2007-06-26

US DoD Gold Disk and Eclipse RCP

A customer ask me today whether Eclipse RCP could pass "US DoD Gold Disk"...

I don't know what this is, apart from some security checks that are performed on an application using a "Gold Disk" (CD?) from US Department of Defense.

Does anybody know, what this is? And whether an Eclipse RCP based application can be expected to pass this sort of certification?

If you don't want to comment on this, please feel free to mail me on tonny.madsen@rcp-company.com.

7 comments:

Donald Smith said...

I believe that Gold Disk is software that the US Defense Information Systems Agency uses to help DoD sysadmins secure windows (no snickering please), desktop apps and internet protocols.

I did some poking around:
http://iase.disa.mil/stigs/SRR/Gold-Disk-Version-2-0-Users-Guide-January-2007.doc

So basically, they are asking if Eclipse could pass a security auditing tool. I'm not sure of the answer, but with all due respect, if Windows passed, I'm sure they could find a way to make Eclipse pass....

Ironically, I have spoked with some security teams (not DoD) recently about Eclipse. Their first question was "Can you confirm that Eclipse was written 100% by US Citizens?"

- Don

Tonny Madsen said...

Interesting.

A very large part of Eclipse is probably written by CA Citizens due to the origins of Eclipse - whether they count as US Citizens in this context, I don't know.

If they take this as serious as it sounds, there will be a lot of thinks that cannot be used. I wonder if Windows would pass this test...

Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.