Wave Systems Corp. (fka WAVXQ)

[reach567]

Ncipher Key Authority


This looks competitive to Wave's KTM


http://www.ncipher.com/company/pr_view.php?itemid=245

News Release

nCipher introduces keyAuthority enterprise key management solution
Unique management approach delivers advanced security controls, consolidates auditing and reduces operational cost
Cambridge UK — 12 September, 2005

nCipher plc (LSE: NCH), a leading provider of cryptographic IT security solutions, today announces the availability of the nCipher keyAuthority™ product suite. keyAuthority is the first in a new class of enterprise-wide security management systems that delivers unified, fine-grained and auditable security controls to enable organizations to cost-effectively deploy stronger data protection and access control policies that span traditional application and functional boundaries.

nCipher keyAuthority consolidates and automates the management of cryptographic keys and credentials in a transparent manner across large and diverse populations of device end-points and applications. keyAuthority overcomes the fragmented and typically manual processes for managing a wide variety of security functions that arise from the rapidly-expanding use of cryptography across the enterprise. As a result, keyAuthority reduces management costs and enables organizations to manage risk by propagating these advanced security techniques more quickly, in a less error-prone and more auditable manner. Furthermore, keyAuthority can be scaled to meet the key management needs of the world’s largest security infrastructures and support both existing and planned deployment of cryptography-enabled applications.

"There is no doubt that with all the attention being given to some of the recent data breaches and the move toward more device and data-level security systems, cryptography is a vital technology in enterprise security," says Andrew Braunberg, senior analyst, Current Analysis. "Cryptography will become more pervasive, causing the number of cryptographic keys that an organization needs to manage to multiply very quickly. The management of these keys up until now has been a very manual ad hoc process, but that approach will become increasingly cumbersome as keys multiply. For this reason, nCipher has a great opportunity to create a leadership position in this market that will also embrace areas such as ID management and DRM."

As organizations become more widely dispersed and increasingly operate within highly interconnected business networks, traditional boundaries and security perimeters become blurred. Cryptography has already become the de facto means of protecting sensitive information on the internet – now these same techniques are being extended and deployed across enterprise networks. The result is an explosion in the number and diversity of applications that use cryptography, with consequent growth in the scale and complexity of managing the resulting cryptographic keys, creating a significant new challenge for IT organizations. Key management raises a number of important and unique management issues, including:



• Keys must remain secret – accessible only under highly specific usage rules – in order to deliver effective protection

• Keys must be made available to authorized users and applications whenever and wherever needed and potentially over extended periods of time, or otherwise risk halting whatever business process is being performed

• Keys must be able to be withdrawn as a way to enforce the revocation of individual user rights, for example when employees leave an organization or when a system is decommissioned

• Key usage must be auditable as a means of establishing an irrefutable record of when sensitive data was accessed or transactions executed, and by whom

Cryptography is used to provide a variety of functions across a rapidly expanding range of applications:

• Encryption is used to ensure the privacy of information passing over networks, e.g. in internet security protocols such as SSL or IPSec, and also to protect information stored in databases, file systems and storage networks

• Digital identities based on the use of digital certificates enable strong authentication of both users and network connected devices to reinforce access control

• Digital signatures are used increasingly to validate the integrity and provide auditability of information and actions.

Traditionally, these functions have been managed manually and often purely within the context of each specific application, resulting in an error-prone and fragmented approach that is rapidly becoming untenable.

nCipher's recent survey "Cryptography in the Enterprise 2005" queried 237 security decision-makers within organizations worldwide, revealing that 74 percent of respondents are using, or plan to use, encryption to underpin at least five different security functions within the next 18 months, a dramatic increase from the 35% of respondents that are currently using encryption to secure five or more functions. The survey also revealed that more than 10% of respondents already have over 10,000 keys currently in need of management. Both results are significant indications confirming that cryptography is rapidly maturing as a mainstream security tool. For more information on the survey see http://www.ncipher.com/crypto2005/

"As a result of working with some of the most security-aware organizations in the world we have developed keyAuthority to help control escalating management costs and provide a single management interface to consolidate key management operations at the appropriate business level, helping to satisfy compliance and internal policy requirements," says Dr. Nicko van Someren, Chief Technology Officer at nCipher. "keyAuthority builds on nCipher’s market-proven technologies and broad experience of helping our customers deploy strong cryptography in support of a wide variety of applications and across numerous platforms and operating systems. We believe that we are uniquely placed to address these emerging management issues particularly as new PC security technologies such as Trusted Platform Modules (TPM) and next generation authentication tokens become deployed, raising the security bar across the enterprise."

