Pallab’s Place

The keynotes RSA Conference held in San Francisco followed the theme that data Security is no longer an option, it is required.  This was reiterated several times by RSA president Art Coviello who also noted the dialog box pop-up of “Are you sure?� before you submit information is the tech worlds equivalent of the old movie line “Do you feel lucky?�.  A later keynote by Dept of Homeland Security Secretary Michael Chertoff identified today’s threat of cyberspace is on a par with 9/11.  Replays of the conference keynotes are available after registration at the following site:

In a move that emphasizes the direction of security, Hitachi recently purchased the long standing private company M-Tech, now called Hitachi ID.  The M-Tech acquisition fills that gap in their IT and security services offering.  Hitachi is now suited to address customers needing Identity and Asset Management solutions with full product line solution from a single provider.  This software was a needed addition to the wide variety of access control products including RFID and biometrics. The Hitachi ID software solution is currently implemented at over 200,000 users and supports single-core, multi-core and distributed processing environments.  One of the key applications is for SOX compliance reporting and access.

From a hardware perspective, there were lots of FPGA solutions for encryption/decryption of the data streams and authentication for access control.  Typical of the offering is the 10Gb AES softmacro for the Xilinix family of products that is available from Algotronix Ltd.  The IP is being offered on a 60 day/5 FPGA trial basis.  The predominant ID system for access control is still the hardware dongle with either a fixed or changing key.  Biometric ID (thumb, fingerprint, eye scan) were all still present, but were not highlighted as prominently as the software system for backing them up.  Hitachi was displaying their new finger vein scanner which is supposed to be more unique and consistently identifiable than fingerprint scanning.

One area that the software suppliers did not indicate they were addressing is the area of malware, viruses, and software intrusion in multi-core and GPU executable environments.  Shared cache systems attached to multiple core processors that also reference a single memory store have some issues with false flag generation for access control and ID confirmation applications.  At this time, none of the vendors that were asked about this problem had a definitive position on how it was addressing this problem for code installations on legacy software that was created for single core engines.
pc