Netrust Offers Enhanced Functionality with the Latest Entrust/PKI™6.0

Following Entrust© Technologies' announcement of the commercial availability of its flagship Entrust/PKI™ 6.0 software and Desktop Solutions 6.0, Netrust now brings to customers in South East Asia the enhanced functionalities of Entrust's latest offering.

While core features such as automatic and transparent key and certificate management, key backup and recovery and real-time revocation, as well as the ability to issue and manage certificates for users, applications and network devices, continue to anchor the Entrust/PKI market leadership position, new policy management capabilities and security features in Entrust/PKI 6.0 will bring organizations increased control and flexibility for their e-business transactions:

PKI Networking: PKI Networking is critical for business-to-business e-commerce as it allows for trusted transactions between two organizations' networks. One feature of PKI Networking is cross-certification to allow users of one PKI to trust transactions from another. Entrust/PKI 6.0 will include support for both hierarchical and peer-to-peer cross-certification to allow organizations to build a PKI network of their choosing.
Automatic CA Key Update: This process allows administrators to choose the appropriate CA key lifetime and algorithm for their organization while making that policy transparent to the end user.
Expanded Algorithm Support: Entrust/PKI 6.0 will support an expanded range of algorithms including the addition of elliptic curve DSA, IDEA 128-bit symmetric cipher, RIPEMD and RSA 2048 signing.

RA Policy Controls: The RA (Registration Authority) performs the registration and ongoing administration of users within a PKI. New policy controls in Entrust/PKI 6.0 allow organizations to create RA operator roles with defined responsibilities which contribute to a more flexible organizational structure, improved security and increased administrator efficiency.

User Policy Management: Organizations have the ability to set policy to match their needs, including choice of algorithms and mandating the use of hardware tokens.

Intel RNG Support: Entrust/PKI 6.0 will support the hardware-based Intel® Random Number Generator (RNG) which is included in the Intel® 810 Chipset and will be included in all future Intel 8xx series chipsets.
In addition, two new complementary PKI products will lower the cost of user registration and improve user mobility:
Entrust/Roaming™ extends the capabilities of Entrust/PKI 6.0 to deliver a flexible mobile solution for end users to access their credentials from a centrally managed directory without the need for additional authentication mechanisms such as smart cards or tokens. Entrust/Roaming uses SPEKE™, the Simple Password Exponential Key Exchange protocol, which Entrust Technologies has licensed from Integrity Sciences Inc.,
(see: http://www.IntegritySciences.com/PKI50.html) to ensure the security of mobile access by establishing a full-strength key using an easily-memorized password for authentication. When the roaming-enabled user wants to begin work on an independent PC or kiosk, they simply type the name of their profile and password and are quickly able to begin working. When the user logs out, their credentials are automatically and securely deleted from desktop memory.
Entrust/AutoRA™ eliminates administrator involvement in user enrollment and user authentication by providing flexible Web-based self-registration and automatic authentication for users. These cost-effective processes help quicken the addition of users to Entrust/PKI to enable more efficient deployment for customers.

Entrust/PKI 6.0 is also designed to work in concert with Entrust Technologies' Desktop Solutions 6.0 (which includes includes solutions for trusted e -mail, desktop, Web, and Enterprise Resource Planning), Entrust-Ready™ third-party applications, and other applications and devices designed to work with digital certificates.

These new security features, policy controls and complementary products will no doubt bring value-added trust solutions to your e-business.

Existing core features:

Entrust/Entelligence Software - Entrust/Entelligence software performs day-to-day cryptographic operations on behalf of the end user. Entrust/Entelligence hides the complexity of cryptography from end users and provides the necessary desktop functionality across Entrust-Ready applications.
Flexible certificates - X.509 v3 extensions allow customized user certificates by defining fields that hold information that is specific to the organization; for example, a user's certificate could include the user's signing authority which is verified by an electronic forms application prior to authorizing an expenditure;

Centrally Managed Password Rules - enhanced ability for Security Officers to configure password rules for users, including number of characters required, time limit for passwords, and the number of prior passwords that cannot be re-used;
Single Login - only one login required for all applications that use security services from Entrust/PKI;
Anti-Virus Software Support - automatic checking of viruses prior to decryption in any application that uses security services from Entrust/PKI;
CA cryptographic hardware - support for the Atalla Signmaster™/ASM device to provide enhanced protection for the CA signing key;
Cross-Certification - ability to cross-certify via PKCS #10 to provide interoperability with other CA products; and
Enhanced Reporting Services - ability to create flexible and customizable reports on key and certificate activity and automate reports to run at specific time periods.