Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

SafeNet provides security guidelines for PKI-based transactions

Friday, September 23, 2011

In light of recent security breaches that have attacked enterprises’ PKI infrastructure, Baltimore-based data protection provider SafeNet released security guidelines to enhance PKI-based transaction security.

SafeNet’s cryptographic experts first advise that companies consider securing their private keys in a hardware-based security module (HSM). While software-based security has the benefits of portability and flexibility, it’s also vulnerable to being copied and living in multiple locations simultaneously. The HSM can create a trust anchor to lock keys and grant access to key information from an authorized source.

Next, enterprises shouldn’t assume that their infrastructure is secure because they have a certificate authority. Should the certificate private key be compromised, then the entire PKI is compromised. SafeNet recommends using multiple layers of secure cryptography and hardware-based options for securing PKI end points.

Finally, SafeNet recommends planning ahead for the next generation of critical applications. As PKI end points have expanded and more advanced PKI applications have been developed, companies should be more diligent about establishing trust anchors to protect keys and certificates within these applications. [end] 

Related Articles
SafeNet acquires Cryptocard

SafeNet announced that it has acquired Cryptocard, a privately held provider of cloud based authentication solutions. Financial terms were not disclosed.

With the acquisition of Cryptocard, SafeNet adds to its authentication portfolio. Cryptocard’s platform will provide an opportunity for mobile and telecom service providers, as well as IT system integrators and service providers, to introduce Auth-as-a-Service to their end users.

read more »
Canadian banks issue NFC payment guidelines

Canada’s banking and credit union groups have come together to create a set of open guidelines for the development of mobile payments at point-of-sale in Canada.

read more »
CSC, Daon partner for banking multifactor authentication product

CSC has partnered with identity authentication technology and services provider Daon to produce a biometric multifactor authentication service for the banking industry. The product, called ConfidentID Mobile, provides in and out-of-band identity authentication for transactions in multiple channels, including online and mobile.

read more »
ValidSoft and Spindle partner for payments security

ValidSoft, a supplier of telecommunications-based fraud prevention, authentication and transaction verification products, announced its new partnership with Spindle Inc., a mobile commerce and alternative payment solutions provider to bring payments security products to U.S.-based customers.

read more »

Comments
Be first to comment...
Comment on this article

Your full name and URL will be displayed with your comment.

Your email is not shown or shared, and is used only for your Gravatar image.




characters left.
Copyright © 2012, AVISIAN, Inc. All rights reserved.