Cyberdefense students rely on PKI

Students and alumni of the Defense Department's school to train investigators in computer crime techniques are using public-key infrastructure technology to communicate via a protected Web site.

The Defense Computer Investigations Training Program in Linthicum, Md., started handing out digital certificates to its students three weeks ago, said Greg Redfern, the program's director.

More than 1,300 DOD, federal, state and local law enforcement officials took DCITP's course during the past 18 months. The program's basic course enables students to conduct forensic investigations on computers by dissecting them for data and clues.

Students download a one-time activation file onto a floppy disk that they can use to obtain their digital certificates online. A certificate is also stored on the disk and contains a public and private key pair for each user.

Once on the site, users can chat with fellow students and graduates of the program, learn about course updates and engage in threaded discussions. All data on the site is sensitive but at the unclassified level, Redfern said.

Users can connect to the Web site from any Internet address. Access is a key issue because some state and local law enforcement officials participate in DCITP, and some users will connect from home.

"We're ahead of DOD" in using PKI technology, Redfern said. "They sent training and reviewed our network topology."

The site was tested for security vulnerabilities by having a "black hat" team of hackers from Computer Sciences Corp. battle DCITP's "white hat" protectors.

Featured

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

  • Defense
    laptop cloud concept (Andrey Suslov/Shutterstock.com)

    Telework, BYOD and DEOS

    Telework made the idea of bringing your own device a top priority as the Defense Information Systems Agency begins transitioning to a permanent version of the commercial virtual remote environment.

Stay Connected