Atalla announces high performance hardware-based security for the Internet.SAN FRANCISCO--(BUSINESS WIRE)--Jan. 16, 1996--Atalla, a division of Tandem Computers Inc., and the leader in hardware-based transaction security products, announces the WebSafe II Internet Security Processor. The WebSafe II provides the cryptographic services needed to secure transactions and make the Internet safe enough for commerce. The successor to the WebSafe ISP (1) See in-system programmable. (2) (Internet Service Provider) An organization that provides access to the Internet. Connection to the user is provided via dial-up, ISDN, cable, DSL and T1/T3 lines. (which began shipping last October), the WebSafe II features a performance boost from 2 RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. decrypts (512 bit) to 20 RSA decrypts (1024 bit) per second. "We're gearing up to go from pilot programs to full scale production applications," stated Gary Sabo, Atalla vice president of product management and marketing. "We achieved this performance improvement with `hardware-assisted' DES and RSA exponentiators. "This resulted in a greater than 20 times performance increase, without any changes to the industry standard BSAFE developers tool kit, which is used for both the WebSafe and WebSafe II," Sabo continued. What makes the WebSafe processor unique is that it's the first high-performance RSA and DES processor which can bridge from the Internet into the bank payment network. It protects transactions from unauthorized access and alteration. It's designed to bring the same level of transparent, on-line transaction security to the Internet that presently exists on payment networks (e.g. ATM/EFT/POS) which safely carry millions of electronic transactions daily. Safer Than Software: Part of Atalla's end-to-end transaction security strategy, WebSafe II provides "back-end" cryptographic services for Web servers. The WebSafe can take a transaction from virtually any "client" (e.g. browser) and "lock-it" with the same kind of hardware-based encryption services that have made the bank payment network among the safest ways to conduct business in the world. A Note on the Bank Network: The bank payment network relies on hardware-based encryption for transaction security. Under Article 4A of the Uniform Commercial Code (UCC An abbreviation for the Uniform Commercial Code. ), which addresses liability in electronic funds transfer See EFT. (application, communications) electronic funds transfer - (EFT, EFTS, - system) Transfer of money initiated through electronic terminal, automated teller machine, computer, telephone, or magnetic tape. (EFT), the UCC directs financial institutions to offer customers a form of commercially reasonable security. If a bank fails to do that, it's liable for losses. The accepted security practice to meet this requirement has been hardware-based encryption, much of which has been provided by Atalla. The Hardware-Based Security Difference: The WebSafe II attaches as a peripheral device to your web server and performs all cryptographic processing within the safety of a physically secure "Atalla box." Unlike software solutions which need to decrypt sensitive data in unsecured memory, leaving them vulnerable to cyber-pirate attack, attempts to penetrate hardware-based security activate special circuitry (such as voltage, temperature and penetration sensors) which "zeroizes" all "secret data" (such as passwords, keys and algorithms). In fact, with the Atalla architecture, once the "secret data" is entered into the network, it never again appears in the clear outside the WebSafe. Software-based solutions cannot offer this kind of protection. Off-Loads Key Management From the Web Server: For example, in a secure SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. session a time-stamped key is generated. This key is the "password" that secures the session. In a server without the WebSafe, all of the keys for the sessions reside unsecured in the server's memory. By contrast, the WebSafe off-loads all of the key management from the Web server and performs all of the cryptographic processing inside the "hardware security" of an "Atalla box." This way no one can ever see your keys. In addition, because all of the algorithms are "locked-in" to the Atalla box, there is no way for hackers to "backward engineer" and alter the security algorithms as is possible with software-based solutions. More Economical Than Software-On-Server Solutions: "No one really knew how CPU CPU in full central processing unit Principal component of a digital computer, composed of a control unit, an instruction-decoding unit, and an arithmetic-logic unit. intensive public key encryption See public key cryptography. would be," stated Larry Hines, Atalla's product manager for network security processors. "Our customers were reporting 60-80 percent performance degradation on their Web servers when they turned on public key processing on their pilot programs. "For real Internet commerce, we're talking about thousands of transactions, not dozens. With the high price of adding server capacity to a Web site to make it safe enough for payments, we knew off-loading encryption processing would prove to be a more economical solution. We've responded to this problem with a 2000 percent plus increase in performance," said Hines. "Most people perceive software to be cheaper than hardware. That's simply not true. You need to add in the price of purchasing additional server capacity to get the total picture. Once you do that, you'll find that buying a device that has been specifically designed for cryptographic processing is much cheaper than buying more servers. Your cost-per-transaction will be much less," Hines concluded. WebSafe II Adds Bank-Like Security to Internet Protocols: "Just because you have a protocol, doesn't mean you have security," Hines also noted. "Atalla's hardware-based encryption can support the emerging security protocols being issued by payment network providers too." This latest release provides cryptographic services for SSL, S-HTTP S-HTTP Secure Hyper Text Transport Protocol , PEM (Privacy Enhanced Mail) A standard for secure e-mail on the Internet. It supports encryption, digital signatures and digital certificates as well as both private and public key methods. Not widely used, work on PEM later evolved into S/MIME. See MIME. (Privacy Enhanced Mail See PEM. Privacy Enhanced Mail - (PEM) Internet electronic mail which provides confidentiality, authentication and message integrity using various encryption methods. See also Pretty Good Privacy. ) and will support S/MIME See MIME. . Because Atalla's architecture is based on accepted algorithms, future releases can keep pace with proposed industry standards when they develop (some of the proposed standards under consideration include SEPP (Single Edge Processor Package) A CPU module from Intel that held Celeron chips and their L2 cache chips. The SEPP, which plugged into Slot 1 on the motherboard, was the bare printed circuit board. , STT STT State Street Corporation (stock symbol) STT Suomen Tietotoimisto (Finnish National News Agency) STT Secure Transaction Technology STT Surface Tension Transfer (welding) AND PCT (Private Communications Technology) A protocol from Microsoft that provides secure transactions over the Web. See security protocol. under development by firms such as MasterCard, VISA, Microsoft, Netscape and others). In fact, once integrated, WebSafe II can provide the cryptographic services needed to make many software security solutions safe enough for EFT transactions. The WebSafe II supports payments, certification authorities (certificate generation, verification and archiving), Message Authentication Code A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. A MAC algorithm accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a tag). , digital signatures, PEM and EDI (Electronic Data Interchange) The electronic communication of business transactions, such as orders, confirmations and invoices, between organizations. Third parties provide EDI services that enable organizations with different equipment to connect. (Electronic Data Interchange See EDI. (application, communications) electronic data interchange - (EDI) The exchange of standardised document forms between computer systems for business use. EDI is part of electronic commerce. ). WebSafe's security architecture is the perfect solution for Internet service providers, telecommunications companies, banks, brokerage houses, legal and medical institutions, or anyone who needs to send sensitive data across the Internet, and it employs sophisticated key management similar to global EFT/POS payment networks. WebSafe II features open connectivity and connects to a host or server via an Ethernet port. It also includes a comprehensive set of self-diagnostics and health checks, and requires no scheduled maintenance. Application programs interface to WebSafe II using a simple set of write/read commands, and expansion is as easy as stacking modules in a cabinet. Atalla has been an RSA BSAFE licensee since October 1994. Founded in 1972 and acquired in 1987 by Tandem Computers Inc., Atalla designs, manufactures and supports secure on-line transaction automation systems for financial, retail and business applications. Atalla's products include POS (1) See point of sale and packet over SONET. (2) "Parent over shoulder." See digispeak. POS - point of sale credit/debit payment terminals, check readers, security processors for the Internet and other networks, customer authorization and PIN selection terminals and secure enrollment products for banks, retailers and state EBTs. The company is headquartered at 2304 Zanker Road, San Jose, Calif. 95131. Phone: 408/435-8850, 800/523-9981. Fax: 408/435-1116. -0- NOTE TO EDITORS: Tandem, WebSafe, Atalla and the Tandem logo are trademarks of Tandem Computers Inc. All other brand and product names are trademarks or registered trademarks of their respective companies. Technical specifications and availability are subject to change without notice. CONTACT: Atalla - a Tandem Company Kevin Jordan, 408/435-5342 |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion