A complex 'blank sheet' system has hindered PKI take-up, claims Baltimore Technologies. But will a new template approach ease deployment? Paul Allen reports
Network IT Week, 19 Jun 2002
PKI uptake has remained low because vendors have made it difficult for companies to integrate the technology into their business processes, according to PKI vendor Baltimore Technologies.
Patrick McLaughlin, senior VP for technology strategy at Baltimore, said that one of the ways his company wants to reduce the cost of PKI is to reduce its complexity. "In the past we have given enterprises a highly configurable system, but perhaps it was too much of a blank sheet," he said.
The company released UniCERT 5.0 last week, and McLaughlin said the changes would make PKI deployments less painful, expensive and time consuming.
"We're making PKI much more off-the-shelf. We have supplied shrink wrapped policies for some of the more popular applications." He said these had been derived from experience with existing customers, and all could be tailored through editing if preferred.
Customers who want to build PKI into more complex systems would have traditionally needed to buy toolkits from vendors. "They can now interact with our PKI using the XML protocol rather than a range of ASN.1 protocols," he said.
Sian Birch, security consultant at MIS Corporate Defence Solutions, welcomed the move but said underlying problems remained.
"The normal problem with PKI is that there is no universal structure in place for interacting with other companies. The shrink-wrapped interfaces will make set up a lot easier though."
European e-business association, EEMA, is close to commencing interoperability trials of PKI products from 15 vendors, including Baltimore, RSA and Verisign. Jack Nagel, director of corporate marketing for government at Baltimore, said testing parameters had finally been agreed. "The official phase of interoperability testing starts now."
He added that EEMA co-operated with the Communications-Electronics Security Group, formerly GCHQ, the agency responsible for information assurance.
Shrink-wrapped policies could help PKI overcome another obstacle, McLaughlin said. "It will give businesses a better idea of what PKI can be used to do in business." Companies will have to define the technical profiles for authentication of their own users, but UniCERT 5.0 will provide examples.
UniCERT 5.0 will also introduce cloning to extend the capacity of a Certification Authority (CA) or Registration Authority (RA), which would mean large enterprises can set up a single CA or RA themselves.
The results of the PKI Challenge will be unveiled on 2 October, and Nagel said full results would be published on the EEMA website.
Storage-as-a-Service:
Best efforts or best practice?
IDG research: IT professionals understand the fundamentals of managing and
protecting data, but do not apply best practices
The
seven security myths of Microsoft Windows 7
It is essential to separate myth from reality about the built-in security of
Microsoft’s latest offering
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you thousands of white papers, case studies and analyst reports.
Rapid Predictive Modeler designed to aid enterprise decision making
Huawei's Ideos smartphone, announced today , is claimed by the...
Do you agree?
Have your say on this article