For Security & Risk Professionals

Best Practices: Implementing Strong Authentication In Your Enterprise

Kill Two Birds With One Token

by Bill Nagel, July 23, 2009

The adoption of strong multifactor authentication (MFA) is on the rise. It's often the first port of call on the journey to a fuller identity and access management implementation; MFA directly addresses the password problem, which is a well-known and . . .

For Security & Risk Professionals

Case Study: For Avaya, Customers Are Not A Token Consideration

A Plug-And-Go Smart Token Combines With PKI For Security And Auditability

by Bill Nagel, July 23, 2009

Rick Robinson at Avaya had a vision for a multifunctional second-factor authentication credential that would satisfy customer compliance requirements without significant adverse effects on his engineering and technical support staff. By testing how well . . .

For Security & Risk Professionals

Extending Mobile Identity Beyond Authentication

Banks, Mobile Operators, And Vendors Team Up For SIM Card-Based Security

by Bill Nagel, April 11, 2008

With mobile phones reaching saturation levels in many countries, banks and other service providers are taking a second look at providing financial and commercial services over the mobile channel. Mobile banking and PKI both flamed out spectacularly in . . .

For Security & Risk Professionals

Government eID Projects Need Private Sector Initiative And Support For Broader Success

A Look At Europe's Experience With PKI-Enabled National ID Cards

by Bill Nagel, April 7, 2008

To date, at least 12 European countries have either developed or rolled out national electronic citizen IDs (eIDs) based on a government-created and -managed public key infrastructure (PKI) or are in the process of doing so. National governments intended . . .

TI, 3M, And VeriSign's Rx For Drug Fraud

PKI Authentication Eases RFID Securely Into The Drug Supply

by Laura Ramos, August 19, 2005

Introducing an open, secure model for drug authentication, Texas Instruments (TI), 3M, and VeriSign combine their industry-proven expertise to show drug manufacturers, distributors, and retailers that it is possible to use RFID to secure the drug supply . . .

PKI: Alice And Bob Have Still Got A Job

PKI Continues Its Quiet Evolution To Invisible Relevance

by Paul Stamp, January 14, 2005

Technology pundits have long predicted huge growth in PKI, which has never materialized. However, recent rumors of PKI's demise have been greatly exaggerated. Vendors and experts have methodically chipped away at the barriers that have slowed PKI adoption . . .

PGP Corporation Off to a Good Start

by Jan Sundgren, May 27, 2003

While new, the company inherited a large customer base and has so far managed to keep almost all the bigger ones. It has $14 million in venture funding, yet its revenues are already tracking along at a higher than expected pace.

Webwasher Takes a Stab at Two SSL Problems

by Jan Sundgren, May 27, 2003

The webwasher HTTPS Proxy improves SSL security in two ways: one involving content scanning and the second involving certificate validation.

Federal Government Is Developing but Not Imposing PKI

by Jan Sundgren, May 14, 2003

For now, the decision to deploy PKI (or purchase PKI services) should be based on sound business rationales rather than the potential of future federal pressure.

Electronic Signature Requirements in the European Electronic Invoicing Directive

by Jan Sundgren, January 15, 2003

The implications of the new European Union electronic invoicing provisions appear to be somewhat controversial and unclear, but the eventual outcome will likely be a strong trend towards using digital signatures on invoices.

Identrus Gets Practical

by Jan Sundgren, December 10, 2002

There is a widespread perception that Identrus is a failure. By simplifying the rules, Identrus hopes to pull in smaller banks and customers that lacked the resources to implement the stringent requirements Identrus originally imposed.

Integrating SecurID and Digital Certificates

by Jan Sundgren, December 2, 2002

Streamlining the dual use of the two different authentication systems is a desirable goal. RSA provides organizations a couple of options for integrating SecurID and digital certificates, depending on their requirements.

SSL Certificate Vendors: Alternatives to VeriSign

by Jan Sundgren, October 30, 2002

VeriSign has dominated this market for some time, particularly since its acquisition of Thawte. But there are many other vendors competing in this market, even if most have a relatively minuscule share of the market.

PKI in z/OS Is a Work in Progress

by Jan Sundgren, October 16, 2002

Because the z/OS PKI is so new, it lags specialized products more than the Windows PKI, but it does appear to offer all the basic Certificate Authority functions for managing the life cycle of certificates.

IT Trends 2003: Public Key Infrastructure

by Jan Sundgren, October 8, 2002

The deployment of public key infrastructure (PKI) continues to grow slowly, as the technology battles a legacy of disappointment and a tight market for IT spending. Yet PKI may be poised for faster growth as the economy rebounds.

Market Overview: Public Key Infrastructure

by Jan Sundgren, September 27, 2002

PKI is improving in terms of management capabilities and application integration, and the demand for the security functions that PKI is well-suited to deliver is likely to expand.

Pros and Cons of .NET PKI

by Jan Sundgren, September 19, 2002

There is no doubt that the Microsoft is improving its PKI offering tremendously in .NET as compared to Windows 2000. On the other hand, the new PKI capabilities still fall short in certain respects.

Standards for Public Certificate Authorities Under Scrutiny

by Jan Sundgren, September 13, 2002

Recent developments in the Web server certificate market have led to a debate about the standards that certificate authorities should follow, a debate that could have major consequences for the market.

Online Certificate Status Protocol Not Commonly Used

by Jan Sundgren, September 4, 2002

Over time, better cryptographic hardware will improve the scalability of the Online Certificate Status Protocol (OCSP), but the need for OCSP responders could also be reduced by Extensible Markup Language Key Management Standard (XKMS) and roaming.

PKI Viability Continues to Improve

by Jan Sundgren, August 26, 2002

Though public key infrastructure may never grow explosively, Giga believes that there is still a future for it, and the foundation for that future is already falling into place. Several trends support this prognosis.

Private Key Storage Options Improving

by Jan Sundgren, July 15, 2002

Options for protecting users' private keys have evolved in several ways during the last few years, and customers should make sure their current strategies reflect available solutions. The most secure approaches involve storing keys on separate hardware.

Digital Signatures and Expired Certificates

by Jan Sundgren, May 23, 2002

Digital certificates generally expire within a few years, which raises the question: How can the validity of signed documents be checked years after the associated certificates have expired?

Public Key Algorithms: RSA vs. Elliptic Curve Cryptography

by Jan Sundgren, May 3, 2002

ECC is unlikely to supplant RSA, though it could still be a useful tool for some applications. Customers should choose RSA when feasible, but consider ECC when private key operations emerge as a performance bottleneck.

Windows PKI: Getting Closer, but Not Here Yet

by Jan Sundgren, January 31, 2002

Companies with an immediate need for more advanced PKI features probably can t afford to wait for Windows .NET. Only companies that have flexibility regarding their PKI deployments can wait for it to finally arrive and see what it has to offer.

IT Trends 2002: Public Key Infrastructure

by Jan Sundgren, November 12, 2001

After being dismayed by the expense and difficulty associated with initial attempts to embrace PKI, companies are taking a harder look at how PKI can be deployed with more ease and efficiency and with more immediate returns.