Show & tell

MX3-RFID reads both bar codes and RFID tags,with no external antenna to break off.

The FOSE trade show gives the stage to new technologies for government. GCN previews five that could help your agency.

Products exhibited at the FOSE trade show in Washington this week run the gamut from a new electronic voting system to tools that help systems administrators leverage open-source technology.

There are strongly encrypted flash drives'a hot new technology'and data readers that combine radio frequency identification with bar codes'an old technology with lots of life left in it.

'Bar codes aren't going away,' said Mark Dessommes, marketing director of LXE Inc. of Norcross, Ga., manufacturer of the reader.

GCN was able to preview several of the hundreds of products and technologies appearing at FOSE. A few stand out for their promise in helping government address some of today's highest-profile technology challenges.

E-voting

Electronic voting has disappeared from the headlines since the 2004 elections. But with new elections coming up every year, the issue is certain to heat up again, and Comfidex Corp. of New York hopes to be in the middle of it. The company is unveiling its prototype VoteFiler at FOSE.

VoteFiler is a hybrid system that lets voters create ballots online in advance of an election and cast the paper ballots at the polling place on Election Day.

'This is not all-or-nothing,' said Comfidex president Bill Stratigos. 'Our system is meant to coexist with existing systems.'

Comfidex seeks to avoid security concerns by minimizing VoteFiler's footprint and working with off-the-shelf hardware and software as much as possible.

'We allow a state to put up a Web site using our software,' said John Philpat, technical sales representative.

Voters can visit the Web site after a precinct's ballot has been finalized, make selections and print out a finished ballot. The selections are stored in a database and are tied to a unique bar code on the paper ballot. On Election Day, the bar code on the printed ballot is scanned at the polling place. If the bar code on the paper ballot has not yet been used and matches the data in the database, the ballot is accepted and the digital ballot data is moved to a database. If the ballot is not accepted for any reason, the voter can vote using traditional machines in the polling place. No vote is cast through VoteFiler until the bar code scan is accepted.

When polls close, VoteFiler votes can be tallied from the votes database. In case of a recount, paper ballots are available for optical scanning or manual recount.

There is no Comfidex client software for the voter or at the polling place. The software resides only on the state's Web server and databases.

'It can be any database or Web server,' Philpat said. 'It doesn't matter what they use or what operating system they use.'

Because the bar codes are tied to ballot data, any attempt to tamper with the database will invalidate the ballot at the polling place.

'No one can claim to make a system tamper-proof,' Philpat said. 'But we are tamper evident.'
'We have made a sincere effort to put before the government a product that ad- dresses the problems pointed out in other systems,' Stratigos said.

Mobile security

To protect against tampering with sensitive government information, Kanguru Solutions of Millis, Mass., is offering a USB flash drive encrypted with a 256-bit key using the Advanced Encryption Standard algorithm. The KanguruMicro Drive AES is currently undergoing evaluation for certification under the Federal In-formation Processing Standard 140-2.

FIPS-140-2 validation is required by the Defense Department for devices transporting sensitive information, and Kanguru is undertaking the process to ensure its foothold in the government market, said Nate Cote, vice president of product management.

'It's a pretty painful process,' he said of the FIPS evaluation. 'It is very expensive and it's long.'
Kanguru's nine-to-12-month evaluation began last summer.

The company began working on the encrypted drive more than a year ago and released it in December. It offers from 128M to 4G of memory that can be partitioned into public and private sectors. The private sector appears as a separate encrypted drive when the device is plugged in.

For volume buys, unique identifiers can be burned into the drive and they can be color-coded according to the classification of data they are used with. Kanguru is offering the drives bundled with device control software that can restrict, monitor and audit any kind of flash drive, CD burner, access point or other communication device on a network.

'The custom identifier is very powerful when used with the software,' Cote said. 'Using just one without the other leaves loopholes.'

Agencies using the drive and control software include the CIA, FBI, Air Force, Army and Defense Information Systems Agency, Cote said.

Open-source software

The government also is a major user of open-source tools, said Eric Hines, CEO of Applied Watch Technologies LLC of Algonquin, Ill.

'We have started to see a large rise in use in the federal area,' Hines said. 'We have found the government to be a huge advocate of open source.'

Open-source software is developed communally, without proprietary code, and products often are available free or for minimal fees. One such tool is Snort, an open-source intrusion detection system that has become popular among network administrators, who in the last five years have come to trust its cost-effectiveness, reliability and flexibility. What Snort has lacked is a graphical enterprise interface and a way to centrally manage multiple sensors and easily create new signatures.

Applied Watch Technologies addresses this with its Command Center software, a security information management product for open-source tools. It handles information from Snort, Snort Inline, La Brea Tar Pit, Syslog and Windows event logs. Version 3.0, debuting at FOSE, also supports the Nessus open-source vulnerability as- sessment scanner.

The Command Center includes a graphical user interface management console and a server, either in software or in an appliance that includes the Snort agent. One server can support up to 7,000 agents, Hines said. The average network has only about a dozen agents, and the largest no more than several hundred.

At a starting price of $19,000 for a bundled console and server appliance, the package is less than the cost of many commercial IDS systems.

RFID hardware

Officials charged with managing other types of traffic, such as goods moving in and out of warehouses, have long used bar codes for keeping track of goods and materiel. Radio frequency identification, which can support more automated tracking than scanning bar codes, is gaining traction and attention in logistics management, but it will not replace bar codes, LXE's Dessommes said.

'What you're going to find is a blend' of the two technologies, he said.

To support that blend, LXE has released the MX3-RFID, a handheld reader that supports both bar codes and RFID.

'You can move around different applications without having to change computers,' Dessommes said.

The Defense Department, which is requiring its suppliers to use passive RFID tags on cases and pallets of most goods, is one of the drivers in the industry. RF radiation from a reader excites the tag, which responds by sending out identifying data. Once the data has been received, it is used in much the same way as data from a bar code.

The MX3-RFID features a large screen and a full keyboard. The read range and sensitivity can be adjusted by increasing or decreasing the RF power. It has an enclosed antenna for RFID reading.

'The problem with external antennas is they break off,' Dessommes said. 'The guys view these things as tools, not as computers.'

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above