MS, VeriSign shore up Windows security
The deal builds on technology in Microsoft's Windows Server 2003 that allows access to data using digital signatures. Digital-signature technology, which uses a variant of the mathematics behind encryption, lets people digitally sign data and verify their identity online. VeriSign, which makes server software that manages such signatures on a large scale, plans to launch a service that will take advantage of the new Windows Server 2003 features.
By working together, Microsoft and VeriSign hope to make authenticated Web services easier to use and more likely to interoperate. "It is that combination that brings (companies) a lot of the benefits," said Nico Popp, vice president of Research and Advanced Products for VeriSign.
Suppliers that want to bid on a corporate contract, for example, could provide the potential client with their digitally signed proposals, which would then be authenticated through VeriSign's digital signature system. A company sending e-mail to a partner could mark the digital document with a rights-management tag indicating that it should be inaccessible a week later.
While such services are valuable, so-called public-key authentication has been adopted slowly, because installing the software and servers needed to support the technology is difficult, said Michael Stephenson, lead product manager for Microsoft's Windows Server group.
"This could be much simpler than it is today," he said. That is the primary aim of Tuesday's announcement, he added.
Reader Resources Web services security ZDNet White Papers | ||||
However, Stephenson said, VeriSign currently is the largest player in that market. "We really view VeriSign as a leader in the marketplace for authentication services."