Enterprise IT Watch Blog

Apr 11 2011   12:44PM GMT

DARPA’s cyber spooks look to power up Android, iPhone security

Michael Morisy Michael Morisy Profile: Michael Morisy

There’s probably no more exciting, imagination-capturing branch of military research than DARPA (Defense Advanced Research Projects Agency). They’ve brought us robo-hummingbird spies, self-driving hummers and, last but not least, the Internet.

So they can be excused for wanting just a little something in return: To be able to use their iPhones and Androids securely. From a recent Request for Information:

The primary purpose of this RFI is to discover new technologies and methods to support full disk and system encryption of the CMDs (specifically Apple and Android platforms) to include a pre-boot environment to load the operating system. The solution must use an AES-256 bit encryption algorithm compliant with FIPS 140-2 as published by the National Institute of Standards and Technology (NIST). In order to meet this objective, DARPA extends an invitation to industry and universities to submit a whitepaper with ideas/concepts that describe an innovative existing technology approach that can be deployed in less than 90 days.

Currently only Blackberries and high-end secured phones are allowed in many DoD environments, meaning Angry Birds is out. It sounds like DARPA is looking for a full-drive encryption bootloader to pick up where the consumer-friendly Droids and iPhones have left off. To be fair, Apple has beefed up its security offerings in recent iterations (with a few nay sayers), but the business need isn’t new. In my time reporting on mobile devices, I’ve heard any number of security schemes to get around security concerns: Everything run as SaaS, with no sensitive local data stored; A specialized encrypted card that held or encrypted and decrypted the data; and a number of virtualized environments that sat (supposedly) securely inside the everything goes-consumer devices.

It will be interesting to see what DARPA picks: Freedom of Information request, anyone?

Michael Morisy is the editorial director for ITKnowledgeExchange. He can be followed on Twitter or you can reach him at Michael@ITKnowledgeExchange.com.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: