[   Home   |   News  |   Services   |   Solutions   |   White Papers   |   Programs   |   Associates   ]
(801) 763-7141, Fax (801) 763-0277
For more info contact:


InfoCore, Inc. Sponsors End User Meeting
Concerning Utilization of Public Key
Technologies at Large Global Companies

April 27, 2001 - At the request of many large global companies and enterprise organizations from various industries, InfoCore and its partners hosted an end user industry meeting to understand, discuss and collaborate on the challenges, concerns and issues surrounding the use of current public key technologies to conduct business in the Internet/Intranet environment. Using the Black Forest Group's (BFG) E-Commerce Security Framework, InfoCore and others conducted a roundtable discussion and reviewed various presentations on industry approaches to identify risks, allocate liability, provide insurability for information transactions, reduce costs, and decrease the technical complexities for large global companies using or wanting to use public key and related technologies in their enterprise information technology (IT) environments. In response, vendors have indicated a willingness to work to resolve the challenges, issues and concerns and are preparing to release products in support of the BFG's Security Framework.

As an example of the issues involved, one enterprise's experiences were examined. In its attempts to utilize public key technologies to conduct business in the Internet environment, the enterprise had searched the commercial market place for a globally interoperable and secure means to perform the Business-to-Business (B2B) E-Business exchanges that are becoming increasingly important. Frustrated by an inability to find products that were responsive to its needs, the enterprise turned to InfoCore for assistance. After introducing the enterprise to a group of other large global companies that had encountered similar serious limitations and identified a promising public key framework for addressing them, InfoCore was able to aid the enterprise in designing and developing a target architecture that enables it to deploy public key technologies as a fundamental part of its infrastructure while meeting its business objectives and requirements.

In outlining the enterprise's target architecture, InfoCore identified a solution to the problem of balancing the benefits of public key technologies with the new liabilities and associated risks. This solution integrates the two elements of public key technology-(1) Certificate Authorities (CA) that produce certificates and (2) applications that consume certificates to implement specific business processes-and the BFG's Security Framework. The resulting formula has three key properties:

  • Hardened PKI Platform. The risk from platform failures throughout the framework is ameliorated by associating with each platform an explicit quantitative measure of the assurance of the platform's correct behavior. Recognized and authoritative independent third parties are used for security validation of the platforms against international security standards.
  • Quality Attribute Within Each Certificate. Effective use of a CA requires confidence in the quality of each certificate chain. The BFG has identified a powerful standards-compliant quality attribute. The target architecture incorporates the BFG Quality into each certificate.
  • Global Liability Assuming Root CA. A high integrity copy of a root certificate, in components that consume certificates, enables pervasive interoperability. The BFG is actively engaged in efforts to provide such a root CA with sufficient liability assumption resources.



[   Home   |   News  |   Services   |   Solutions   |   White Papers   |   Programs   |   Associates   ]

© 1995-2003 InfoCore, Inc.