Cyberdefense students rely on PKI

Students and alumni of the Defense Department's school to train investigators in computer crime techniques are using public-key infrastructure technology to communicate via a protected Web site.

The Defense Computer Investigations Training Program in Linthicum, Md., started handing out digital certificates to its students three weeks ago, said Greg Redfern, the program's director.

More than 1,300 DOD, federal, state and local law enforcement officials took DCITP's course during the past 18 months. The program's basic course enables students to conduct forensic investigations on computers by dissecting them for data and clues.

Students download a one-time activation file onto a floppy disk that they can use to obtain their digital certificates online. A certificate is also stored on the disk and contains a public and private key pair for each user.

Once on the site, users can chat with fellow students and graduates of the program, learn about course updates and engage in threaded discussions. All data on the site is sensitive but at the unclassified level, Redfern said.

Users can connect to the Web site from any Internet address. Access is a key issue because some state and local law enforcement officials participate in DCITP, and some users will connect from home.

"We're ahead of DOD" in using PKI technology, Redfern said. "They sent training and reviewed our network topology."

The site was tested for security vulnerabilities by having a "black hat" team of hackers from Computer Sciences Corp. battle DCITP's "white hat" protectors.