Security group benchmarking Solaris

Center for Internet Security

A new collaborative security organization is preparing to release the first in a wave of security benchmarks for commercial products widely used in government, industry and academia.

The Center for Internet Security is a nonprofit organization composed of more than 80 members from government agencies, law enforcement, academia and industry. It plans to provide internationally agreed-upon technical benchmarks and certifications, said Clint Kreitner, chief executive officer of the center.

The organization will release a benchmark for Sun Microsystems Inc.'s Solaris operating system before the end of the year.

Other benchmarking efforts include:

    * The Institute for Security Studies at Dartmouth College is developing a benchmark for the Linux operating system.

    * The National Security Agency will soon come out with an initial benchmark for Microsoft Corp.'s Windows 2000.

The CIS is based on the idea "that only through effective, systematic, collective action do we have any hope" of combating security threats, Kreitner said. "We cannot ignore the common good in the pursuit of self-interest."

Franklin Reeder, chairman of the center, added that "the role of the center will not be to develop tools, but to certify tools."

Whether this certification will be similar to the "Consumer Reports" model or more like the Underwriters Laboratories Inc. model is still under consideration, but the center will partner with and build on work done by organizations such as NSA, the National Institute of Standards and Technology and the Common Vulnerabilities and Exposures project led by Mitre Corp., Kreitner said.

Federal members of the center include NIST, NASA, the Dahlgren Naval Surface Warfare Center, the Defense Department's Computer Emergency Response Team and the Treasury Department's Financial Management Service. Other government participants include the Washington State Department of Health, the Canadian Communications Security Establishment and the Royal Canadian Mounted Police.


  • Elections
    voting security

    'Unprecedented' challenges to safe, secure 2020 vote

    Our election infrastructure is bending under the stress of multiple crises. Administrators say they are doing all they can to ensure it doesn't break.

  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.