[Credits] [NIST Update
Archives] [Media
Contacts]
[Subscription Information] [NIST Update Search]
Computer
Security
Thirteen
Is Lucky Number for International Cooperation, Commerce
Thirteen
nations have joined an international computer security agreement
that makes it easier for American companies to sell their products
in other countries.
In
a ceremony on May 23, 2000, Australia, Canada, Finland, France,
Germany, Greece, Italy, the Netherlands, New Zealand, Norway,
Spain, the United Kingdom and the United States signed the Common
Criteria Recognition Arrangement.
The
signing took place at the First International Common Criteria
Conference in Baltimore. About 600 people from 25 countries attended
the historic conference, including representatives of leading
information technology software manufacturers such as Fujitsu,
Hitachi, IBM, Intel, Lucent, Microsoft, Motorola, Network Associates,
Oracle, Symantec and Wang.
The
Common Criteria establishes a common language for specifying security
requirements in IT products and systems and a rigorous testing
approach to evaluate the security features in those products and
systems. Signatory nations recognize the results of security evaluations
conducted by each other’s accredited testing laboratories. This
eliminates the need for costly and time-consuming testing in each
country where a company wants to sell its products. As the agreement
creates a standardized evaluation process across borders, it fosters
a barrier-free, worldwide market for IT security products.
The
Common Criteria became an international standard, ISO/IEC Standard
15408, last year. While private laboratories do the testing of
computer security products, the governments involved accredit
the participating laboratories and certify or validate the resulting
tests. NIST and the National Security Agency jointly manage the
evaluation and validation program in the United States.
More
information about the Common Criteria may be found on the World
Wide Web at http://niap.nist.gov/cc-scheme/index.html.
Media
Contact:
Philip
Bulman, (301) 975-5661
Time
Partners
Ensure That E-Business Is Timely Business
CertifiedTime
Inc., an international provider of audited time-setting services,
has signed a cooperative research and development agreement with
NIST’s Time and
Frequency Division that will have NIST configure, monitor
and certify time servers (computers that provide time signals
via the Internet) housed at CertifiedTime timing centers worldwide.
The
agreement is the first collaborative research project to examine
secure methods of time-data distribution which offer the highest
level of time-setting accuracy across open networks such as the
Internet and across closed networks with Internet access.
CertifiedTime’s
service synchronizes a customer’s transaction server clock or
desktop computer clock to NIST-traceable time through one of several
regional CertifiedTiming Centers. The company’s secure time-setting
and time-data auditing services are designed to meet the most
stringent requirements of e-business audit models.
For
more information, contact CertifiedTime at (408) 371-5300 or go
to the World Wide Web at www.certifiedtime.com.
Media
Contact:
Collier
Smith, (Boulder) (303) 497-3198
Laboratory
Accreditation
Partnership
Proposed to Reduce Duplication
NIST
and the National
Cooperation for Laboratory Accreditation are proposing a partnership
to achieve a broadly recognized laboratory accreditation system,
thereby simplifying the processes for demonstrating that products
comply with United States and foreign requirements.
Laboratory
accreditation is a form of conformity assessment—the set of activities
intended to assure that products, processes or systems comply
with regulations or voluntary standards. It includes procedures
for evaluating the competency of accreditors that assess the proficiency
of testing laboratories. The aim of the proposed NIST-NACLA memorandum
of understanding is “to reduce redundancy and complexity” in methods
for recognizing laboratory accreditors.
In
the United States, there are an estimated 50,000 testing laboratories
and more than 100 laboratory accreditation programs, nearly all
of them in the private sector. Although it has effectively addressed
safety and consumer-protection needs, this decentralized system
is sometimes criticized as inefficient. Many testing laboratories,
for example, undergo multiple accreditation audits to satisfy
various government and industrial programs, even though their
requirements and scopes of accreditation are similar.
NACLA
is a non-profit corporation founded in 1998 to recognize US accrediting
bodies. It is anticipated that accrediting bodies that have been
recognized by NACLA under the provisions of the MOU will be deemed
competent by NIST to support trade agreement activities where
NIST is a designating authority.
Details
of the proposed MOU will be discussed at a public workshop on
June 23, 2000, at NIST’s Gaithersburg, Md., headquarters. Go to
the World Wide Web at www.ts.nist.gov
for information and a copy of the draft MOU. Written comments
about the MOU should be sent to “NACLA Comments,” Office of the
Director, Technology Services, NIST, 100 Bureau Dr., Stop 2000,
Gaithersburg, Md. 20899-2000.
