Unique Secure Execution Engine(TM) (SEE) Technology Creates a Trusted
          Processing Environment for Security-Sensitive Applications

    RSA SECURITY CONFERENCE, SAN FRANCISCO, April 10 /PRNewswire/ --
nCipher(TM) plc (LSE: NCH), a leading developer of Internet security products
for e-commerce and Public Key Infrastructure (PKI) applications, today
unveiled its CodeSafe(TM) Developer Kit, enabling application developers to
easily and effectively secure e-business applications, using an open, standard
Java(TM) development environment. CodeSafe allows developers to write Java
programs that are securely loaded, executed and administered on an nShield(TM)
hardware security module (HSM), moving sensitive application processing inside
the security perimeter of a trusted hardware device.
    "As more companies conduct business online, challenges are surfacing that
require advanced protection of the intellectual property of companies, their
customers and their partners," said David Thompson, research analyst, Meta
Group. "Hardware based solutions are emerging as the best method for solving
the next wave of transactional security issues as companies deploy new
services across distributed heterogeneous networks, often networks they do not
directly control."
    With e-business applications becoming more distributed through outsourcing
and involving multiple parties in the delivery of online services, security
gaps can arise that create vulnerabilities. Specifically, unattended server
environments that rely on encryption for privacy, authentication, and non-
repudiation are particularly susceptible to attacks, in which corrupted
application code resident on the host computer could use private keys in
unauthorized ways. The Secure Execution Engine technology delivered with
CodeSafe allows application-specific code that uses keys to be secured, in
addition to protecting the keys themselves.
    With SEE, the rights that applications are given in performing
cryptographic operations on unattended servers can be tightly controlled,
enabling secure automation of critical business processes.
    Delegating rights to secure application programs, or 'Trusted Agents(TM)',
and executing these agents in an HSM strong-box increases security and reduces
the need for human intervention, reducing risk and costs as organizations
scale their e-business operations.
    Some examples of Trusted Agents include digital meters, authentication
agents, time-stamp and audit agents, and digital signature proxies.
    "With a non-reputable timestamp, digital data or event logs become
auditable, providing protection from potential legal liability and
'credibility attacks.' When designing our secure TimeStamp Server, we found
that nCipher's nShield F3 HSM which came with the CodeSafe developer kit was
capable of, not only meeting our key management and cryptographic acceleration
requirements, but also securing the time-stamp signing operation and the local
time source itself", said Steven Teppler, CEO of TimeCertain, LLC. "This
powerful combination wrapped in a FIPS 140-1 Level 3 package is enabling us to
provide a transactional warranty to our customers with the time-stamping
service, backed by Lloyds of London."
    "Customers are asking for a flexible environment that goes beyond securing
keys to securing the protocols and applications that use the keys," said Stu
Vaeth, Director of Product Marketing at nCipher. "The SEE technology delivered
with CodeSafe builds on our core technologies, allowing customers to create a
trusted environment that extends security beyond key management to the
application itself. SEE delivers a new, flexible trusted computing platform,
providing developers with fine-grained control in implementing application-
specific security policies."

    Availability
    The CodeSafe Developer Kit is available immediately. It includes an SEE-
Ready nShield HSM enabled with the Java Virtual Machine for loading and
running user applications, a '''Virtual SEE''' capability for host-side
development and debug, developer tools and APIs, documentation, and developer
support. nCipher Professional Services are also available to provide custom
application development and integration for SEE applications. CodeSafe is part
of the nCipher SafeBuilder(TM) family of developer kits, which enable third
party developers to build custom applications based on nCipher's secure
hardware platforms.

    About nCipher
    nCipher is a leading developer of Internet security products specifically
designed for e-commerce and Public Key Infrastructure (PKI) applications.
nCipher's products, which incorporate both hardware and software, help its
customers to solve problems of information security, systems scalability and
processing speed in e-commerce and PKI applications. In addition, nCipher also
offers technical support and professional services. nCipher's products are
particularly well suited to e-business users with high volumes of security-
sensitive transactions, such as banking and financial institutions, e-
retailers and service providers (ISP/ASPs) and Government agencies.
    nCipher is listed on the London Stock Exchange as a TechMARK 100 company
(LSE: NCH). With offices in Cambridge, UK; Boston, New York and San Francisco,
USA; Dublin, Ireland; Paris, France; and Hamburg, Germany, nCipher serves
customers and partners around the world. For more information on nCipher visit
our website at http://www.ncipher.com
    S.E.E., SafeBuilder, CodeSafe, Trusted Agents and nCipher are trademarks
or registered trademarks of nCipher Corporation Ltd. in the United Kingdom and
other countries. All other trademarks and registered trademarks are the
property of their respective owners.

    Claire Collins
    nCipher Inc.
    (781) 994-4000
    ccollins@us.ncipher.com

    Leanne Agurkis
    Blanc & Otus Public Relations for nCipher
    (617) 451-6070
    lagurkis@blancandotus.com

Link to this page: