Framework Outlines Standards-Based Platform for Creating, Storing, Managing,
Proving and Leveraging Credentials
RSA(R) CONFERENCE 2005/SAN FRANCISCO, Feb. 15 /PRNewswire-FirstCall/ --
RSA Security Inc. (Nasdaq: RSAS) today announced the company's roadmap for
strong authentication, designed to provide flexibility and choice as
organizations strive to leverage identity as a business asset. Driven by
customers' need for simplicity, security and the ability to manage compliance
mandates, RSA Security's roadmap recognizes that authentication is moving from
a point product to an enterprise-wide solution, and from password-centric to
strong authentication implementations. As businesses work to achieve more
holistic enterprise security through a comprehensive identity and access
management (IAM) strategy, RSA Security's authentication roadmap provides a
standards-based, enterprise-wide platform for creating, storing, managing,
proving and leveraging credentials. This robust platform also will serve as
the central hub for mission-critical enterprise-wide authentication
deployments, as companies leverage a wide variety of credentials,
authentication methods and form factors.
RSA Security believes strong authentication is the cornerstone of a
comprehensive enterprise IAM solution, and that two-factor authentication will
see increasing interest from large enterprises aiming for stronger security
inside the firewall, and from small and midsize business (SMB) and consumer
markets seeking to better protect identities. As these factors drive broader
authentication adoption, the RSA Security roadmap also delivers on the
authentication portion of NEXUS, the company's strategy for providing a
simple, modular infrastructure for a comprehensive IAM solution.
"The IT security industry is at a turning point, as strong authentication
becomes mainstream with a broader range of companies, along with consumers,
expecting the same levels of security that enterprises have leveraged for
years," said Art Coviello, RSA Security's president and chief executive
officer. "As strong authentication becomes pervasive, organizations need a
robust and open platform that allows for easy, cost-effective integration of
one-time passwords with back-end technology. The RSA Security roadmap
addresses these needs, and empowers customers with the ability to choose
credentials, authentication methods and form factors that meet their long-term
security needs."
Framework for the RSA Security Authentication Roadmap
The RSA Security authentication roadmap is based on the premise that
organizations need a flexible, cost-effective platform to prove and leverage
identities across a variety of networks and applications. Credentials are at
the core of any authentication solution, and customers gain the greatest value
from these systems when credentials are managed throughout their lifecycle.
To that end, the roadmap recognizes the importance of offering customers
choice in credentials, authentication methods and form factors. RSA
Security's authentication roadmap addresses the following issues related to
credential lifecycle management:
* Create: Creating, vetting, provisioning and binding a credential to
a user, device or application, and enabling self-service
capabilities
* Store: Delivering an array of dedicated and multi-function
hardware- and software-based credential storage devices, with a
range of security and mobility characteristics
* Manage: Addressing the complete credential management lifecycle,
and providing both security administrators and end users the ability
to easily update, renew and revoke credentials
* Prove: Offering real-time credential authentication and validation
* Leverage: Leveraging the credential across a multitude of
applications, resources and domains
To deliver on this authentication vision, RSA Security will:
* Provide flexibility in the choice of credentials and authentication
methods
* Offer a broad range of form factors for storing and protecting
credentials
* Provide streamlined, cost-effective identity life-cycle management
* Deliver mission-critical scalability and reliability for credential
validation
* Enable trusted identities to be leveraged across the widest range of
resources and applications
In addition, RSA Security will continue to champion a broad range of
industry standards, which provide the greatest value to customers worldwide
and build on the company's established role as a champion of industry-wide
standards, a history that includes open initiatives such as Public Key
Cryptography Standards (PKCS), Security Assertion Markup Language (SAML) and
Lightweight Directory Access Protocol (LDAP).
One-Time Password Specifications: Delivering on the Authentication
Roadmap
RSA Security's authentication roadmap is immediately furthered with the
announcement today of one-time password (OTP) specifications, which bolster
companies' ability to create, store, manage, prove and leverage credentials.
