Voltage Security has an encryption plan that it says avoids the need for cumbersome databases of public keys and certificates, by making public keys as needed, from users' identities.
The company also has an e-mail security service which it thinks will have another unexpected result - persuading users to adopt extra security on top of their companies' policies.
Voltage's identity-based encryption architecture has been proposed as an IETF standard, and is based on an idea by Adi Shamir (co-creator of the RSA algorithm).
"It makes ad hoc secure conversations possible," said Wasim Ahmad, vice president of marketing at the company, which spun off from academic research at Stanford University.
Normal public key infrastructures are based on public keys which have been generated and stored before their use. An identity-based scheme uses a "just-in-time" key generated from an identity, which may be as simple as an email address. Banks, for instance could generate a public key for their customers, based on the address they have in their database.
The scheme is already in use in the U.K. Customers include insurance company ING, which uses it to secure communications with agents.
Voltage launched SecureFile, an on-demand SaaS secure document service at the RSA security event in San Francisco earlier this month, which users can subscribe to. It is aimed at individuals such as insurance agents, but is also being used by groups within organizations that need to set up secure communications to project groups including outside consultants, said Ahmad.
"Centralized IT can take a long time to provide what a group needs, but a group can use SecureFile to ramp up the project straight away," said Ahmad.
Other tools the company offers include "same format encryption", which encrypts data within a database while keeping it in the same "shape" and format. This means that credit card numbers can be kept private, but the database still contains data that matches business rules, so it can be worked on by developers and outsourcers, and even by call center staff, without credit card details being revealed to anyone without clearance.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment