• A Meandering Scholar by Ian Brooks

    Wherein I hope to document the path of change: The continuing evolution of the Postdoctoral Fellow within academia.

    view profile

    • A Call for Help: Cryptography, AES Validated to FIPS 140-2

      Friday, 21 Aug 2009 - 16:19 UTC

      Dear Blogosphere,

      This is an urgent call for help

      I need advice and to talk to someone, anyone, who knows about application of AES validated to FIPS 140-2, for encryption of electronic Personal Health Information (PHI) as mandated in the ARRA HITECH Act.

      We need to encrypt PHI on our database (PHP over a linux sserver), but the NIST list of vendors is useless not very helpful; half of those we contacted didn’t know they were listed, and don’t know why they’re listed.

      My programmers are in over their heads, and don’t understand enough about this to know which questions to ask: this is an encryption module to be purchased and applied, not a programming issue. Furthermore, most of the information on the NIST website relates to hardware issues and mobile devices. Not much use to us.

      Anyone who can help, or might know someone who can, please either post a comment or contact me via my Nature Network facepage.

      Ta very much.

      Last updated: Friday, 21 Aug 2009 - 16:19 UTC

        • all tags

          • No tags for this post.

      • Comments

        • Date:
          Friday, 21 Aug 2009 - 16:36 UTC
          Ian Brooks said:

          To help you understand the seriousness of this: my programmer and my Dir. Inst. Resources are plying me with Big Macs™ and fries. They’re trying to give me a carb/fat/sugar buzz to help with this. Things are that bad right now…

        • Date:
          Friday, 21 Aug 2009 - 18:10 UTC
          Ian Brooks said:

          Consumer Verticals?

          Verficationalization?

          WTF?

        • Date:
          Friday, 21 Aug 2009 - 19:51 UTC
          Cath Ennis said:

          Sorry mate, no help here – I didn’t even understand the question. Try switching from junk food to beer, maybe.

        • Date:
          Friday, 21 Aug 2009 - 19:55 UTC
          Ian Brooks said:

          arse.

          I’m on the wagon too. I could not have picked a worse week to kcik start my new health binge…sans Big Macs™

        • Date:
          Thursday, 27 Aug 2009 - 20:35 UTC
          Heather Etchevers said:

          Also unqualified, but will re-transmit (or re-tweet, as the case may be).

        • Date:
          Thursday, 27 Aug 2009 - 22:04 UTC
          Ian Brooks said:

          Oop. Should have followed up on this… Looks like our server has a FIPS compliant mode. We might be able to activate it without re-building the db structure or, even worse, going through 1,000,000 lines of code looking for instances where we need to apply encryption.

          Fingers crossed.

          If not, there’s also open source openSSL we can try. One of my code-monkey’s has it running on his laptop from the command prompt and thinks we can implement it easily enough. Personally, I can’t even understand the bloody user-manual…

          I now have far larger concerns as my work place starts to take on an air reminiscent of “The Tudors”, or “Rome”, only without the booze, drugs, nudity and shagging…I keep expecting to stumble upon an Associate Dean or an Assistant Vice-Chancellor with a dagger in his/her breast or a basket of asps nearby…

        • Date:
          Thursday, 27 Aug 2009 - 22:07 UTC
          Ian Brooks said:

          monkey’s

          seriously?

          I am DONE for the day. I have put in 45hrs this week already. I’m outtie.

      • log in to add your comment
Search blogs
web feed Want a blog?

Submit this post to

Advertisement