Ideas for security just keep coming

Technology vendors continue to come up with new ideas for improving network and homeland security technology. At last week's FOSE trade show and conference in Washington, D.C., vendors displayed products for secure Web services and device authentication as well as sensors that detect chemical and toxic materials.

Although Web services create a flexible, plug-and-play architecture in which networked components work collectively, communications among these components open up new risks. For instance, Extensible Markup Language, the standard file format for sharing data in Web services, can be susceptible to attacks that overwhelm the system's processing capabilities or install malicious code in XML-based documents.

Officials at Sarvega Inc., a provider of networking products for XML, unveiled the Guardian Gateway and Guardian Accelerator for XML Security.

Unlike some XML products, the Guardian tools focus on security, said Chris Darby, Sarvega's president and chief executive officer. The products offer digital forensics, operating system lockdown capabilities, and protection from and detection of XML-directed attacks.

Also on the XML security front, Forum Systems Inc. officials demonstrated the capabilities of the XWall Web services firewall. XWall detects and controls XML traffic based on predefined user rules. The product, which can run on a server, an appliance or blade PC technology, can protect against XML viruses, data corruption and denial-of-service attacks.

Agencies that use the language to share information need to examine Web services security, said Terry Wise, Forum Systems' vice president of sales. Securing "XML and Web services [is] the only way e-government will be successful," he said.

Agency officials also want to make sure networked computer systems are trustworthy and fortified against attacks. So, Phoenix Technologies Ltd. launched security software that enables authentication of devices connected to networks.

Phoenix's cME TrustConnector enhances the security of Microsoft Corp. Windows applications using digital certificates for user authentication. Private keys for these applications can be encrypted and stored on the system — without additional hardware — preventing network identity spoofing and attacks.

FOSE continues to be a venue for providers of homeland security applications to highlight their wares. For example, officials at NetBotz Inc., which sells a solution that monitors remotely located computer equipment for excessive temperatures, flooding or theft, announced

a new option that integrates sensors for detecting dangerous chemicals and toxic materials.

These atmospheric sensors, built by RAE Systems Inc., could be used in public places such as subway tunnels and buildings. If the sensors detect a danger, the NetBotz hardware appliance would pass that information to appropriate authorities through a standard IP data network or a cellular wireless network.

Additionally, legal support software specialist Aspen Systems Corp. introduced a new technology that searches audio recordings for specific terms, an approach company officials say can be eight times faster and half the cost of manually transcribing and searching audiotapes.

Aspen will offer the technology to agencies as a secure network-based service called AudioCite. The company developed the technology to assist the Federal Energy Regulatory Commission in its investigation of Enron Corp. and other companies.

AudioCite works by indexing recordings according to their basic phonetic form or compositions. An analyst can then enter a term or she phrase that he wants to find on the recordings.