Security software and services vendor VeriSign has teamed up with British cryptography firm nCipher to offer the Hardware Protected SSL Certificate, an Secure Socket Layer server certificate the companies say will offer better protection against online data theft and Web site spoofing.
The new offering is said to be the first available SSL certificate that assures the private key will be protected in a FIPS-validated cryptographic hardware, from nCipher, thus providing a stronger level of authentication.
VeriSign is bundling into the offering a premium level of security for SSL certificates.
"We will ensure that the digital certificate is issued to an entity whose organization characteristics have been verified in a number of ways," says Kevin Trilli, director of product marketing for VeriSign. Any site that uses the offering will be allowed to display VeriSign's Secure Site Seal.
"The padlock has not been sufficient," Trilli says. When a site visitor clicks on a padlock, the text displayed is meant to be read by someone familiar with PKI, for instance. AusCERT2005::
nCipher, Australia Artifact Analysis Team Leader, CERT Coordination Center we can use -- in hardware, in the operating system kernel,
http://conference.auscert.org.au/conf2005/abstracts.phpHOME |
Dark Reading - Encryption Articles::
2007 : Venafi support for ncipher Hardware Security Module lets organizations July 17, 2008 : SSL only works if it builds on an existing trust relationship
http://www.darkreading.com/topics.asp?node_id=1609&wire_page=4&the_yearmonth=HOME |
Protecting the private key in hardware is the essential innovation in the combined offering. The nCipher hardware security module (HSM) complies with Federal Information Processing Standard (FIPS) 140-2, a stringent standard representative of industry best practice. VeriSign chose nCipher as a partner in the effort because of the firm's expertise in FIPS. nCipher taps Abridean to enter ID management::
about SSL Security and Consumer Trust. A Verisign Business Guide Verisign, nCipher tout hardware-based SSL certs (7 April 2003) nCipher teams up to secure
http://play.tm/wire/click/548020HOME |
Computer security background information::
CERT, ArcSight Partner With 3 Universities On Security Big Blue, GE Interlogix Team on Building Security. nCipher Offers Shareable Hardware Security Module
http://www.100share.com/computer-security.htmHOME |
The companies see the joint effort as a way to spread the use of hardware-protected SSL certificates more into financial services, government and healthcare industries handling sensitive data transmitted over the Internet.
The Hardware-Protected SSL Certificate will be available from VeriSign in May, and can be purchased as part of a product bundle from nCipher with its nShield of nForce HSM. Pricing for a package is being discounted to $4,500 through Q3, after which is will revert to more standard pricing of approximately $9,000, nCipher indicated.
VeriSign reports that it has 400,000 active digital certificates, which it estimates to be 90% of the market. Figures compiled by NetCraft show 187,000 digital certificates are associated with public DNS records. The difference is the number of certificates used inside firewalls that the Netcraft spider cannot detect.
* John Desmond writes for eSecurityPlanet.com, a JupiterMedia property.
Pre-Article:Chip Making Equipment Sales Slide - Again
Next-Article:Intel, Via Settle Legal Row
| 
VeriSign, nCipher Team on Hardware SSL Certs