Micronyx UK Ltd, the British subsidary of the American application engineering and design firm, has received the first government-endorsed stamp of approval for security systems. In a response to the on-going issue of computer data security, the UK Communications Electronic Security Group, which is the National Technical Authority for Computer Security, and a government body, has introduced a certification scheme to try to provide industry standards. CLEF, which stands for Licensed Evaluation Facilities, evaluates computer security products according to criteria laid down in the Red Book – which is based on the security requirements of government systems. If products pass the test, as Micronyx’s hardware-based TriSpan did, they are awarded a certificate according the level of security that they provide. TriSpan has been awarded a UKL1 which certifies its use in general government environments, a UKL2 would approve them to protect classified information. Later this year the CLEF scheme will merge with the Department of Trade & Industry’s Commercial Computer Security Centre scheme, to cover commercial as well as government systems. Eftpos UK’s systems security manager described the certification scheme as a boon to the industry, saying it enabled those involved in data protection to look to products which have already been tested and whose overheads are known, cutting the costs to a company of implementing a system and perhaps persuading firms actually to shell out for a system. TriSpan is for stand-alone or networked MS-DOS computing systems. There are three levels of security built-in to the system. The first, called Access, is via passwords and a personalised electronic token. Ownership or file protection forms a second layer by individually encrypting files, so they are protected at all times and lastly there is Audit Recording, so that attempted unauthorised accessing of files can be traced. The price of a system is UKP700.
