CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Internet

Tokens to secure future offered

Seeking to grow beyond its narrow niche, Security Dynamics is unveiling an enterprise security strategy based on its SecurID tokens.

Seeking to grow beyond its narrow security niche, Security Dynamics Technologies (SDTI) is unveiling an enterprise security strategy based on its SecurID tokens and the software to manage them.

Security Dynamics said it will offer its authentication technology on smart cards, wallet-sized cards that--like pricier SecurID tokens--can verify the identity of users on enterprise networks. The company also offers software-only authentication.

Security Dynamics, saying it would ship version 3.0 of its ACE/Server early in the third quarter, is using the announcement to outline its strategy as an enterprise security provider, thus joining the rush of security companies trying to broaden their appeal.

"We believe most major corporations have their heads spinning on security issues," said David Power, vice president of marketing and strategic relations. "What we're trying to do is step into the void and provide leadership to understand how it comes together in enterprise security framework and what they can count on for us to give them."

The new version of ACE/Server will allow corporate networking chiefs to manage access privilege (what resources each user is entitled to), keys of cryptographic algorithms used for security, and digital certificates, which vouch for the identity of individual users.

An explosion in the numbers of mobile workers and telecommuters has corporate security officers worried about their data, Power said. Also, the growth of intranets has produced other security concerns by opening traditionally closed corporate networks to outsiders.

"Customers are looking for a single security architecture or a single vendor," Power said, adding that the company won't provide every piece of security itself but will work with partners.

The new version of ACE/Server, which has been a stand-alone security server, will be able to link to other security servers on a network, allowing large organizations to scatter security servers among their locations. That means people who need to travel to other offices can sign on with just one token or password.

Other new features include one-time emergency authentication access for users who lose their SecurID tokens and the ability to restrict users based on time, day, or week, thus limiting access outside business hours if desired.

Version 3.0 also will support standard protocols to ease integration with other network software and help-desk systems. Later this year, Security Dynamics also plans products and partnerships to enable:

  • identification and authorization (I&A): Security Dynamics will add support for public key cryptography from its subsidiary RSA Data Security and emerging communications protocols, including Radius.

  • certificate management: Security Dynamic will offer software to let corporations create and manage their own digital certificates, which functions as a digital ID, by operating as a certification authority or by outsourcing to another CA.

  • key management: Future Security Dynamics' offerings will let companies generate, distribute, validate, replace, revoke, terminate, and recover encrypted keys, which keep communications private. The company said its key recovery system will meet government export requirements.

  • privilege management: Future products will issue and manage "privilege certificates" that define what enterprise resources users have access to and what they can do with them. Working with partners, Security Dynamics will provide a common repository of access control and privileges that can be managed corporate-wide.

    Pricing of version 3.0 will start at $2,450 for a ten-user license, with discounts available for volume purchases.