Clients Receive Independent Third-Party Advice to Select, Implement and
Monitor Public Key Infrastructures
NEW YORK, Jan. 19 /PRNewswire/ -- KPMG LLP, the accounting, tax and
consulting firm, today demonstrated its capabilities to implement the use of
public key infrastructure (PKI) to enhance the security of e-Commerce
transactions over the Internet. The use of PKI enables transaction
confidentiality, authentication, integrity and non-repudiation.
"Enabling e-Commerce depends upon establishing trust, achieved by a
combination of PKI technology, internal controls and ongoing monitoring," said
Al Van Ranst, partner in charge of the secure electronic commerce unit of
KPMG's Information Risk Management (IRM) practice. "KPMG assists clients by
assessing their business requirements to help design and implement viable
solutions to complex information technology security issues. We assist
clients to implement appropriate operational procedures and internal controls.
Then, to complete the trust concept, we perform independent testing and report
that the controls in a PKI can be relied upon."
"Our objective is to balance security risk against cost. We assist
companies to select and implement cost effective security solutions for
Internet communications, including the use of PKI," said Van Ranst.
KPMG demonstrated its PKI leadership capabilities with five separate
applications during the RSA Conference this week in San Jose, Calif.
At the RSA Conference, KPMG's demonstration of its capabilities for
clients included:
-- Using certificates from Baltimore, CyberTrust, Entrust and VeriSign,
members of the KPMG IRM team demonstrated secure authentication to a
PeopleSoft HR module, enabled by SHYM Technologies.
-- Using biometric technology from Identicator Solutions, members of
the KPMG IRM team demonstrated positive authentication to Microsoft
NT workstations and domain services.
-- They also demonstrated the ability to gain secure remote access in
an extranet environment to SAP FI and MM modules using CyberTrust
certificates with enCommerce's getAccess. CyberTrust's External
Authorization System provides a single administration control point
to enroll a user in getAccess and issue a public key certificate
using CyberTrust's Certificate Management System (CMS).
-- Furthermore, KPMG professionals issued a public key certificate
using Baltimore Technologies' UniCert Registration Authority and
Certification Authority and used the newly generated certificate to
exchange secure electronic mail.
-- Using a SecurID token to access the user's personal security data,
the KPMG team provided secure access to an Oracle database via RSA
Security Inc.'s KEON. This can be expanded to provide secure access
to any application linked to the KEON Security Manager. Van Ranst
called this reduced sign-on the "ultimate in user convenience."
Authentication is needed when the user initially signs-on and
thereafter authentication of the user would be maintained as the
user moves from application to application.
KPMG LLP is the U.S. member firm of KPMG International. In the U.S., KPMG
partners and professionals provide a wide range of accounting, tax and
consulting services. As a provider of information-based services, KPMG
delivers understandable business advice -- helping clients analyze their
businesses with true clarity, raise their level of performance, achieve growth
and enhance shareholder value. KPMG International's member firms have more
than 100,000 professionals, including 6,800 partners, in 160 countries.
KPMG's Web site is http://www.us.kpmg.com.
SOURCE KPMG LLP
 back to top
Related links:
http://www.us.kpmg.com
CONTACT:
Robert Wade of KPMG LLP, 201-505-8851
|
