PGP Security's NAI Labs Partner With National Security Agency to Develop Secure Linux

Contract Will Ensure Secure Open Source Operating System for Business Critical

Internet Infrastructures

Apr 09, 2001, 01:00 ET from Network Associates Inc.

    SANTA CLARA, Calif., April 9 /PRNewswire/ -- NAI Labs, a division of
 PGP Security, a Network Associates, Inc. (Nasdaq:   NETA) company, today
 announced they are joining with the National Security Agency (NSA) and its
 other partners to further develop the NSA's Security-Enhanced Linux (SELinux)
 prototype.  The $1.2 million will be paid over the life of the two-year
 contract, and the work will focus on research and development to improve the
 security of open-source operating system platforms, the core of Internet
 infrastructures that have become business critical in today's economy.
     The work will reduce the threat of security breaches caused by flawed or
 even malicious applications.  The contract builds upon NSA's prior work in
 developing a set of new security controls for the Linux kernel and NAI Labs'
 prior work in developing an example security policy configuration for these
 controls and several additional kernel controls.
      "NAI Labs continues to work with the government to ensure secure Internet
 infrastructure.  The President's National Coordinator for Security and the
 President's Information Technology Advisory Committee have called for
 increasing the federal government's role as both a user and contributor of
 open source software," said Terry Benzel, Vice President, Advanced Security
 Research and Director of NAI Labs.  "Open source platforms provide the basis
 for developing online communication and business strategies, and our work
 ensures that the building blocks are secure."
     Operating systems provide the foundation for system security, yet
 mainstream operating systems lack critical security features needed to enforce
 security policies.  NSA and NAI Labs have recognized the need to improve the
 security of operating systems.  Linux was chosen by the NSA because its
 growing success and open development environment provided an opportunity to
 demonstrate that the security functionality added by SELinux can be successful
 in a mainstream operating system.  NAI Labs will work with the NSA and its
 other partners to develop additional security controls, configure the security
 policy and represent the security enhancements to the Linux community.
 SELinux includes security enhancements to the operating system that can
 enforce the separation of information based on the confidentiality and
 integrity requirements.
     The security mechanisms of SELinux provide flexible support that allows
 customization for a wide range of security policies in order to meet various
 security requirements.  Support for security policies is required in order to
 protect data on end systems; however, needs are different for every company
 and every industry.  Flexible support for policies is required, since an
 organization must be able to tailor the policy to meet its particular security
 requirements and threat environment.  NAI Labs' and NSA's efforts will improve
 the security of open source operating systems so that they can be effectively
 applied to protect corporate data.
     NAI Labs is an industry leading security research organization with
 100 dedicated researchers in four research facilities throughout the
 United States and is a founding member of the Security Research Alliance.
 NAI Labs is a multi-discipline research organization with world-renowned
 expertise in the areas of network security, applied cryptographic
 technologies, secure execution environments, security infrastructure, adaptive
 network defenses, distributed systems security, and information assurance.  In
 addition to its prominent role in the security research community, all
 unclassified network and cryptographic research is shared with Network
 Associates' product development and support organizations to enable superior
 solutions for Network Associates customers.
     PGP Security, a Network Associates company, is a worldwide leader in
 products and services focusing on solving privacy and data confidentiality
 issues, and has a strong history of setting security industry standards.
 PGP Security's breadth of security products, including firewall, encryption,
 intrusion detection, risk assessment and VPN technologies, address the full
 range of security and privacy issues, anywhere information is transmitted or
 stored.  PGP Security's products secure over seven million users and include
 several of the industry's well-known security brands, including Gauntlet
 Firewall and VPN, PGP Data Security, CyberCop Scanner, and PGP e-ppliances.
 PGP Security's COVERT research team identifies and works to resolve serious
 vulnerabilities before attackers are able to exploit them.  The findings are
 incorporated into the product offerings, ensuring protection from the latest
 vulnerabilities.  For more information and software evaluations, visit .
     About Network Associates
     With headquarters in Santa Clara, Calif., Network Associates, Inc. is a
 leading supplier of security and availability solutions for e-businesses.
 Network Associates is comprised of four business units:  McAfee, delivering
 world class anti-virus products; PGP Security, providing firewall, intrusion
 detection and encryption products; Sniffer Technologies, a leader in network
 and application management; and Magic Solutions, providing web-based service
 desk solutions.  For more information, Network Associates can be reached at
 972-308-9960 or on the Internet at .
     NOTE:  Network Associates, PGP, McAfee, Sniffer, Magic Solutions,
 Gauntlet, CyberCop and CyberCop Scanner are registered trademarks of
 Network Associates, Inc. and/or its affiliates in the U.S. and/or other
 countries.  All other registered and unregistered trademarks in this document
 are the sole property of their respective owners.

SOURCE Network Associates Inc.