Citation
(2003), "Transaction security and database encryption", Aircraft Engineering and Aerospace Technology, Vol. 75 No. 3. https://doi.org/10.1108/aeat.2003.12775cab.010
Publisher
:Emerald Group Publishing Limited
Copyright © 2003, MCB UP Limited
Transaction security and database encryption
Transaction security and database encryption
nCipher plc. (LSE:NCH), a provider of cryptographic IT security solutions, recently announced that Exostar, a global Internet exchange for the aerospace and defence industry, has chosen nCipher's nShield hardware security module (HSM) to protect its online eCollaboration service, ForumPass. Exostar is using nCipher's FIPS-validated equipment to provide database and document encryption within the exchange and for XML-based security used to integrate external applications and Web services. First customers for this service include Rolls-Royce who is using the service to improve collaboration on the development of its Trent 900 engines.
As a major Web-based aerospace and defence exchange founded by companies including BAE Systems, Boeing, Lockheed Martin, Raytheon and RollsRoyce, Exostar brings together manufacturers, suppliers and customers together to trade and collaborate. The exchange is built around the efficient flow of sensitive information in the form of financial transactions, product specifications and project descriptions between remote participants from different organisations. In such a security conscious industry sector, Exostar places great emphasis not only on the fundamental security of the exchange but also on its ability to enhance its range of services, adding more value to its customers without compromising security or harming the user experience. Recently, Exostar upgraded its ForumPass collaboration service and as part of the deployment selected nShield encryption hardware from nCipher.
"Our customers demand the highest levels of security. With respect to collaboration, this means end-to-end encryption to protect every document, including database encryption for documents held on the exchange. Particular attention is also given to the authentication process used to positively identify users and to extend this access control into other systems by securely sharing authentication information."
"nCipher came highly recommended, their products displayed superior performance, and their people were extremely knowledgeable", said Jeff Nigriny, Security Manager, Exostar. "nCipher's combination of key management and hardware protection offers a unique and powerful solution that has allowed us to follow best practice security measures and build a highly secure Internet collaboration exchange for the defence and aerospace industry."
End-to-end encryption and database encryption technologies for the Forum Pass collaboration service are based on software provided by Evincible. It relies on nCipher's nShield HSM for the secure generation, protection and management of various cryptographic keys used to provide strong encryption for privacy and create electronic signatures to prove integrity and authenticity. As part of the overall system nShield performs the following functions:
- •
protect the keys that are associated with individual users and that enable end-to-end encryption of documents as they are exchanged;
- •
protect and manage keys used to encrypt documents stored or archived on the exchange in a distributed database;
- •
digitally sign all SAML transactions, a secure XML-based language used by Web services in the exchange of authentication information and security credentials from one site to another, or for users to gain access to other applications; and
- •
digitally sign audit logs to ensure overall integrity by establishing a mechanism to detect tampering of audit records.
"The very nature of online exchanges with highly variable usage patterns and requirement to be 'always-on', forces us to take system scalability and cost of ownership very seriously", said Reddy Velagala, VP Services at Evincible. "We evaluated products from competing hardware vendors, and selected nCipher as having one of the most scaleable and robust hardware encryption technologies available, matching our requirements for end-to-end security in online trading applications."
Overall project integration was performed by @stake, a digital security consulting firm. "Exostar's encryption solution needed to meet the stringent requirements of its unique customer base of defence and aerospace users. By offering a Federal Information Processing Standard (FIPS) 140 validated HSM that offers flexible key management and scaleable hardware encryption, nCipher's nShield was a perfect fit for Exostar's security needs", said Andrew Jaquith, Program Director, @stake.
"The Exostar online trading exchange is a great example of a highly sophisticated security application using a hardware cryptographic platform to achieve several security objectives", said Richard Moulds, VP Marketing at nCipher. "We are very pleased to be supporting these types of advanced customer applications, demonstrating the value of hardware based cryptography to provide end-to-end security for online applications."
Details available from: nCipher plc. Tel: +44 (0) 1223 723600; Fax: +44 (0) 1223 723601; Web site: www.ncipher.com