IEEE Selects ATSEC to Certify Protection Profiles for New Information Security Standard

PISCATAWAY, N.J.--(BUSINESS WIRE)--The IEEE Standards Association has selected an independent laboratory, ATSEC Information Security Corporation, to test and certify the protection profiles being developed to work with the recently approved standard, IEEE 2600™, "Standard for Information Technology: Hardcopy System and Device Security."

The IEEE 2600 standard defines security requirements (including but not limited to authentication, authorization, privacy, integrity, device management, physical security and information security) for manufacturers, users and others on the selection, installation, configuration and usage of hardcopy devices and systems, including printers, copiers, and multifunction devices.

In addition to the main standard, the four protection profiles currently being developed concern the security requirements of different types of devices. A protection profile is a combination of threats, security objectives, assumptions, security functional requirements, security assurance requirements, assumptions, and rationales.

"In security matters, it's not always enough to have a standard," said Don Wright, Chair of the IEEE 2600 Working Group. "A standard usually involves protocols and hardware, but that won't necessarily protect a document. Corporate enterprises and government agencies need protection profiles, and they like to see them independently verified and certified.

"We expect ATSEC's first review of the protection profiles to be completed by the end of the year," said Wright. "This will help us to create the next revision of the protection profiles, which will to be used to further enhance their document security provisions."

The IEEE 2600 standard and the four protection profiles are being developed by the Hardcopy Device and System Security Working Group, a standards project sponsored by the IEEE Information Assurance Standards Committee of the IEEE Computer Society.

[Editors - For additional information, please see the backgrounder, IEEE 2600™, "Standard for Information Technology: Hardcopy System and Device Security" at:

http://standards.ieee.org/announcements/bkgnd_ieee2600.html]

About the IEEE Standards Association

The IEEE Standards Association, a globally recognized standards-setting body, develops consensus standards through an open process that brings diverse parts of industry together. These standards set specifications and procedures based on current scientific and technological consensus. The IEEE-SA has a portfolio of over 870 active standards and more than 400 standards under development. For information on IEEE-SA see: http://standards.ieee.org/.

About the IEEE

The IEEE (Institute of Electrical and Electronics Engineers, Inc.) is the world’s largest technical professional society. Through its more than 375,000 members in 160 countries, the organization is a leading authority on a wide variety of areas ranging from aerospace systems, computers and telecommunications to biomedical engineering, electric power and consumer electronics. Dedicated to the advancement of technology, the IEEE publishes 30 percent of the world’s literature in the electrical and electronics engineering and computer science fields, and has developed nearly 900 active industry standards. The organization annually sponsors more than 850 conferences worldwide. Additional information about the IEEE can be found at http://www.ieee.org.