The National Institutes for Standards and Technology is requesting comments on its Draft Special Publication (SP) 800-152, A Profile for U.S. Federal Cryptographic Key Management Systems. SP 800-152 contains requirements for the design, implementation, procurement, installation, configuration, management, operation, and use of Cryptographic Key Management Systems (CKMS) by federal organizations.
CKMS includes the computers, software, modules, communication, and roles assumed by one or more authorized individuals when managing and using cryptographic key management services.
This draft profile specifies topics that should be considered by a CKMS designer when selecting capabilities that a CKMS will have and the cryptographic key management services it will support.
This profile replicates all of the requirements that must be satisfied in a CKMS and its design documentation, and it includes information about installing, configuring, operating and maintaining a federal CKMS.
Comments should be sent to FederalCKMSProfile@nist.gov by March 5, 2014, with “Comments on SP 800-152” on the subject line.
Posted on Jan 09, 2014 at 12:10 PM0 comments
The Food and Drug Administration tapped a Web-based digital scanning service to repair a monthslong backlog of reports submitted to its drug safety database.
The FDA last June notified the public that “unforeseen issues in its data entry operations” had slowed its ability to record reports submitted to the FDA Adverse Event Reporting System (FAERS), a database of dangerous drug interactions and other accidents.
The FDA receives about 900,000 adverse drug event reports annually, of which 90 percent are electronic and 10 percent are submitted on paper.
In order to accelerate data entry, the FDA announced a deal with Captricity, a digital optical character recognition scanning service, to speed its paper-reports processing.
Captricity used both its OCR scanning technology and manual data entry by workers supplied by Amazon Mechanical Turk to digitize the paper reports. Amazon Mechanical Turk is an electronic service that solicits individuals via the Internet for digital freelance work.
Captricity, which is a product of the Code for America Accelerator program, offers a software-as-a-service scanning application that gives customers a high degree of control and choice over what content to extract from a document.
The content is presented in a machine readable format. An application programming interface is also available for use by developers. The company has said its solution is as accurate as manual data entry for the FDA, but eight times cheaper and 50 times faster.
Using the service, the FDA was able to reduce its “backlog to zero” in a matter of weeks, the company’s CEO Kuang Chen told CivSource.
The company has also received authority to operate within the FDA based on FedRAMP moderate security protocols. Captricity’s user data is also stored on Amazon’s FedRAMP compliant clouds.
Posted on Jan 08, 2014 at 11:49 AM0 comments
BlackBerry said it will invest in opening a “security innovation center” in the Washington, D.C., area to serve as “a hub for collaboration with key government customers and other expert partners.”
BlackBerry interim chief executive officer John Chen made the announcement during a talk at the Consumer Electronics Show Government Conference being held in Las Vegas.
Chen said the firm was “committed to working with government and industry experts to solve some of the biggest challenges we face in securing mobile communication.”
The center will be “focused on creating lasting partnerships that will encourage ongoing dialogue aimed at making better products and policy," said Chen, who joined the struggling smartphone maker in November 2013.
“Additional details will be revealed in the coming weeks,” the company said.
BlackBerry used the CES show to also announce it would return to its roots in building keyboard-based phones after experimenting with introducing the BlackBerry 10 touchscreen model last year.
“I personally love the keyboards,” Chen told Bloomberg Television at CES.
Posted on Jan 07, 2014 at 11:09 AM0 comments
Camp Shelby Joint Forces Training Center will host a multi-agency research program designed to drive innovation and reduce costs of government unmanned vehicle technology.
The Open Source Unmanned Remote and Autonomous Vehicle Systems (OS-URAVS) program is a collaborative, public-private program to be based at Camp Shelby and administered in conjunction with the Army, Navy, Air Force, Department of Homeland Security, Defense Acquisition University and private-sector organizations, including the Open Source Software Institute (OSSI).
John Weathersby, executive director of OSSI, said the OS-URAVS program seeks to identify common open-source technologies and practices used within various agencies’ unmanned vehicle programs.
“The goal is to identify and document specific technical, economic and administrative benefits provided by open technology solutions and to share this information with government unmanned vehicle programs, commercial suppliers and open-source development communities,” he said.
As one of the nation's largest military mobilization bases, Camp Shelby maintains exclusive access to nearly 100 square miles of restricted air space and currently operates training and testing facilities for a variety of government agencies and defense contractors. The post is home to the Unmanned Aerial Systems Flight Center.
“The unfettered infrastructure is why we are exploring ways open-source software can be more readily integrated into the development and maintenance of our unmanned systems,” said Col. William “Brad” Smith, commander at the sprawling Mississippi National Guard installation located just south of Hattiesburg, Miss.
OSSI developed the OS-URAVS program as part of the Department of Homeland Security, Science and Technology Directorate's Homeland Open Security Technology (HOST) program. The DHS HOST program was launched in 2007 to identify open-source software solutions that support national cybersecurity objectives. The initial phase of the OS-URAVS program is scheduled to last one year.
Posted on Jan 06, 2014 at 10:33 AM3 comments
Many of the federal government’s older mission-critical systems still run on COBOL, a programming language developed in 1959.
Despite the growing prevalence of modern programming languages such as C++, .NET and Java, the Common Business-Oriented Language is still responsible for more than 70 percent of the world’s business transactions, according to a report in FCW.
But unlike cloud and mobile computing, big data and social media, COBOL has developed a reputation as outdated and “uncool,” said Micro Focus’s Ed Airey, speaking at a recent COBOL Developer Day.
As a result, only about one-quarter of colleges across the country are teaching COBOL in their curriculums, and only 20 percent of those schools require that programming graduates take it.
The coming shortage of COBOL programmers will affect the government’s legacy IT systems and core databases, which suck up approximately 70 percent of the government’s $82 billion IT budget, leaving only 30 percent to spend on innovative technologies.
As agencies look to modernize their IT systems, they must decide whether to replace their COBOL code or repurpose it. This can be an expensive and difficult endeavor — the Defense Department has struggled with it for 15 years. For those reasons, it is likely that systems running COBOL — at least on the back end — are likely to be a mainstay for many more years to come.
Posted on Jan 06, 2014 at 10:26 AM0 comments