Media
Contact:
Mark
Bello, (301) 975-3776
Microelectronics
New
MEMS Facility Opens in Boulder
NIST
has opened a world-class Micro Electro Mechanical Systems facility
at its Boulder, Colo., laboratory. MEMS research is performed
in a microfabrication cleanroom where mechanical and electronic
components are integrated. Similar facilities are used by industry
to build microchip accelerometers for controlling air bags, gyroscopes
for aerospace applications, and microfluid devices that monitor
and control chemical reactions.
NIST
will use its facility to improve metrology at the microscale and
nanoscale levels. For example, in principle it will be possible
to measure magnetic forces at the level of 10-18
Newtons (2 x 10-16 pounds) with
MEMS magnetometers. This is equivalent to the force it takes to
flip a single proton magnetic spin.
One
goal of this project is to develop imaging technologies to examine
nanometer-scale magnetic phenomenon. This project also will integrate
tiny thin-film devices into MEMS magnetometers that can measure
very small magnetic moments and then can be discarded. Such devices
are desired by the data storage industry for deposition and process
monitoring. John Moreland, one of the principal MEMS researchers,
says that this is “a whole new way of looking at small individual
magnetic particles.”
Other
applications include developing thermal-isolation thin-film membranes
for X-ray and infrared detectors and ultrasensitive microcalorimeters.
In addition, NIST plans to use the MEMS facility to fabricate
microstructures to electromagnetically trap ions. By using precisely
etched silicon planes for electrodes, some unwanted heating effects
in present traps may be eliminated.
For
more information about the MEMS facility, contact James
Beall, (303) 497-5989.
Media
Contact:
Fred
McGehan, (Boulder) (303) 497-3246
Computers
New
Standard to Help Advance Parallel Computing
NIST
has spearheaded a significant advance in parallel computing technology
by coordinating work on a new standard that allows people to use
computers produced by different manufacturers in a single network.
Parallel
processing is a way to break up a computing problem into pieces
that various processors—the brains of computing systems—can work
on simultaneously. This approach produces phenomenal problem-solving
speeds, allowing people to make calculations in a single week
that previously would have taken a year. Scientists and engineers
who require extremely complex calculations are the primary users
of parallel computing.
The
technology got a significant boost in the early 1990s when industry
adopted a standard Message Passing Interface. MPI allows people
to harness the power of more than one machine to work on a single
calculation. The adoption of MPI led to significant advances,
but users typically had to limit their parallel processing to
machines produced by a single manufacturer.
The
new standard, called the Interoperable Message Passing Interface,
allows researchers to create networks of machines made by many
different manufacturers. Additionally, NIST has developed software
that allows manufacturers and software vendors to test their products
to assure that they comply with the IMPI standard. The test software
program can be run over the Internet.
More
than a dozen leading companies and research institutes contributed
to the development of the new parallel processing standard.
A
draft of the IMPI standard is available on the World Wide Web
at http://impi.nist.gov/IMPI/.
Media
Contact:
Philip
Bulman, (301)
975-5661
Standards
Agreement
Streamlines Telecommunications Product Approvals
Certifying
new telecommunications equipment as compliant with federal and
foreign requirements to prevent radio-wave interference should
be cheaper and faster because of a precedent-setting arrangement
involving NIST, the Federal
Communications Commission, and the American National Standards
Institute.
NIST
is recognizing ANSI as a qualified accreditor of product certifiers
that approve radio transmitters, telephone hand sets, and other
radio-frequency and telephone-terminal equipment after testing
to determine whether they satisfy FCC regulatory standards. Currently,
13 US product certifiers are accredited by ANSI for this role.
Starting
June 5, 2000, these organizations—designated as Telecommunication
Certification Bodies (or TCBs)—will be able to compete for business
generated by the approximately 6,000 applications for product
approvals that FCC now receives annually.
To
help streamline its approval process and to prevent delays that
can slow the introduction of new products in fast-changing markets,
the FCC established the TCB program. It asked NIST to accredit
TCBs or to recognize an accreditor of these product certifiers.
Rather
than set up a new program for accrediting certification bodies,
NIST chose to rely on the existing infrastructure in the private
sector. It prescribed procedures and performance standards for
recognizing organizations that accredit certification bodies offering
services for telecommunications equipment. NIST then conditionally
delegated to ANSI the authority for accrediting TCBs. Final authority
required formal review by NIST, which has now occurred.
For
more information, contact Joe
Dhillon, NIST, (301) 975-5521; Hugh
Van Tuyl, FCC, (202) 418-7506; Stacy
Leistner, ANSI, (212) 642-4931.
Media
Contact:
Mark
Bello, (301)
975-3776