Walker, TIS create encryption stronghold
- By Heather Harreld
- May 25, 1997
Stephen Walker president and chief executive officer of Trusted Information Systems Inc. (TIS) likes to compare the raging battle over encryption export controls to the Berlin Wall: No one thought it would ever come down but suddenly it was rubble.
In a recent interview Walker said the Clinton administration's 1996 announcement which allowed information technology security companies to export encryption products if they incorporated key-recovery technology into those products marked a "fundamental change" in the market. Export controls prohibited mass-market software companies from accessing international markets. Therefore many did not incorporate strong encryption into any of their products he said.
Now TIS which has its roots in the federal government market has expanded its firewall and network-security product offerings to include key-recovery technology allowing the company to export strong encryption products.
Walker said this worldwide availability of strong encryption is the only way for IT security to flourish in the federal government and elsewhere.
"Until we can get the ability to export encryption throughout the world in a way that doesn't hurt law enforcement we're not going to have network security " he said. "Until encryption is generally available people will not think of their networks as safe and they won't use [them] for serious business. The work we have pioneered in key recovery is helping to find a balance. It's got to get to the place [that] when you say `Save a file ' it will be encrypted and when you say `Open it ' the file will be decrypted."
TIS is moving quickly to establish itself as a dominant player in the key-recovery market and it is not wasting any time taking advantage of the administration's new export policy.
In January TIS was in one of the first groups of companies to receive permission to export 56-bit encryption products and was the first company to qualify for worldwide export of key-recovery products.
It is not surprising with Walker's more than 20 years of federal government work in computer security that he is forging ahead in this new market. At 17 as a college student Walker took a cooperative job at the National Security Agency. He ended up working for the top-secret surveillance agency for eight years before moving to the Defense Advanced Research Projects Agency where he was tapped to run the information security program. In 1978 he went to work in the Office of the Secretary of Defense at the Pentagon. He performed pioneering work on the DOD Computer Security Initiative and he played a role in establishing the National Computer Security Center and the Defense Data Network.
Due in part to his disgust with the long commute from his Glenwood Md. home to the Pentagon Walker left the government in 1983 and launched TIS from his home.
"It's been an interesting odyssey " he said. "I worked at NSA which is a huge bureaucracy. Then I worked at DARPA which is a tiny bureaucracy. Then I went to the Pentagon the world's largest bureaucracy."
When he first launched TIS he worked mostly as a consultant for the design of trusted operating systems and then on military research projects. In 1983 the Gauntlet firewall was born when he posted an Internet firewall toolkit for free downloading at DARPA's Web site. Soon demand was so great - especially from federal agencies - that Walker launched Gauntlet as a commercial product.
TIS' federal customers include NSA the National Institute of Standards and Technology the Navy's Command Control and Ocean Surveillance Center the U.S. Atlantic Command and the U.S. Pacific Command. TIS recently signed a federal reseller agreement with BTG Inc. for the fourth generation of Gauntlet.
TIS has grown into a company employing 300 people but Walker has never lost his distaste for commuting. The company's headquarters is nestled right next door to Walker's 19th-century farmhouse among the rolling hills and farmland of Glenwood. Walker likes to quip that it takes him less time to walk to work than it would if he drove.
Because of his long-standing involvement with computer security Walker has had a unique vantage point from which to observe the government grappling with the issue. He said the only people who were concerned with computer security in the 1970s and 1980s were primarily those who were working in intelligence or on military projects.
Back in those days Walker said computer specialists could not trust the computers to admit access to top-secret information only to those authorized to see it. With that problem pretty much solved information security experts have turned their attention toward protecting data from unauthorized users within the organization.
"Now that people have the ability to run these enclaves in a secure manner people are now saying `What about the inside threat?' " he said. "Still it's neat to see that people care. If you were a program manager in the early days and there was a [security] problem that was impossible to solve you didn't bring it up. We finally got to a place where people own up to it."
In addition to its growing key-recovery market TIS' bottom line is being fueled by new federal government research grants to explore the next generation of security products. TIS is looking at ways to extend the functionality of firewalls inward so that internal working groups can have access to information specific to their work but not to data belonging to other workgroups. Eventually firewall functionality will reside in individual workstations and laptops Walker said.