Linux thin client software certified “Secret”
Jul 14, 2008 — by Eric Brown — from the LinuxDevices Archive — 33 viewsTrusted Computer Solutions (TCS) has announced Secret and Below Interoperability (SABI) level certification for its Linux-based, thin-client access software. With the SABI rating, the cross-domain SecureOffice Trusted Thin Client (STTC) software now enables easy transfer between classified and “unclassified but sensitive” domains, says TCS.
Formerly called NetTop2, STTC is based on the company's SecureOffice Suite, which runs Red Hat Enterprise Linux (RHEL) version 5 or Solaris, and comes in versions for thin clients and workstations. The software offers simultaneous, secure access to different government and military domains at varying classification levels from a single desktop, says the company. It is said to provide government workers with secure access to multiple networks, servers, and security levels, and enable intelligence workers to replace multiple PCs with single thin clients.
SecureOffice Suite platform
(Click to enlarge)
STTC is said to work on any Linux-ready thin client hardware, but is generally bundled with Wyse and Neoware thin clients. Based on technology licensed from the NSA (National Security Agency), which worked with TCS under a CRADA (cooperative research and development agreement), the SecureOffice Suite places authentication and security protection “at the edge” of the network, rather than on individual desktops, reducing infrastructure complexity, says TCS.
With the new SABI certification, STTC can provide access from the Secret Internet Protocol Router Network (SIPRNet) to the Unclassified but Sensitive Internet Protocol Router Network (NIPRNet) from a single desktop, says TCS. The company claims that STTC is “the first cross-domain solution on Linux to be certified and accredited at the SABI level,” and the first thin-client desktop software to be certified for communicating between a classified and an unclassified network.
SecureOffice Trusted Thin Client architecture
(Click to enlarge)
TCS credits the United States Coast Guard (USCG) for taking the RHEL-based STTC through the SABI certification process, running the system on an IBM System x server. The Coast Guard previously was instrumental in getting STTC's government accreditations for SIPRNET and Top Secret and Below Interoperability (TSABI), in late 2006.
In addition to selling thin-client and workstation versions of SecureOffice Suite, TCS offers a SecureOffice WebShield package that is said to permit authorized users on a classified network to browse select web servers on a lower-classified domain, while also providing a PL-4 (POS-PHY Level 4)-compliant “boundary device” to prevent access from lower-level to higher-level networks. The company also sells the SecureOffice Trusted Gateway for enabling secure transfers to and from different classified domains.
Stated Ed Hammersla, COO at TCS, “To our knowledge, there is no other cross domain solution running on Linux that is SABI certified and can be used in this environment today. There is generally more risk involved in the SABI scenario than in the TSABI environment, so the certification and accreditation process is understandably more rigorous and lengthy.”
Availability
The SABI-certified SecureOffice Trusted Thin Client (STTC) is available now, at an undisclosed price, says TCS.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.