(no subject)

[Rob Lesan <lesan_robert@tandem.com>]

I am a contractor currently working for Tandem Computers, and I found this 
press release interesting.  Thought this group might need a target of a 
different flavor to kick around:


SUBJECT: PRESS RELEASE: ATALLA WEBSAFE

ATALLA BEGINS SHIPPING HARDWARE-BASED SECURITY FOR THE INTERNET

SAN JOSE, CALIFORNIA - October 2, 1995 - Atalla, a Tandem
Company, announces that the WebSafe Internet Security Processor
is ready for shipment. Now you can use the same technology that made
the "bank ATM" network safe enough for bank transactions to secure
the Internet for commerce.

"The Internet is a 'party-line' where everyone can jump in. Our vision
is to make it a 'private-line' for those situations where privacy is
essential for doing business on the Net," says Bob Gargus, President
of Atalla. "When we set out to build WebSafe, we wanted a system safe
enough to do bank transactions on the Internet. We're taking our 23
years of experience in financial network security systems and applying
it to the Internet. WebSafe is the first Internet processor that gives
banks and our other customers the security that they have come to
trust Atalla to deliver," Mr. Gargus also noted.

WebSafe is a hardware-based security processor specifically designed
to help transform today's emerging point-to-point Internet security
into a full end-to-end security system. Typical WebSafe applications
include payments (such as credit cards), web commerce, certification
authorities (electronic notarization), PEM (Privacy Enhanced Mail)
and EDI. WebSafe's security architecture is the perfect solution for
banks, brokerage houses, telecommunications companies, legal and
medical institutions or anyone who needs to send sensitive data across
the Internet. This revolutionary product protects transaction data
against unauthorized access, disclosure, alteration, duplications and
substitution. WebSafe supports both public (e.g. RSA) and secret key
(e.g. DES) technology and employs sophisticated key management
similar to global EFT/POS payment networks.

HOW THE WEBSAFE WORKS
Attached as a peripheral device to your Web servers, the WebSafe
processes your secret information in a "hardware-secured envelope."
But unlike software security solutions which are vulnerable to attack
from cyber-pirates, the WebSafe is both physically and logically
secure. Physically secure means that if anyone tries to penetrate the
WebSafe, it will "zeroize," erasing the secret data so it's impossible
to retrieve. Logically secure means that, because all of the security
processing is done within the WebSafe security processor, it's
impossible for anyone to ever see your cryptographic material.

WEBSAFE IS THE BRIDGE FROM THE INTERNET TO THE
PAYMENT NETWORK
The best example of a major deployment of an end-to-end security
network is the bank ATM system. Today, 100% of all bank ATM
transactions in North America have hardware-based security, 70% of
which is provided by Atalla. The Internet is currently going through
the same evolution that the bank ATM network went through 20-plus
years ago. What's holding back electronic commerce on the Internet
today is payments. The truth is, banks are the payment network. You
simply can't have payments without them. However, the bank payment
network and the Internet operate very differently.  For example, the
bank payment network primarily relies on secret keys (like DES) for
security, while the Internet typically relies on both secret and
public keys (like RSA). But because the two networks operate
differently, a bridge needs to be built between them. "WebSafe is the
bridge from the bank payment network to the Internet.  It combines
the best of both worlds (DES and RSA) into a single unit. And, it's
the only secure DES to RSA translation device available today...
The point is, we're not reinventing here. We're taking proven
technology that has been time tested, under the most demanding
conditions, and applying it to the Internet," states Gary Sabo,
Vice President of Product Management and Marketing for Atalla.

WEBSAFE'S CERTIFICATION AUTHORITY SUPPORT:
HOW TO VOUCH FOR SOMEONE ON THE INTERNET.
One new service that is arising is the need for electronic
notarization by Certification Authorities. They'll provide proof
that you are who you say you are. Major credit card companies, banks,
telecommunications companies and post offices are the most likely
institutions to pick up this role. The WebSafe is designed to be the
cornerstone for supplying cryptographic services for Certification
Authorities.

WEBSAFE'S SECURE KEY MANAGEMENT.
When most people talk about cryptographic security, they're talking
about a single key type. It's impossible to have security with this
method. There must be different keys for different functions. Atalla
employs a key architecture that includes hierarchal support for a wide
variety of key types, such as: Key exchange key, data encryption (DES
and RSA), PIN data, Message Authentication Code (MAC), digital
signatures, and certificates. Applying different key types for
different functions restricts how a key is used and can prevent a
security system from being spoofed into giving up secret data.
This way, even through the most complicated series of transactions,
your data is kept secure.  Founded in 1972 and acquired in 1987
by Tandem Computers Corporation, Atalla designs, manufacturers
and supports secure on-line transaction automation systems for
financial, retail and business applications. Atalla's products
include POS/POE credit/debit payment terminals, check readers,
security processors for the Internet and other networks, customer
authorization and PIN selection terminals and secure enrollment
products for banks, retailers and state EBTs. The company is
headquartered at 2304 Zanker Road, San Jose, CA 95131.
Phone: (408) 435-8850, (800) 523-9981. Fax: (408) 435-1116.