Information Technology Reference
In-Depth Information
interest to Israel is that we are not supposed to buy from a non-NATO nation. We use
Checkpoint firewalls all the time because under the rules we can check firewalls from the
Californian subsidiary of Checkpoint. Officially we are only supposed to buy products
from NATO nations and this is more from commercial interest rather than security.
NATO money is supposed to stay within NATO. Obviously hardware all comes from
Taiwan so this was relaxed some time ago, but software normally must come through a
NATO nation.
Erez
: I know from a list of tenders that Israel and Finland are included although they
are not strictly NATO member nations. Israel does not buy in shekels but in dollars, so
they buy from subsidiaries in the United States.
Stanley
: It is the standard NATO firewall at the moment; because it has a UK
evaluation, we buy it through a Belgian third party.
Kolobov
: In Ukraine we consider cryptography as an important part of a complex
system of protection information. And if you are a bank or a private company or a
government organisation, and you want to do some activities concerning cryptography
you have to get a licence from the government. And I mean different activities such as
export/import cryptography, investigating the manufacture of products, software and
hardware, etc. You have to obtain a licence for that kind of activity, and if you would
like to use some cryptos you have also to go through the certification procedures:
certification or evaluation. Certification means that you should use only devices with
algorithms and protocols already certified by the government. We have our own
Ukrainian standards in cryptography; one standard we got from the former USSR, a
ghost for ciphering and ghost 34-10 and 34-11 just for hash function and digital
signature. But already in Ukraine we have our own Ukrainian algorithms and new
standards for ciphering, for just digital signature and hash function, and right now we
have several devices and software realisation of new Ukrainian cryptography algorithms.
The evolution process is more simple if you use, for example, another algorithm and you
would like just to be sure that that algorithm is realised correctly in the device or
software and you can appeal to the government and ask it to prove that everything is
working correctly. But if you meet one problem with that device or software then the
government does not care about that problem. It is your problem. But, if you went
through the certification procedure the government is responsible for the problems and
they will take care of every problem of your company, your bank, etc. That is roughly
the situation in Ukraine.
Vellone
: Just coming back to NATO I want to have a clarification about the previous
statement. As I understand it, NATO will use crypto-equipment funded by NATO if it is
certified and approved by the relevant NATO agency. Checkpoint and firewall I do not
believe belong to the family of encryption for the licence. It is a natural kind of
equipment which can be approved in accordance with common criteria. But common
criteria does not care about encryption unless it is expressly prohibited. The second point
was about PKI infrastructure. As far as I know, PKI is not oriented to confidential
material.
Search WWH ::
Custom Search