RealTime IT News

RSA Plans New, Open, Certificate-Based Security Apps

RSA Data Security Inc. unveiled plans "to jump-start a new generation of secure applications" for Internet commerce this week at the company's Data Security Conference in San Francisco.

RSA said the key to its strategy is its Certificate Security Suite, a set of high-level security components and tools designed to make developing secure certificate-based applications faster and cheaper.

RSA reports the Certificate Security Suite will provide commercial and corporate developers with easy-to-use code modules and APIs for popular security features, including digitally signed and encrypted data; authentication using X.509 v3 digital certificates; issuing, using, and managing digital certificates; and implementing secure storage.

The suite's components will also support an open, standards-based API that lets applications "plug-in" to off-the-shelf certificate management products from a variety of vendors.

RSA will support the Common Security Services Manager (CSSM) API defined in Intel's Common Data Security Architecture (CDSA) as a core API for application/certificate management system interoperability.

"Developers need a much easier way to add standard security features to secure applications and integrate them into a variety of shared infrastructure and management systems," said Jim Bidzos, president of RSA. "Now we are taking the lead in making security open and much easier to implement by providing developers with the high-level security components they need."

Both IBM and Intel announced support for the project and all three companies will support each other's solutions.

RSA said it intends to release code for the Certificate Security Suite to developers in the second quarter of 1998. Later in the year, RSA also plans to offer its popular S/MAIL product as an extension to the Certificate Security Suite for developers creating S/MIME standard messaging applications.