The proposed OTP standards -- available for public review and comment -- will
position technology solutions vendors to more effectively integrate support
for a wide range of OTP methods. The specifications also ensure that
credentials are created in a manner that enables businesses to reduce
deployment costs and provide access to multiple sites with a single credential
or token, and that identities can be effectively leveraged across
organizations.
The specifications will be submitted as appropriate to established
standards bodies, such as the Internet Engineering Task Force (IETF) and the
Organization for the Advancement of Structured Information Standards (OASIS).
Technology leaders such as Adobe Systems, Check Point Software Technologies,
Funk Software, iPass, Juniper Networks, Meetinghouse and Microsoft have
endorsed the effort to put forth open solutions tied to authentication.
New Products & Services: Offering Choice and Flexibility in Strong
Authentication
In addition, RSA Security also announced several new products and
services, which are expected to provide companies with greater choice in how
they manage and protect identities. Each announcement is designed to further
RSA Security's ability to deliver a broad platform for creating, storing,
managing, proving and leveraging credentials. These include:
* New RSA Authentication Service: RSA Security today announced the
RSA Authentication Service, a consumer-focused authentication
service that is expected to provide Internet users with enterprise-
class protection for their online activities. The service, which
will be operated and managed by RSA Security, will present
businesses with a straightforward authentication offering designed
to allow customers to gain secure access to multiple sites using a
single credential. The new RSA Authentication Service will support
RSA Security's efforts to provide flexible and cost-effective
options for strong authentication. RSA Security plans to launch a
pilot program in 2005 and then release commercially.
* New RSA SecurID(R) Appliance: As the need for strong authentication
expands outside of the enterprise, small and midsize businesses
(SMBs) require solutions tailored to meet their specific needs. The
new RSA SecurID Appliance, designed for businesses with fewer than
1,000 employees, will provide a cost-effective strong authentication
solution for SMBs worldwide. The appliance solution - a bundled
hardware/software offering - will provide an easy-to-deploy and -
manage two-factor authentication solution for the SMB market. RSA
Security expects to begin delivering the RSA SecurID Appliance
through resellers within the United States in April 2005. The
appliance is expected to be released globally through the second and
third quarters of 2005.
* New RSA SecurID(R) Authenticators: The new USB-enabled RSA SecurID
SID800 delivers the levels of security, mobility and reliability
associated with traditional RSA SecurID tokens, while significantly
expanding credential support and user flexibility. RSA Security's
new RSA SecurID SID700 -- 35 percent smaller than the original RSA
SecurID key fob authenticator -- is more convenient to carry and
use. Both authenticators provide greater flexibility in storing
credentials and offer an effective co-branding option. RSA Security
will begin delivering the RSA SecurID SID700 tokens immediately.
RSA SecurID SID800 authenticators will be available in the second
quarter of 2005.
About RSA Security Inc.
RSA Security Inc. helps organizations confidently protect identities and
information access. The company secures more than 15 million user identities,
safeguards trillions of business transactions annually, and manages the
confidentiality of data in tens of thousands of applications worldwide. RSA
Security's portfolio of award-winning solutions -- including identity & access
management, secure mobile & remote access, secure enterprise access, secure
transactions and consumer identity protection -- sets the standard in the
industry. Our strong reputation is built on a 20-year history of ingenuity,
leadership and proven technologies, and our more than 17,000 customers around
the globe. Together with more than 1,000 technology and integration partners,
RSA Security inspires confidence in everyone to experience the power and
promise of the Internet. For more information, please visit
http://www.rsasecurity.com.
NOTE: RSA, RSA Security, SecurID, the RSA logo and Confidence Inspired
are either registered trademarks or trademarks of RSA Security Inc. in the
United States and/or other countries. All other products and services
mentioned are trademarks of their respective companies.
SOURCE RSA Security Inc.
 back to top
Related links:
http://www.rsasecurity.com
CONTACT:
Roger Fortier of McGrath/Power Public
Relations, +1-408-727-0351, or rogerf@mcgrathpower.com, for RSA
Security Inc.; or Dave Howell of RSA Security Inc.,
+1-781-515-6303, or dhowell@rsasecurity.com
|
