Security group benchmarking Solaris

Featured eBooks
Cyber Workforce
Read Now

Law Enforcement Tech

Read Now

AI in the Workplace

Read Now
By Diane Frank

By Diane Frank

|

The Center for Internet Security is preparing the first in a wave of security benchmarks for commercial products widely used in government

Center for Internet Security

Related Links

National Security Agency

NIST Computer Security Resource Clearinghouse

Common Vulnerabilities and Exposures

A new collaborative security organization is preparing to release the first in a wave of security benchmarks for commercial products widely used in government, industry and academia.

The Center for Internet Security is a nonprofit organization composed of more than 80 members from government agencies, law enforcement, academia and industry. It plans to provide internationally agreed-upon technical benchmarks and certifications, said Clint Kreitner, chief executive officer of the center.

The organization will release a benchmark for Sun Microsystems Inc.'s Solaris operating system before the end of the year.

Other benchmarking efforts include:

    * The Institute for Security Studies at Dartmouth College is developing a benchmark for the Linux operating system.

    * The National Security Agency will soon come out with an initial benchmark for Microsoft Corp.'s Windows 2000.

The CIS is based on the idea "that only through effective, systematic, collective action do we have any hope" of combating security threats, Kreitner said. "We cannot ignore the common good in the pursuit of self-interest."

Franklin Reeder, chairman of the center, added that "the role of the center will not be to develop tools, but to certify tools."

Whether this certification will be similar to the "Consumer Reports" model or more like the Underwriters Laboratories Inc. model is still under consideration, but the center will partner with and build on work done by organizations such as NSA, the National Institute of Standards and Technology and the Common Vulnerabilities and Exposures project led by Mitre Corp., Kreitner said.

Federal members of the center include NIST, NASA, the Dahlgren Naval Surface Warfare Center, the Defense Department's Computer Emergency Response Team and the Treasury Department's Financial Management Service. Other government participants include the Washington State Department of Health, the Canadian Communications Security Establishment and the Royal Canadian Mounted Police.

NEXT STORY: Access360 targets feds via D.C. office