Vendors team on certificate management

Security Dynamics Technologies Inc. and subsidiary RSA Data Security Inc. last week announced their entry into the digital certificate management market with their new Keon Certificate Server 5.0.

This is the first full move for the companies into the public-key infrastructure arena, which uses digital certificates and encryption to verify user identities and secure data being sent across networks. The Keon server is intended to provide organizations with full-function certificate management capability that can be handled in-house.

Many federal agencies have initiated PKI pilots in the past year to provide data security and user authentication for the wide range of government services being moved to the Internet. But it can be burdensome to handle all the policies of issuing, managing and revoking the thousands of certificates that usually are needed for even one internal application.

Because of this recognized need in government, RSA and Security Dynamics are going to focus much of their marketing on federal agencies, said Tim Matthews, director of product marketing for RSA. "There is a tremendous amount of PKI opportunity in the government," he said.

The Keon server is a completely World Wide Web-based management system, which eliminates the need for additional certificate software on each client. Being Web-based, administrators can move around freely in an organization while maintaining access to the certificate management system, Matthews said.The certificates themselves are priced per user and not per certificate, which makes it much less expensive for agencies that issue more than one certificate to each user, he said.

The companies announced the Keon strategy in January as a way to leverage RSA's BSAFE cryptography components and development tools and Security Dynamics' SecurID authentication tools.

The first Keon Certificate Server is being offered through a partnership with PKI vendor VeriSign Inc. and Netscape Communications Corp. and builds on technologies from all four companies involved.

In addition to certificate management, the server includes an agent technology designed to make it easier to use such PKI features as user authentication and data encryption with applications that originally were not designed to be used in a PKI environment. "[Agencies] want to PKI-enable a lot of in-house systems [and] legacy applications, and this makes it much easier," Matthews said.

The two companies are facing stiff competition in the enterprise market from Entrust Technologies Inc. and Baltimore Technologies Inc. While the Keon agent technology could give the two companies new leverage, it still will be an uphill battle to gain market share, said Phil Schacter, director and senior analyst at the Burton Group.

"The agent technology that they have built into the technology is meant to tie back into legacy applications at any organization to make it easier to leverage PKI," Schacter said. "It's an aggressive strategy on RSA's part, and clearly they have to prove that they can market this solution successfully."

But even with more established players and more companies getting involved in the enterprise PKI market every day, RSA is confident about its move.

"I don't think there are many companies that understand the technology as well as we do," Matthews said. "We have been selling PKI cryptography into this market for a long time."

Security Dynamics also brings many contacts and a lot of experience because millions of people use its SecurID two-token user authentication products, he said.

Featured

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected