US-Canada Technology Experiment Assesses Secure Wireless Data Communication Enhancements

Secure, handheld messaging platform provides foundation for first responder and emergency personnel coordination in time of crisis

MENLO PARK, California - December 5, 2005 — SRI International today announced the completion of tests that aim to improve the security of wireless data communications among domestic public safety, emergency preparedness, and law enforcement agencies, as well as for use in cross-border situations. The test exercise was commissioned by the U.S. Department of Homeland Security S&T Directorate and its Cyber Security R&D Center (CSRDC). The test was conducted in late October in partnership with Defence R&D Canada (an agency of the Canadian Department of National Defence).

The trial assessed various technologies developed by Voltage Security, CipherTrust, and Research in Motion/RIM. The assessment had the following objectives:

• Demonstrate commercially available encrypted data communications
• Provide cross-border/infrastructure interoperability
• Increase mobile data usability while not adversely affecting performance

The technologies were evaluated under operationally relevant conditions, using repeatable procedures, automated tools, and infrastructure and instrumentation that could be refined and re-used to support future, related activities. During the test, two encryption solutions were examined, a version of the Secure Multipurpose Internet Mail Extensions (S/MIME) for RIM devices, and Voltage Security's Enterprise Privacy Management platform using Identity Based Encryption (IBE), which provides enhancements for S/MIME messaging. A CipherTrust IronMail appliance served as a secure e-mail gateway and provided automated policy enforcement. IronMail also worked with Voltage to ensure that sensitive messages were encrypted before being sent across the Internet. Further testing is scheduled for early 2006 that will examine Entrust's Entelligence Messaging Server (EMS) for S/MIME messaging and Entrust's Entelligence Compliance Server (ECS) for policy management.

"Recent natural disasters emphasize a critical need for secure mobile data communications in cross-agency and cross-border environments. This exercise proves that commercially available, secure mobile communications are available to government agencies," said Douglas Maughan, program manager of the DHS Cyber Security R&D Center. "At both the handheld and infrastructure levels, DHS has invested in technology solutions, applied them at the front lines of emergency response, and demonstrated that they work."

Both the U.S. DHS S&T Directorate and Defence R&D Canada are examining how emergency personnel could use various mobile data-entry devices to transmit content through a secure solution. In addition, the development of remote communication technologies is being considered for areas without the cellular connections required by some wireless devices.

"Public security agencies require the ability to effectively and securely send and receive sensitive data when communicating with partner organizations," said Mazda Salmanian, Leader, Secure Mobile Networking Group at Defence R&D Canada. "The results of this exercise illustrate that successful wireless electronic communications can occur securely across borders, and throughout various federal, state or municipal agencies, all including first responders."

The October exercise followed a U.S.-based test earlier this year. In the recent exercise, both the Voltage IBE solution and Research in Motion's S/MIME solution provided secure communication between the US and Canadian participants. Additionally, tests were undertaken to measure performance and various security features (including encryption, authentication and anti-virus) as well as the provision for messages to be checked for policy compliance.

Exercise participants will discuss the trial, its results, and the benefits of deploying a secure wireless solution for data communications at an interactive roundtable at the InfoSecurity New York conference on December 7 at 4:00 p.m. ET in the Jacob K. Javits convention center.

About SRI International
Silicon Valley-based SRI International (www.sri.com) is one of the world's leading independent research and technology development organizations. Founded as Stanford Research institute in 1946, SRI has been meeting the strategic needs of clients for almost 60 years. The nonprofit research institute performs contract research and development for government agencies, commercial businesses, and private foundations. In addition to conducting contract R&D, SRI licenses its technologies, forms strategic partnerships, and creates spin-off companies.

About the Cyber Security R&D Center
The Department of Homeland Security (DHS) Cyber Security Research and Development (R&D) Center is a government-industry partnership to protect the nation's information infrastructure, the vast majority of which is in the private sector. The Center is the primary vehicle through which the DHS Homeland Security Advanced Research Projects Agency (HSARPA) plans and executes its cyber security R&D programs. The DHS Science and Technology Directorate established the Center in March 2004 to serve as its primary interface with the academic and industrial cyber security research and development communities. SRI International provides technical, managerial, and administrative support for the Center.

About Defence R&D Canada
DRDC is an agency of the Canadian Department of National Defence responding to the scientific and technological needs of the Canadian Forces. Its mission is to ensure that the CF remains scientifically and operationally relevant. The agency is made up of six research centres located across Canada with a corporate office in Ottawa, and employs 1500 people. With a broad scientific program, DRDC actively collaborates with industry, international allies, academia, other government departments and the national security community.