Lightweight Portable Security

From Wikipedia, the free encyclopedia
Lightweight Portable Security (rebranded as
Trusted End Node Security)[1]
United States Department of Defense Seal.svgAir Force Research Laboratory.svg
LPS 1.6.0-Public Deluxe.png
Lightweight Portable Security Desktop
DeveloperUS Department of Defense
OS familyCRUX
Working stateDiscontinued
Source modelOpen source
Initial release2011
Latest release3.0.4.1[2] / 30 April 2021; 9 months ago (2021-04-30)
Kernel typeMonolithic (Linux)
UserlandGNU
Default
user interface
XFCE
LicenseFree software licenses
(mainly GPL)
Official websiteTrusted End Node Security program office

Lightweight Portable Security (LPS) was a Linux LiveCD (or LiveUSB) distribution, developed and publicly distributed by the United States Department of Defense’s Air Force Research Laboratory,[3] that is designed to serve as a secure end node. The Air Force Research Laboratory actively maintained LPS and its successor, Trusted End Node Security (TENS) from 2007 to 2021.[4] It can run on almost any x86_64 computer (PC or Mac).[5] LPS boots only in RAM, creating a pristine, non-persistent end node. It supports DoD-approved Common Access Card (CAC) readers, as required for authenticating users into PKI-authenticated gateways to access internal DoD networks.[6][7][8]

LPS turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer's hard drive. As of September 2011 (version 1.2.5), the LPS public distribution includes a smart card-enabled Firefox browser supporting DoD's CAC and Personal Identity Verification (PIV) cards, a PDF and text viewer, Java, a file browser, remote desktop software (Citrix, Microsoft or VMware View), an SSH client, the public edition of Encryption Wizard and the ability to use USB flash drives. A Public Deluxe version is also available that adds LibreOffice and Adobe Reader software.

History[]

LPS and Encryption Wizard were initiated by the Air Force Research Laboratory's Anti-Tamper Software Protection Initiative program, started in 2001. In 2016, that program was ending, so LPS and Encryption Wizard were moved to the Trusted End Node Security program office. LPS, as of version 1.7 was rebranded Trusted End Node Security, or TENS.[9] Encryption Wizard retained its name, but received the TENS logo as of version 3.4.11.[10]

In 2020, the COVID-19 outbreak caused new interest in telecommuting. The National Security Agency recommended U.S. government employees use government furnished computers when working from home. However, when it was necessary for an employee to use their home computer, the National Security Agency recommended TENS as one measure an individual employee could use to make that computer more secure.[11]

In 2021, TENS became compatible with UEFI Secure Boot.[12] UEFI Secure Boot is used to protect the operating system installed on the computer's hard drive. As of June 2020, UEFI Secure Boot was available on many newer PCs. UEFI Secure Boot would prevent older versions of TENS from booting.[13]

In August 2021, the TENS web site announced the TENS program office had been decommissioned. The Defense Information Systems Agency was no longer willing to fund the program. No other agency had agreed to champion the program. "Potentially final" editions of TENS and Encryption Wizard had been released in April and May 2021.[12]

Encryption Wizard[]

LPS comes with Encryption Wizard (EW), a simple, strong file and folder encryptor for protection of sensitive but unclassified information (FOUO, Privacy Act, CUI, etc.). Written in Java, EW encrypts all file types for data at rest and data in transit protection. Without installation or elevated privileges, EW runs on Windows, Mac, Linux, Solaris, and other computers that support the Java software platform. With a simple drag and drop interface, EW offers 128-bit and 256-bit AES encryption, SHA-256 hashing, RSA signatures, searchable metadata, archives, compression, secure deleting, and PKI/CAC/PIV support. Encryption can be keyed from a passphrase or a PKI certificate. EW is GOTS—U.S. Government invented, owned, and supported software—and comes in three versions, a public version that uses the standard Java cryptographic library, a unified version that uses a FIP-140-2 certified crypto licensed by The Legion of the Bouncy Castle, and a government-only version that uses a FIPS-140-2 certified crypto stack licensed from RSA Security. The three versions interoperate.

Public HTTPS access[]

The general public has had some difficulty accessing the LPS and TENS web sites, because from time to time, Department of Defense web sites have used security settings somewhat different than common practice. As a result, users have to configure their web browsers a particular way in order to obtain LPS or TENS. Circa 2020, the main difference is the web sites implement HTTPS using a Department of Defense certificate authority rather than one of the commonly accepted certificate authorities.

Because of these difficulties with the Department of Defense web servers, the LPS and TENS program office established a commercially hosted web site http://www.gettens.online/ with instructions how to configure a browser to work with the official TENS web site.

This article incorporates text from the US Department of Defense SPI web site.

See also[]

  • XFCE
  • Lightweight Linux distribution

References[]

References to the Trusted End Node Security Program office refer to the Trusted End Node Security Program Office, Information Directorate, Air Force Research Laboratories, United States Air Force.

References to the Software Protection Initiative refer to the DoD Anti-Tamper Program, Sensors Directorate, Air Force Research Laboratories, United States Air Force.

  1. ^ "Trusted End Node Security - Downloads". Software Protection Initiative. Department of Defense. Archived from the original on 6 March 2021. Retrieved 19 July 2021.
  2. ^ "LPS Release Notes". Trusted End Node Security - Software Protection Initiative. Department of Defense TENS Program Office. 2019-05-17. Retrieved 2019-12-10.
  3. ^ TENS Program Office. "Trusted End Node Security". Archived from the original on 14 July 2018. Retrieved 10 December 2019.
  4. ^ "TENS Release Notes". Trusted End Node Security. Air Force Research Laboratory. 16 April 2021. Archived from the original on July 19, 2021.
  5. ^ Trusted End Node Security (TENS) Public Edition (TENS-Public) User's Guide (PDF). Air Force Research Laboratory. 2020. Archived from the original (PDF) on 21 March 2021.
  6. ^ Galloway, David (24 July 2011). "Lightweight Portable Security Is a Portable Linux Distro from the Department of Defense". Lifehacker. Archived from the original on 2011-09-13. Retrieved 2021-08-20.
  7. ^ Reed, Michael (30 Nov 2010). "Linux Distribution: Lightweight Portable Security | Linux Journal". www.linuxjournal.com. Archived from the original on 2010-12-03. Retrieved 2021-08-20.
  8. ^ Montalbano, Elizabeth (22 July 2011). "Not Your Average Linux Distribution: DOD's Flavor". Information Week Government. Archived from the original on 2011-07-23.
  9. ^ Software Protection Initiative. "Lightweight Portable Security". Archived from the original on 2016-09-25.
  10. ^ Software Protection Initiative. "Encryption Wizard Release History". Trusted End Node Security. Archived from the original on 2021-07-19. Retrieved 26 February 2019.
  11. ^ Selecting and Safely Using Collaboration Services for Telework - UPDATE (PDF). National Security Agency. 2020. p. 3. Archived (PDF) from the original on August 5, 2020.
  12. ^ a b TENS Program Office. "Downloads". Trusted End Node Security. Archived from the original on 18 August 2021. Retrieved 18 August 2021.
  13. ^ TENS Virtual Machine Guide (PDF). National Security Agency. 2020. Archived (PDF) from the original on June 30, 2020.

External links[]

Retrieved from ""