The keyAuthority product suite satisfies the need to deliver keys to a wide variety of end-points on demand and in a highly resilient and scalable manner without requiring modification of the applications that actually use the keys. keyAuthority manages both symmetric and asymmetric keys and is the perfect complement to existing PKI deployments. The entire system is secured by the use of nCipher’s hardware security modules (HSM) that have been independently validated to FIPS 140-2 Level 3 security standard.

The keyAuthority suite comprises three core components:

• keyAuthority Management Server that generates, manages and archives keys, establishes security polices and provides the integration point for other enterprise systems

• keyAuthority Provisioning Server that securely distributes keys and other security objects directly and on-demand to authorized end-points and applications

• keyAuthority Management Console provides a stand-alone management interface for the system



For more information about nCipher's keyAuthority visit www.ncipher.com/keyauthority

A webinar about nCipher’s keyAuthority enterprise management solution will be held on Tuesday, 4 October 2005. Click here for more details and registration.


About nCipher
nCipher is a leading provider of cryptographic security, enabling our customers to meet the challenges of verifying identity, protecting data and complying with security regulations. nCipher's solutions provide a unified approach to cryptographic management providing strict access controls and high assurance trusted processing, overcoming traditional issues of scalability, performance and weak platform security. The world's leading organizations work with nCipher to protect security critical systems such as web site infrastructure, online banking and payment processing networks, PKI, web services, databases and digital rights management schemes.
nCipher is the winner of the Microsoft Security Solution of the Year award 2004. The company is listed on the London Stock Exchange (LSE:NCH) and is a member of the FTSE TechMARK and FTSE4Good indices with offices in Cambridge, UK; Boston, Washington, Hamburg and Tokyo. For more information on nCipher, visit www.ncipher.com






------------------------------------------------------------
http://www.ncipher.com/keyauthority/
keyAuthority™ Solution Suite
Provisioning system for enterprise key management and distribution
The use of cryptography is expanding rapidly as large organizations attempt to secure data wherever it is stored and whenever it moves within their extended enterprise. As more and more sensitive information is exchanged across open networks, cryptography provides a proven way to manage risk and meet regulatory requirements.

However, many organizations face deployment challenges and significant operational costs as they scale their systems. Providing lifetime management of the private keys and digital certificates across hundreds of applications and thousands of servers, end users and networked devices can easily overburden the manual processes typically employed today.

nCipher’s keyAuthority™ Solution Suite delivers centralized cryptographic key management and automated key distribution to security applications deployed across large numbers of network-attached end-points. keyAuthority helps large organizations to:

Deliver lower operational costs through central management and automation
Manage risk by enforcing high-security policies
Achieve regulatory compliance
nCipher keyAuthority products allow keys and other security objects, configuration data and security policies to be generated and managed centrally, before distribution to cryptographic applications - on demand, anytime, anywhere.

System Components
keyAuthority Management Server is the primary component of the system and is used to generate and archive keys, establish security policies and enroll end-points through a local management interface.

keyAuthority Management Console provides a standalone management interface for the system. Multiple Management Console devices can be used remotely to support the needs of dispersed management teams or different operational functions.

The Database acts as a shared depository for wrapped keys and their associated policies. All interaction with the database uses the industry-standard ODBC interface.

keyAuthority Provisioning Server securely distributes keys directly to end-points following a mutual authentication process. Multiple Provisioning Server devices can be deployed for resilience and to provide localized services to geographically-grouped end-points or to reflect a particular customer’s internal management structure. Each Provisioning Server is intended to operate in an unattended manner.


Click to enlarge diagram

keyAuthority Starter System
To facilitate system development, integration, training and piloting, nCipher provides a compact version of the Key Provisoning System, called the nCipher keyAuthority Starter System. The Starter System allows the Management Server, Provisioning Server and a console to be run on a single host computer. The Starter System provides all the functionality of the full system. However, it does not support resilient configuration and the number of end-points that can be enrolled is restricted.





---------------------------------------------------------
https://ncipher.raindance.com/iccdocs/seminarDesc.shtml?id=48705&mode=cal&tz=PST

nCipher announces the FIRST comprehensive key management solution! You will learn HOW nCipher's keyAuthority Enterprise Management Solution: delivers centralized secure cryptographic key management; automates key distribution for private and symmetric keys; helps manages risk; and facilitates compliance.

times: 10/04/2005 6:00am - 7:00am PST
10/04/2005 9:00am - 10:00am PST

location: https://ncipher.raindance.com

registration: Call 303.928.2401
or click one of the scheduled times for online registration.