Information Technology Reference
In-Depth Information
problem and let us solve the problems one at a time. Let us first address one issue and
once we have understood the solution to that issue, let us move on to the next problem.
So in this digital signature test case let us do the same. Let us specialise, divide and
conquer and focus on digital signatures for the enterprise. Say I am in charge of a large
enterprise or organisation and I want to deploy digital signatures for my organisation.
And when you look at the restricted problem you very quickly realise that the problem is
much simpler. Therefore the solution is much simpler and now you can perform various
routines completely automatically and you stand a chance of providing a solution that is
easy to deploy and easy for people to use. You can, in fact you should, leverage on
existing systems which are normally called the provisioning systems of an organisation.
These provisioning systems are user management systems. All organisations already
have them. They have a system that says who belongs to the organisation and who does
not belong and which person is allowed to do what. You can rely on that system to know
when the user leaves the organisation as he will leave the provisioning system. When the
user moves from one place to another that will be reflected in the user management
system. It is not something that is there because of security; it is there because you have
to manage the users. Organisations already have some form of authentication scheme,
whether good or bad, but they already exist. There are user ID passwords and one-time
passwords. Some organisations for some restricted communities use smart cards. Some
of them, for example, use a system that we developed in the Far East, an SMS-based
authentication scheme where users use their cell phones to authenticate themselves.
There are also biometric mechanisms and some organisations use these. Let us use
whatever the organisations use. It is an octagonal problem. Let us not try to solve the
authentication problem together with the digital signature problem. These are two
separate problems and we should address them separately.
5.
CO-SIGN
When you view the problem in this restricted form, you realise that there is actually a
simple solution. Today I do not want to promote the AR name or the AR solutions too
much, but I do want to spend a few minutes with this slide to explain how we solved this
problem. The only hint that I will give here is this appliance that you see in the top
corner. This is an appliance that we produce called “Co-sign” and this is our solution to
the digital signature problem that I described. This large appliance I take to a system
administrator of a large organisation and I tell him that everything that he will ever need
for digital signatures comes in this device. He will not need anything outside this device
for everything is here and he, as the administrator, does not have to know anything about
digital signatures or digital signature keys or certificates, in fact none of that. We take
care of everything in the box itself. All I ask him to do is to please connect this device in
his data centre to his provisioning system, to his user management system. All he needs
is software such as a Microsoft active directory or an IBM lotus domino. I ask him to tell
me what he has and I will connect to that provisioning system. I do not ask him to
change the way that he manages his users. He should continue to manage them in exactly
the same way that he has managed them until now. “Co-sign” connects to that
management system and it is able to infer all the key management and all the digital
signature management issues completely automatically from the regular user
management operations that are performed.
Search WWH ::
Custom Search