Microsoft picks nCipher for authentication solution

News

Microsoft picks nCipher for authentication solution

Ian Grant

All future Microsoft software is to use nCipher's hardware security modules (HSMs) and time stamping technology to protect and authenticate it. Software developers who use Microsoft system-building products will also find it in the Microsoft Authenticode protocol.

"It is a big deal for us," said nCipher product manager Avia Dadon, "but not the biggest. It is in the range of high six figures to low seven figures, and we have many deals in the financial services and government markets that are much bigger."

Dadon said non-traditional markets such as life sciences, retail and independent services vendors (ISVs) are starting to drive the market for encryption and authentication tools.

"The need for compliance is widespread," he said, "People need to be able to authenticate the sender, for non-repudiation of the message, and to assure the integrity of the message, all of which can be done with encryption."

The nCipher technology allows systems developers to prove their products' authenticity and to show that the software has not been modified, potentially for malicious purposes.

"Authenticode is a critical technology for helping to build confidence and trust in computing," said David Cross, Microsoft's director of program management for Windows security. "nCipher's technology is a vital component and a critical part of the signing process for Microsoft software."

nCipher's Time Stamp Server (TSS) allows developers to use secure digital signatures and auditable time stamps when publishing the software. It removes the traditional reliance on the host computer's system clock, which is vulnerable to tampering, said an nCipher spokesman.

The time-stamp is produced within the tamper-resistant boundary of an embedded nCipher HSM and can be calibrated and synchronised to independently provided calibration and audit services, such those from the National Institute of Standards & Technology.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy