Terisa Systems targets global electronic commerce market with toolkit designed to develop exportable secure Web browsers and servers; new SecureWeb toolkit supports development of secure mass market software that meets streamlined government export approval requirements.SAN JOSE, Calif.--(BUSINESS WIRE)--April 10, 1995--The potential of electronic commerce is global, yet the cryptography essential for secure transactions is difficult to export. To meet the growing requirement for security in international transactions, Terisa Systems, Menlo Park, Calif., Monday announced a new release of its SecureWeb(TM) toolkit that permits developers of World Wide Web applications to produce exportable secure Web browsers and servers. The announcement was made today at the Internet World trade show, here in conjunction with a related story where the company announced an equity and technology partnership with America Online, CompuServe, Prodigy/IBM, and Netscape, in addition to Terisa founders Enterprise Integration Technologies and RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. Data Security Inc., to create a universal approach to Internet security. "Terisa's objective is to create a common interoperable security approach that will streamline the ability of the on-line information services to provide secure transactions on the World Wide Web," said Patrick McGill, the company's vice president of marketing and sales. "The Internet is a global computing environment, and our strategy is to provide products that help expand the growth of secure electronic commerce not only in the U.S. but internationally as well." The new release contains two varieties of the S-HTTP S-HTTP Secure Hyper Text Transport Protocol protocol libraries. The first is the domestic version, implementing a variety of cipher cipher: see cryptography. (1) The core algorithm used to encrypt data. A cipher transforms regular data (plaintext) into a coded set of data (ciphertext) that is not reversible without a key. algorithms such as the well-known Data Encryption Standard See DES. Data Encryption Standard - (DES) The NBS's popular, standard encryption algorithm. It is a product cipher that operates on 64-bit blocks of data, using a 56-bit key. It is defined in FIPS 46-1 (1988) (which supersedes FIPS 46 (1977)). (DES). The second, export-oriented library, restricts itself to cipher algorithms (such as 40-bit RC2) defined by the State Department's office of Defense Trade Controls (DTC DTC See: Depository Transfer Check DTC See: Depository Trust Company DTC See Depository Trust Company (DTC). ) to be suitable for so-called "Fast Track Commodity Jurisdiction." This seven-day streamlined approval process permits for international distribution of mass-market software incorporating cryptography, without export licensing. "The negotiation facility of Secure HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. was deliberately designed to support interoperation of secure Web applications across national borders," said Allan M. Schiffman, Terisa's chief technical officer. "The client and server can negotiate upwards to strong ciphers or downwards to weak ones, depending on the needs of the particular transaction and the capabilities of the software. This allows, for example, an export browser to securely communicate with a domestic server." Other improved facilities in the new toolkit release include an in-memory cached key database, leading to improved performance, together with expanded user documentation. The toolkits, available since late 1994, implement the Secure HTTP (S-HTTP) protocol, a system that enhances the Web's native HyperText Transfer Protocol See HTTP. (protocol) Hypertext Transfer Protocol - (HTTP) The client-server TCP/IP protocol used on the World-Wide Web for the exchange of HTML documents. It conventionally uses port 80. Latest version: HTTP 1.1, defined in RFC 2068, as of May 1997. to provide robust communications security using state-of-the-art cryptography. Terisa plans to introduce a SecureWeb toolkit in June 1995 that combines the two major transaction security protocols in the market today, Secure HTTP and Netscape's Secure Sockets Layer (networking, security) Secure Sockets Layer - (SSL) A protocol designed by Netscape Communications Corporation to provide secure communications over the Internet using asymmetric key encryption. (SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. ). This provides an interoperable approach to Web server and browser security. A version of the toolkits that will support interoperability for export application development will be introduced in Q395. Secure HTTP was originally developed by Enterprise Integration Technologies and first demonstrated in April 1994 in conjunction with the launch of CommerceNet, the Northern California consortium that pioneered electronic commerce on the Internet. The protocol incorporates Public Key Cryptography An encryption method that uses a two-part key: a public key and a private key. To send an encrypted message to someone, you use the recipient's public key, which can be sent to you via regular e-mail or made available on any public Web site or venue. developed by RSA Data Security. The specification of S-HTTP is public and is being considered for standardization by the World-Wide Web Consortium and the Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the . Terisa Systems Inc. is based in Menlo Park, Calif. and specializes in tools and technologies to provide secure Internet transactions. It was formed in 1994 as a joint venture of Enterprise Integration Technologies Corp. of Menlo Park and RSA Data Security Inc. of Redwood City, Calif. -0- Note to Editors: SecureWeb is a trademark of Enterprise Integration Technologies Corp. CONTACT: BKMPR Barbara Kline, 415/694-7991 bkline@netcom.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion