Groove Software Obtains Key Government Security Validations.

Business Editors/High-Tech Writers

BEVERLY, Mass.--(BUSINESS WIRE)--Oct. 1, 2003

Organizations With FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. , NIAP See Common Criteria. or DCTS DCTS Defense Collaboration Tool Suite
DCTS Dimension Custom Telephone Service
DCTS Delaware County Technical Schools (Pennsylvania)
DCTS Defense Collaborative Tool Set (distributed mission planning) Requirements

Can Immediately Deploy Groove Workspace

for Secure Collaboration & Information Sharing Needs

Groove Networks Inc., a leading provider of desktop collaboration software, today announced that the encryption technology used by Groove Cryptographic Services (GrooveMisc.dll 2.5.0.1774; cryptopp.dll 5.0.4.0) has been certified to meet two important government security standards. As a result, Groove solutions now can be deployed more broadly to government and commercial organizations that require compliance with the most recent FIPS and NIAP security specifications.

The two security standards that Groove software encryption technology meets are: FIPS 140-2 level 1 (together with supporting FIPS-approved algorithms), as defined by the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ), and the Common Criteria for Information Technology Security Evaluation at Evaluation Assurance Level The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. 2 augmented with security policy model (EAL EAL English as an Additional Language
EAL Evaluation Assurance Level
EAL Eastern Airlines
EAL Emergency Action Level
EAL Environmental Analysis Laboratory
EAL Evidence Analysis Library (American Dietetic Association) 2+), as implemented by the National Information Assurance Partnership (NIAP). Earlier this year Groove Workspace obtained the first Department of Defense (DoD) certification for interoperability with version 2.0 of the Defense Collaboration Tool Suite Defense Collaboration Tool Suite (DCTS) is a flexible, integrated set of applications providing interoperable, synchronous, and asynchronous collaboration capability to agencies of the United States Department of Defense, Combatant Commands, and military services. (DCTS).

"Ensuring that commercial collaboration tools have proper and thorough compliance with security policies and specifications is essential for organizations evaluating solutions that enable sharing of sensitive information -- especially when such sharing occurs across organizational boundaries or within highly mobile environments, " said Mike Gotta, senior vice president & principal analyst with META Group, an industry analyst firm.

"Today's announcement culminates an eighteen-month effort on our part to ensure we 'walk the talk' when we claim that Groove Workspace meets military-grade security standards," said Chuck Teubner, president and COO, Groove Networks.

"We are committed to protecting the confidentiality and integrity of our customers' communications, data and intellectual capital," Teubner added. "Groove Workspace is now one of the first commercial products to be evaluated and validated by these two rigorous methodologies supported by NIST and the National Security Agency. These certifications will help us accelerate sales opportunities within organizations that have established compliance as purchasing requirements, and ultimately Groove will accelerate decision-making within these organizations by allowing more effective and secure cross-agency collaboration."

FIPS

NIST, an agency of the Commerce Department's Technology Administration, defined the Federal Information Processing Standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. 140-1 (FIPS 140-1) and its successor, FIPS 140-2, as U.S. government standards that provide a benchmark for implementing cryptographic software. FIPS 140-2 specifies the security requirements that must be met by cryptographic modules within security systems that protect "sensitive but unclassified The introduction to this article provides insufficient context for those unfamiliar with the subject matter.
Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. " information. The standards specify best practices for implementing crypto algorithms, handling key material and data buffers, and working with the operating system.

Entrust CygnaCom, a NIST-accredited Cryptographic Module Testing (CMT CMT Certified Medical Transcriptionist.

CMT
abbr.
Certified Medical Transcriptionist

CMT

California mastitis test. ) laboratory, carried out the evaluation process of Crypto++, the open source cryptographic module used by Groove Workspace. NIST's approval of Entrust CygnaCom's findings certifies that Crypto++ meets the FIPS 140-2 security requirements. More information about Groove Networks' FIPS 140-2 validation is available at http://csrc.nist.gov/cryptval/140-1/1401val2003.htm#343.

NIAP

Originated in 1997, NIAP is a joint effort between NIST and the National Security Agency (NSA NSA
abbr.
National Security Agency

Noun 1. NSA - the United States cryptologic organization that coordinates and directs highly specialized activities to protect United States information systems and to produce foreign ). The partnership combines the extensive security experience of both agencies to promote the commercial development of security requirements for IT products and systems, and the metrics for evaluating them. NIAP's basis for evaluation, the Common Criteria, provides an internationally recognized basis for specifying and testing a wide range of security technology, from components to products and systems.

