Lightweight Portable Security

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Lightweight Portable Security
Developer US Department of Defense
OS family ArchLinux
Working state Current
Source model Open source
Initial release 2011
Latest release 1.5.6 / 14 July 2015; 2 months ago (2015-07-14)
Kernel type Monolithic (Linux)
Userland GNU
Default user interface IceWM
License Free software licenses
(mainly GPL)
Official website [1]

Lightweight Portable Security (LPS) is a Linux LiveCD, (or LiveUSB), developed and publicly distributed by the United States Department of Defense’s Software Protection Initiative[1] that is designed to serve as a secure end node. It can run on almost any Intel-based computer (PC or Mac). LPS boots only in RAM, creating a pristine, non-persistent, end node. It supports DoD-approved Common Access Card (CAC) readers, as required for authenticating users on DoD networks.[2][3][4][5]

LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer hard drive. As of September 2011 (version 1.2.5), the LPS public distribution includes a smart card-enabled Firefox browser supporting DoD's CAC and Personal Identity Verification (PIV) cards, a PDF and text viewer, Java, a file browser, remote desktop software (Citrix, Microsoft or VMware View), an SSH client, the public edition of Encryption Wizard and the ability to use USB flash drives. A Public Deluxe version is available that adds and Adobe Reader software.

Encryption Wizard[edit]

LPS comes with Encryption Wizard (EW), a simple, strong file and folder encryptor for protection of sensitive but unclassified information (FOUO, Privacy Act, CUI, etc.). Written in Java, EW encrypts all file types for data-at-rest and data-in-transit protection. Without installation or elevated privileges, EW runs on Windows, Mac, Linux, Solaris, and other computers that support the Java software platform. With a simple drag and drop interface, EW offers 128-bit AES encryption, SHA-256 hashing, RSA signatures, searchable metadata, archives, compression, secure deleting, and PKI/CAC/PIV support. Encryption can be keyed from a passphrase or a PKI certificate. EW is GOTS—U.S. Government invented, owned, and supported software—and comes in two versions, a public version that uses the standard Java cryptographic library and a government-only version that uses a FIPS-140-2 certified crypto stack licensed from RSA Security. The two versions interoperate.

This article incorporates text from the US Department of Defense SPI web site.

Also See[edit]