RSA Data Security is getting into the applications business and, in the process, taking on some of its ISV customers.
At a press briefing kicking off the RSA Data Security Conference, officials from RSA and parent company Security Dynamics Technologies unveiled the new Keon suite of security software.
Keon, which will roll out in pieces over the next several months, is a combination of digital certificate and desktop security combined with PKI technology from RSA spinoff VeriSign that will compete directly with software from the likes of Entrust Technologies, a longtime RSA licensee.
For RSA, this may be the most important product release since founder Ron Rivest and his friends turned a classroom project into the RSA public key, the foundation for SSL (Secure Sockets Layer) encryption of browsers and the bulk of encryption used in electronic commerce.
The patent on RSA' s public key algorithm runs out next year. Security Dynamics has traditionally relied on income from sales of hardware token security. But those sales have flattened, while VeriSign's appear to be picking up. It was inevitable, said analysts, that VeriSign -- still heavily influenced by its parent companies -- would become the linchpin for a new product line.
"They are finally taking all of the different parts of the Security Dynamics empire, which includes RSA and VeriSign, [and turning it into a cogent product line]," said Larry Dietz, an analyst at Current Analysis.
The Keon suite, which uses VeriSign's OnSite technology as its core,is meant for both enterprise and developer customers. It includes:
Keon Security Server, which is designed for centralized security administration and support of single sign-on capabilities.
Keon Desktop, which provides file encryption, user credentials at the desktop, and capabilities for securing e-mail, Web browsers and access to protected applications.
Keon Agents, which essentially act as a proxy server, creating authentication access to existing ERP applications, including those from PeopleSoft, SAP AG and Oracle.
Keon Agent SDK, which developers will use to add agents to custom-built ERP applications.
Keon Certificate Server, which is really a VeriSign product for issuing and managing digital certificates.
Pricing for the Keon suite will vary, depending upon the implementation.
Also at the show, RSA said it has signed a cross-licensing agreement with Intel Corp., which will announce later this week plans to include certain cryptographic functions into future PC chips by the middle of the year.
Intel has licensed RSA's BSafe tool kit to do so; in return, RSA will gain the rights to the hardware technology that Intel develops with the chips. For the industry in general, Intel's move to include cryptographic functions on a chip -- similar to specialized chip capabilities from companies such as Hewlett-Packard and smaller niche players -- is a good sign, according to analysts.
It was inevitable that, given the processing overhead created by the mathematics in encryption, basic cryptographic functions would find their way into chips. And chip-based cryptography will not only make e-commerce transactions faster, but it will make security more transparent to end users.
"If you ask anyone who has done crypto in the military," said Dietz, "they will tell you that hardware is the most secure."
Also on the hardware front, RSA announced that Compaq Computer has licensed the BSafe Crypto-C cryptographic engine, the Crypto-J Java crypto engine and the BSafe Cert-C digital certificate tool kit for use with its products.
