 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News -
Security:
NIST Joins FSDB Initiative For
Safer Computing
Tripwire Inc, a world leader in integrity assurance, announced the addition
of
the National Institute of Standards and Technology (NIST) to the File
Signature Database (FSDB) initiative as a research member. The FSDB
initiative's goal is to enable more secure, reliable and cost-effective
computing environments by establishing industry-supported standards and
mechanisms for capturing and cataloging file fingerprints from software; and
to systemize the technology into the release process of participating
commercial software vendors. NIST joins: Tripwire; charter members, HP, IBM,
InstallShield Software Corporation and Sun Microsystems Inc; and contributing
member, RSA Security, as a research member to advise on the development,
documentation and implementation of standards for data integrity.
NIST brings extensive standards knowledge and direct experience to the FSDB
initiative through its development of the National Software Reference Library
(NSRL), a repository of known software, file profiles, and file signatures for
use extensively by law enforcement organizations in computer forensics
investigations. Like the NSRL, the FSDB provides an independent reference
source to validate configuration elements and authenticity of software in a
consistent manner across a broad array of application and OS vendors.
Applications of the FSDB solution will yield greater control, security and
availability of IT infrastructure, and will enable a more cost-effective,
proactive means of managing enterprise IT. Additionally, by assuring the
integrity of file data on critical systems, enterprises and Federal agencies
will reduce systems management vulnerabilities and increase business
efficiency.
NIST and the FSDB charter members are currently evaluating how the FSDB and
NSRL can complement each other in the future.
"As a body that promulgates standards for government and commercial
entities,
NIST brings tremendous expertise in bringing independent entities together
around a common set of practices," said Wyatt Starnes, founder, president and
CEO of Tripwire. "This expertise will be of great benefit to the FSDB
initiative as it establishes industry standards for data integrity."
FSDB research members such as NIST are focused on advancing standards and
technology and practice around data integrity standards. Their participation
includes research projects, leading and participating in working committees,
and researching methods and technologies to create a standard method for
assessing the integrity of data.
"The multi-vendor, standardized approach taken by the FSDB initiative is
key
in creating a comprehensive means of establishing and maintaining trust and
confidence in heterogeneous computing environments," said Susan Zevin, acting
director of the Information Technology Lab at NIST. "Commercial computing
vendors, government organizations, businesses and consumers will all benefit
remarkably from these joint efforts."
"The National Institute of Justice, a major sponsor of the NSRL, realizes
effective cyber-security and vulnerability reduction tactics must be baked
into information systems starting at the research and development phase,
whether you're a law enforcement agency protecting our nations' most sensitive
information or an enterprise company hosting critical infrastructures for the
Fortune 50," said Susan Ballou, program manager for forensic science at NIST's
Office of Law Enforcement Standards. "Open standards and vendor coalitions
like the FSDB will help instill a level of trust and integrity in protecting
critical information systems, whether it be for the public or private
sectors."
|