Lightweight Portable Security
Encyclopedia
Lightweight Portable Security (LPS) is a Linux
LiveCD developed and publicly distributed by the United States Department of Defense
’s Software Protection Initiative that is designed to serve as a Secure End Node
. It can run on on almost any Intel-based computer (PC or Mac). LPS boots only in RAM
, creating a pristine, non-persistent, end node. It is capable using Common Access Card
(CAC) software for authentication into DoD networks.
LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer hard drive. As of September 2011 (version 1.2.5), the LPS public distribution includes a smart card-enabled Firefox browser supporting DoD's CAC and Personal Identity Verification
(PIV) cards, a PDF and text viewer, Java, a file browser, remote desktop
software (Citrix, Microsoft or VMware View), an SSH
client, the public edition of Encryption Wizard and the ability to use USB flash drives. A Public Deluxe version is available that adds OpenOffice and Adobe Reader software.
information (FOUO, Privacy Act, CUI
, etc.). Written in the Java
, EW encrypts all file types for data-at-rest and data-in-transit protection. Without installation or elevated privileges, EW runs on Windows, Mac, Linux, Solaris, and other computers that support the Java software platform. With a simple drag and drop interface, EW offers 128-bit AES
encryption, SHA-256 hashing, RSA signatures, searchable metadata
, archives, compression, secure deleting, and PKI/CAC/PIV support. Encryption can be keyed from a passphrase
or a PKI
certificate. EW is GOTS—U.S. Government invented, owned, and supported software—and comes in two versions, a public version that uses the standard Java cryptographic library and a government-only version that uses a FIPS-140-2 certified crypto stack licensed from RSA Security
. The two versions interoperate.
This article incorporates text from the US Department of Defense SPI web site.
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
LiveCD developed and publicly distributed by the United States Department of Defense
United States Department of Defense
The United States Department of Defense is the U.S...
’s Software Protection Initiative that is designed to serve as a Secure End Node
Secure End Node (network)
A Secure End Node is a trusted, individual computer that temporarily becomes part of a trusted, sensitive, well-managed network. The remote, private, and secure network might be organization's in-house network or a cloud service. A Secure End Node solves/mitigates End Node Problem...
. It can run on on almost any Intel-based computer (PC or Mac). LPS boots only in RAM
Ram
-Animals:*Ram, an uncastrated male sheep*Ram cichlid, a species of freshwater fish endemic to Colombia and Venezuela-Military:*Battering ram*Ramming, a military tactic in which one vehicle runs into another...
, creating a pristine, non-persistent, end node. It is capable using Common Access Card
Common Access Card
The Common Access Card is a United States Department of Defense smart card issued as standard identification for active-duty military personnel, reserve personnel, civilian employees, other non-DoD government employees, state employees of the National Guard, and eligible contractor personnel.The...
(CAC) software for authentication into DoD networks.
LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer hard drive. As of September 2011 (version 1.2.5), the LPS public distribution includes a smart card-enabled Firefox browser supporting DoD's CAC and Personal Identity Verification
FIPS 201
FIPS 201 is a United States federal government standard that specifies Personal Identity Verification requirements for Federal employees and contractors....
(PIV) cards, a PDF and text viewer, Java, a file browser, remote desktop
Remote Desktop
Remote Desktop may refer to:* Remote desktop software** Apple Remote Desktop** Remote Desktop Services** Remote Desktop Protocol* Desktop sharing...
software (Citrix, Microsoft or VMware View), an SSH
SSH
- In science and technology :* Saffir–Simpson Hurricane Scale* Sea surface height, the topography of the ocean surface* Secure Shell, a network protocol for remote administration of Unix computers* Social sciences and humanities, a broad field of research...
client, the public edition of Encryption Wizard and the ability to use USB flash drives. A Public Deluxe version is available that adds OpenOffice and Adobe Reader software.
Encryption Wizard
LPS comes with Encryption Wizard (EW), a simple, strong file and folder encryptor for protection of sensitive but unclassifiedSensitive but unclassified
Sensitive But Unclassified is a designation of information in the United States federal government that, though unclassified, often requires strict controls over its distribution...
information (FOUO, Privacy Act, CUI
Controlled Unclassified Information
Controlled Unclassified Information is a new category of unclassified categories issued in a directive on May 9, 2008, by President George W. Bush...
, etc.). Written in the Java
Java (programming language)
Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities...
, EW encrypts all file types for data-at-rest and data-in-transit protection. Without installation or elevated privileges, EW runs on Windows, Mac, Linux, Solaris, and other computers that support the Java software platform. With a simple drag and drop interface, EW offers 128-bit AES
AES
AES may refer to:Standards, systems, and methods* Application Environment Services, a component of Digital Research's GEM windowing system* The Advanced Encryption Standard...
encryption, SHA-256 hashing, RSA signatures, searchable metadata
Metadata
The term metadata is an ambiguous term which is used for two fundamentally different concepts . Although the expression "data about data" is often used, it does not apply to both in the same way. Structural metadata, the design and specification of data structures, cannot be about data, because at...
, archives, compression, secure deleting, and PKI/CAC/PIV support. Encryption can be keyed from a passphrase
Passphrase
A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security. Passphrases are often used to control both access to, and operation of, cryptographic programs...
or a PKI
PKI
PKI can refer to any of several things:* Kings Island, an amusement park formerly known as Paramount's Kings Island.* Partai Komunis Indonesia...
certificate. EW is GOTS—U.S. Government invented, owned, and supported software—and comes in two versions, a public version that uses the standard Java cryptographic library and a government-only version that uses a FIPS-140-2 certified crypto stack licensed from RSA Security
RSA Security
RSA, the security division of EMC Corporation, is headquartered in Bedford, Massachusetts, United States, and maintains offices in Australia, Ireland, Israel, the United Kingdom, Singapore, India, China, Hong Kong and Japan....
. The two versions interoperate.
This article incorporates text from the US Department of Defense SPI web site.