Entrust CygnaCom completed the NIAP evaluation of the cryptographic functionality and services contained within Groove Workspace, Groove Enterprise Management Server, Groove Enterprise Relay Server, and Groove Enterprise Integration Server. Based on Entrust CygnaCom's findings, NIAP has certified that Groove cryptographic software meets the Common Criteria for Evaluation Assurance Level 2 augmented (EAL2+).

Products that are validated as conforming to the provisions of NIAP's Common Criteria Evaluation and Validation Scheme are registered by an entry in NIAP's validated products list at http://niap.nist.gov/cc-scheme/ST_VID VID Video
VID Vide (Latin: See)
VID Vendor Id (USB PnP ID)
VID Visual InterDev (Microsoft development environment)
VID VLAN Identifier (IEEE 802. 3010.html.

DCTS

DCTS evolved from a 1999 congressional mandate to the U.S. defense and intelligence communities to address the lack of interoperability among their collaboration tools. The mandate: Develop a strategy for implementing collaboration tools throughout the DoD, and validate a prioritized list of functional requirements for DoD collaboration tools. In June of 2003, the Defense Information Systems Agency (DISA 1. (body) DISA - Defense Information Systems Agency.
2. (standard) DISA - Data Interchange Standards Association. ) Joint Interoperability Test Command The Joint Interoperability Test Command (JITC) is a United States military organization that tests technology that pertains to multiple branches of the armed services and government. There is a facility in Fort Huachuca, Arizona and in Indian Head, Maryland. (JITC JITC Joint Interoperability Test Command (formerly Joint Interoperability Test Center)
JITC Joint Interoperability Test Center (obsolete; now Joint Interoperability Test Command) ) issued a report stating that Groove Workspace v2.5 "satisfies all collaboration interoperability requirements as a collaboration enhancement to the DCTS and is certified for joint use." If you're interested in receiving a copy of the Groove Workspace collaboration interoperability report, please send an email to sales@groove.net.

About Groove Software

Groove software's unique decentralized de·cen·tral·ize
v. de·cen·tral·ized, de·cen·tral·iz·ing, de·cen·tral·iz·es

v.tr.
1. To distribute the administrative functions or powers of (a central authority) among several local authorities. architecture provides an agile, secure and extensible collaboration infrastructure to support inter-agency decision-making. Information shared within Groove shared spaces is encrypted, both 'over the wire' and on the user's hard drive. The software, which is used by more than 40 government organizations, provides secure communication across insecure networks, is self-synchronizing, supports mobile use and a "web of trust" user authentication model that is flexible enough to meet existing organizational policies. It also isn't vulnerable to attack, since the software doesn't have a single point of failure.

About Groove Networks

Founded in October 1997 and headquartered in Beverly, Mass., Groove Networks Inc. provides desktop workspace software, powered by mobile collaboration services, to provide people a better way of working together online. Groove software helps organizations, large and small, save money, time and eliminate travel by offering both a desktop application for instant teamwork, and a set of customizable, open services for adding collaboration benefits to existing solutions. For more information about Groove Networks, visit http://www.groove.net.

Groove Networks and Groove are registered trademarks of Groove Networks Inc. All other trademarks are owned by their respective companies.

COPYRIGHT 2003 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Geographic Code:	1USA
Date:	Oct 1, 2003
Words:	965
Previous Article:	GoAhead Expands into APAC; Man Technology Signs as South Korean Distributor.
Next Article:	Agilent Technologies Announces Industry's Most Comprehensive Service Management Software for Integrated and Correlated View of Wireless Services.
Topics:	Computer software industry Software industry

Related Articles
Groove Networks Partner Program Grows To More Than 200 Members In Less Than Six Months; BAE SYSTEMS, Quidnunc and Viant Sign as Select Partners.
NIST CONTRIBUTES TO NEW ANSI STANDARD FOR FINANCIAL SERVICES INDUSTRY.(Brief Article)
ESI ANNOUNCES E-GOVERNMENT APP THAT DETERMINES, CALCULATES AND EXPLAINS ELIGIBILITY FOR GOVERNMENT BENEFITS.(Expert Solutions International's...
Groove Networks ships `production ready' add-in toolkit for Microsoft Visual Studio .NET.(Brief Article)
Groove workspace software obtains first defense collaboration tool suite v2.0 interoperability certification.
Groove Networks Announces Role in Newly Announced Homeland Security Information Network; Groove Software is Core Component of HSIN; Demo at Homeland...
Groove Networks Addresses the Changing Nature of Government Work With Next Generation of its Secure Inter-Agency PC Software.
Groove Networks Launches Next-Generation Product; Secure ''Virtual Office'' Software Addresses the Changing Nature of Work.
Groove Networks Software Meets Security Requirements of New Dept. of Defense Directive on Use of Wireless Networks.
Common Criteria: a prime factor in information security for the DoD.(INFORMATION TECHNOLOGY)