|[October 16, 2013]
Covia Labs Awarded FIPS Security Certification from the U.S. Government for Public Safety Communications Interoperability Software
MOUNTAIN VIEW, Calif. --(Business Wire)--
Labs, Inc. today announced that its Connector™ product has
been awarded Federal Information Processing Standard (FIPS) 140-2
certification, a rare security distinction for software that provides
public safety communications interoperability. The certification of the
Covia Connector Cryptographic Module™ covers the security library
of the Covia�Connector's runtime engine, providing full AES
256-bit encryption. It was awarded after an extensive review process by
the National Institute of Standards and Technology (NIST) and comes as
the Federal Government begins the development of FirstNet, the first
ever national broadband communications network for public safety.
Currently in use by Defense Advanced Research Projects Agency (DARPA),
the U.S. Marine Corps and the non-profit research organization, the
Stanford Research Institute (SRI (News - Alert) International), the Covia Connector
is a software platform that merges voice, data and other key Command and
Control functionality found on multiple, diverse devices and equipment
into one, fully integrated system. Regardless of hardware, operating
system or platform, the Covia Connector is optimized as a secure
fast and lightweight addition that is easily ported to any device or
hardware, including servers, routers, PCs, tablets, smartphones, LMR
radios, drones, cameras and even Bluetooth headsets. It provides FIPS
certified encryption of both data in-transit and at-rest without first
responder and defense agencies having to buy expensive hardware.
FIPS 140-2 is a U.S. government security standard used to accredit
cryptographic modules. It assures federal, state, local and tribal
agencies that information shared or accessed via the Covia Connector meets
NIST's stringent security, encryption and compliance guidelines to
prevent malicious cyber intrusions. The standard was developed through
the Cryptographic Module Validation Program (CMVP), which certifies
products for use by U.S. government agencies and regulated industries
that handle sensitive information and data.
Since the Covia Connector creates an independent and encrypted
communications system that is FIPS 140-2 certified, any current or
future third-party or Covia Labs Connected Application™ operating
on the Connector platform will fall under Covia's FIPS 140-2
certification and will not have to receive FIPS certification
independently. All data on these applications, both in-transit and
at-rest, is automatically encrypted and sealed in an
instance-by-instance security enclave. By placing these applications
under the shield of Covia's FIPS 140-2 certificatin, the Covia Connector
will enable public safety Original Equipment Manufacturers (OEMs) and
the military to innovate and update public safety applications,
especially those expected to be developed for the new FirstNet network,
without opening security holes. It also means these agencies will avoid
the lengthy and costly process of certifying each new application or
updates to currently certified applications. In addition to
purpose-built Connected Applications™ running on the platform,
native applications and legacy systems can communicate with services
running inside the Connector to utilize its capabilities.
"Data security and interoperable systems are two of the most significant
issues to tackle as FirstNet begins to lay the groundwork for the first
ever national broadband communications network for public safety," said
David Kahn, CEO of Covia Labs. "One way to ensure systems work together
while maintaining the highest security standards is by requiring FIPS
140-2 certification for the libraries at the core of a platform used by
different OEMs. This platform can help the development of an ecosystem
of applications which automatically inherit the data security,
synchronization, redundancy, resilience, bridging, voice, text picture
and video features of the platform."
In addition to FIPS certified encryption, the Covia Connector
provides the following additional security features:
A cyber sandbox ensuring that Connected Applications perform
only the functions they are authorized based on the security rights of
the device and the security access and current role of the individual
using the device. All applications must be digitally signed by an
authority designated by public safety to run inside the sandbox and
will not run if tampered. This serves as an additional security layer
on top of the FIPS encryption.
An innovative key distribution method that enables the establishment
of a secure perimeter, even when the network is under attack. This
ensures that only the intended devices can join the network and that
their access will terminate at the completion of the incident. It also
enables the remote management of devices, including removing access to
data already stored on the device.
A hardened platform that protects all applications running within its
protected zone, versus the traditional method of setting up separate
security processes for each specific application.
Additional features of the Covia Connector specifically critical
to public safety include:
Push-to-Talk (PTT) voice with 0.3 second latency on Wi-Fi, LTE (News - Alert) and
even 3G cellular networks that support one-to-many. Operates in
conditions when VoIP (or VoLTE) is inoperable due to unreliable
network connectivity or when people are talking over one another. Also
enables the replay of messages.
A "Pipes within Pipes" feature that aggregates the bandwidth of all
networks the device has access to and seamlessly uses the remaining
"pipes" if one network becomes unavailable.
Dynamic Mastering™ that eliminates the need for 100% access to
network servers and allows talk-around when the network based servers
and services are unavailable.
When loaded on an LMR radio, enables that radio and LTE device to
share a single network in a hybrid configuration where the LMR radio
provides talk-around, reliable communication and "Mission Critical
Voice," while the broadband cellular provides "Mission Critical Data."
All information, including voice, is geo-tagged and time stamped for
greater situational awareness, bringing other agencies or new incident
commanders up to date and for after action review.
The validation lists for Cryptographic Standards can be found at: http://csrc.nist.gov/groups/STM/cmvp/validation.html.
About Covia Labs, Inc.
Labs, Inc. is the developer of the only software platform that
enables secure interoperable communications across large deployments of
diverse devices, from smart phones to proprietary police and fire
department radios to weapons systems. Covia's technology enables diverse
entities to work as a united team in order to accomplish a singular
mission. By empowering personnel from different organizations with
real-time information regardless of infrastructure or equipment, first
responders and military personnel can improve operational capabilities
and save lives. The company was named a "Top Performing Technology" at
the U.S. Military's 2010
CWID (Coalition Warrior Interoperability Demonstration) events and
has engaged in contracts with the U.S. Department of Homeland Security
(DHS) and the Defense Advanced Research Projects Agency (DARPA).
[ InfoTech Spotlight's Homepage ]