basic idea and they've completely
redesigned it."

The result of Madison's efforts is the Centurion II. The card is
basically a sophisticated I/O controller that oversees the operation
of a PC or server's hard drives. It allows a user to set certain read
and/or write functions in order to enable or disable file access,
acting like a gatekeeper for the hard drive that is independent of the
operating system, the company said.

"The patent is for functions that give the capability to logically
partition a drive in a way to create read-only access areas," Mr.  
Mitchell said. "With that advantage, you can secure data, which is
especially important for machines connected to Internet ... it's a
physical block between any command or block of data being sent from
the outside to the hard drive."

The Centurion II can lock entire IDE drives (a SCSI version is in
development), or just certain parts areas of the drive on everything
from PCs to Web servers, the company said. It can give selective
access to specific directories, sub-directories or individual files.

"When proper protocols and procedures are followed, the unit is
dislocated from virae, hackers and overall intrusion or malicious
code," Mr. McNally said. "The card is independent of everything
running on the machine. We don't protect the operating system from
attacks, we protect the hard drive's files themselves, so you can't
alter them or reformat the drive or anything like that."

The Canadian Department of National Defence still holds the patent for
the technology, and Madison has the licence to further develop and
commercialize it. In return, the DND will get a portion of the net
income from Centurion II's sales.

"We have added bells and whistles to give it the versatility that is
needed for the average user or an administrator," Mr. McNally said.

This includes password system to let authorized users log on to the
computer, and a special key that administrators can plug into the card
(along with a password) to alter its configuration, then remove so
that nobody can play with the settings.

"We purposely made it simple to operate so that anyone can use it -
home users, businesses, government workers, anyone," Mr. Mitchell
said.

If someone tries to write to the drive, it creates a log file that
tells where the request came from on the network, and it can be set up
to notify an administrator by pager or e-mail. If they write to a
drive that isn't fully locked, the log file tells administrators what
was written where on the drive so they can go back and remove it if
necessary.

"The card locks out outside interaction with the hard drive altogether
if you choose, and the background software listens to the card to warn
of illegal access attempts," Mr. Mitchell said.

The Centurion II will be officially launched at the Canadian
Information Technology Security Symposium (CITSS) in Ottawa this week,
and is expected to sell in the $350 range initially. Mr. McNally said
the goal is to bring the price down to the $200 range when volumes
increase.

Windows 98 and NT software is available for Centurion II now, and
versions that run with Windows XP and Linux are in development, Mr.  
Mitchell said.

The company is negotiating reseller agreements, with a particular
focus on the government market, but it is also selling the Centurion
II on its Web site.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.