U.S. Privacy Protection (USP)
National Public Safety
Initiative
ABOUT USP-I
Phase 1 of the Homeland Security Foundation of America (HSFA) U.S. Privacy Protection Initiative (USP-I) is designed to help combat computer crimes by introducing secure authentication technology into the small to medium-sized business (SMB) market at no cost, eliminating a major source of privacy violations for employees and consumers.
Phishing is a gateway to ID theft and other high-technology crimes. Public attention has been fixed on many high-profile security breaches at federal government agencies, large corporations and universities; however, financial fraud experts say hackers increasingly are targeting small, commercial Web sites and networks.
To address this growing national security and public safety concern, HSFA will provide Nomad Secure Access (SA) client/server software as a community in-kind donation to small businesses nationwide. HSFA plans to certify local IT service providers to offer installation and support at low fixed rates if the end user does not have adequate staff to manage the solution.
THE TECHNOLOGY
USP-I employs Nomad Secure Access (SA), which provides two factored authentication for secured and trusted access. Authentication and secured trading is based on the Public Key Infrastructure (PKI). PKI is defined as a process of components rather than single components. Nomad SA reduces the costs and complexity of administration and support offering an end-to-end solution for secure access management, i.e. - Digital Certificates, Digital Signatures, Certificate Revocation Lists, Encryption and Decryption. Nomad SA removes sensitive corporate data and systems from mainstream access, establishing trust at the user level and not the system level without the need to integrate services with new or existing processes.
Client End-Point Security.
Nomad SA eliminates full network access, meaning it pushes security policies to the Client system eliminating access to the front door of the network. VPN and other two factored solutions require the user to authenticate on a network server and then this server determines access. This is the equivalent of allowing strangers into your home and then telling them which rooms they can go in. The problem is the person is already in the house. By pushing security policies to the Client end-point, access is only granted to those applications or systems defined. All other network access is denied, removing unauthorized access and eliminating potential risks of network attacks.
Removing Public Access
Nomad SA allows public access without systems or services being defined to the public networks. Typically, web access to corporate data must be defined via a web site that is local to the public domain, so the owner must implement a secured means of identification. This is usually performed via a USERID and PASSWORD, a challenge / response, through the use of Digital Certificates or a combination thereof. This means the public has access to the first process in web services. With the combination of PHISHING and SPAM this further increases risks for fraudulent access and identity theft. Nomad SA removes public access for any system or application, especially web services. It ensures that access to network resources are properly managed to help businesses keep their customers’ private information confidential. The Nomad solution combines Client-end point policies with digital identity to eliminate Phishing and deny fraudulent access to network resources.
GETTING
THE JOB DONE RIGHT
ID thieves and fraudsters target home users, small-to-medium businesses, and corporations. Most large corporations have the resources to implement a safeguards and security program for their IT infrastructure; however, many small businesses and some medium-sized businesses do not. Home users must rely on the effectiveness of businesses’ security models to protect their identity. U.S. Privacy Phase II (USP-II) will offer centralized public access to the Nomad software via a secure web-based Public Safety Portal, providing support for home users. Most corporations already have a solution, which leaves small and medium-sized businesses open to attacks – these businesses will be the primary target for USP-I deployment.
HSFA will grant a minimum $10,020 USD community in-kind donation to small and medium-sized businesses in the United States. For example, a small business with 25 employees will be eligible to receive the following in-kind donation:
|
Initial License Fee |
$10,000 USD |
|
User Fee ($20 USD x 25 employees) |
$500 USD |
|
|
Total in-kind donation |
$10,500 USD |
HSFA is committed to delivering this technology at no cost to the end user. We expect that many businesses’ networks will meet the minimum hardware and software requirements and will have support staff capable of installing and utilizing the software. For businesses who do not have these resources available, HSFA will refer them to a local IT services firm who has successfully completed the HSFA Certified Privacy Partner (HCPP) program and committed to providing installation and support services at a low fixed rate. HSFA will provide oversight of these certified partners to ensure compliance to program requirements.
Nomad SA requires a server that meets the following specifications:
- IBM Compatible PC
- Network Adapter
- Microsoft Windows Server
- MY SQL / MS SQL SERVER 2000
- 11 MB Hard Disk Space
- Remote access software
HSFA may partner with a hardware manufacturer to provide equipment as an in-kind donation or at a low fixed price. The equipment supplied will meet the above requirements, but may be demos, off-lease units, etc. Ideally, the equipment should be preconfigured with an image and ready to install into any network as a Member Server. It should be managed by HSFA or a certified firm.
HSFA Certified Privacy Partner (HCPP) Program
HSFA will establish a certification program for IT service providers in each state who wish to participate in USP-I deployment. A formal Request for Proposal (RFP) / selection process will be established to qualify and train the firm and provide the resources needed to perform services on behalf of HSFA. A small registration fee may be required to cover administrative costs, including but not limited to a background check, past performance evaluation, and technical capabilities assessment. Once a HCPP firm is certified, it is eligible to deploy HSFA licensed instances of Nomad SA to small and medium-sized businesses. The HCPP firm’s rate schedule for installation, troubleshooting and repair must be less than fair market value and approved in advance by HSFA. The HCPP firm will be required to submit reports for each case – these reports will be subject to review by HSFA or any oversight committee for compliance.
BENEFITS SUMMARY
Greater security and less crime.
Small and medium-sized businesses are often targets of thieves and fraudsters due to a lack of technical security countermeasures. Increasing their security will result in a significant drop in phishing, ID theft, fraud and other computer crimes. This will reduce the Federal burden associated with investigating and prosecuting criminals. Additionally, by minimizing loss, these businesses will have additional spending capabilities.
Increased consumer confidence and spending.
Releasing millions of dollars of security software into the SMB market will help to stimulate the economy, resulting in a boost in customer confidence and spending; many recipients will need support from HCPP firms – this support will be available from HSFA at a fixed rate and/or may be covered by HSFA funding. This requirement
will result in the creation of technical and administrative jobs nationwide.
Community collaboration.
The success of this public safety initiative increases substantially through partnerships and collaboration between HSFA, recipients, suppliers and government agencies. It also creates an opportunity to disseminate important safety information to the small and medium businesses which represent a significant component of America’s economic future.
HOW YOU CAN HELP
Spread the word about this benefit for small to medium-sized businesses. Interested
businesses should
contact HSFA
directly for details regarding this public safety
initiative.
Access the
Performance Support Office (PSO)
page and review Requests for Information (RFP) / Requests for Proposal (RFP) and
submit a proposal to provide IT services as a HSFA Certified Privacy
Partner.
ABOUT USP-II
Phase 2 of the Homeland Security Foundation of America (HSFA) U.S.
Privacy Protection Initiative (USP-II) offers enterprise support for the general public. HSFA is developing a secure authentication credential provisioning environment for individuals. This self-registration service will allow Americans to create a profile and download their security certificate. HSFA will partner with banks, service providers, insurance companies, etc. and provide a gateway to query credentials for centralized two-part authentication. This application will be developed using the Nomad software as a collaborative community effort. USP-II provides support for the entire nation – BroadRiver Communications has donated a robust and fault tolerant environment in their world class datacenter to support this important public safety initiative.
USP-II Design Document
A snapshot of the preliminary design for USP-II.
 |
|
|