VeriSign CEO Calls for Open Authentication | eWeek

VeriSign CEO Calls for Open Authentication

Écrit par
Matthew Hicks
Matthew Hicks
Feb 25, 2004
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

SAN FRANCISCO—With security threats slowing the adoption of promising new technologies, the time has come for the security industry to move away from proprietary technologies and embrace open and interoperable standards for authentication, said VeriSign Inc. Chairman and CEO Stratton Sclavos.

Speaking here at the RSA Conference 2004 on late Wednesday, Sclavos used his keynote presentation to tout a VeriSign-led initiative called the Open Authentication Reference Architecture, or OATH, as a path toward standards-based authentication. VeriSign launched OATH at the RSA show on Monday.

“It is time to rethink authentication,” Sclavos said. “A fundamental shift needs to be made from proprietary systems to open solutions.”

Propelling the shift is the drag that security threats has on the adoption of new technologies. WiFi, Web services, voice over IP and radio frequency identification are among the technologies being slowed because of security concerns, he said.

Along with more interoperability, the IT security industry needs to offer enterprises better visibility and intelligence about potential security threats and remove the complexity for end users, Sclavos said.

“If given a choice, our end users will always choose ease of use over better security,” he said. “So we better make it easy.”

With OATH, Sclavos explained, VeriSign has offered a reference architecture for authentication using a universal key recognized among applications, on multiple devices and across internal and external networks.

As part of that strategy, VeriSign earlier in the day announced a partnership with Microsoft Corp. for tying VeriSigns authentication services into Windows Server 2003 by this summer. Sclavos said that the combined offering will be OATH-compliant.

Sclavos demonstrated the VeriSign-Microsoft offering, showing both how a network administrator can provision user credentials using Active Directory and Microsofts Management Console and how an end user could be authenticated while in the office and on the road using an OATH-complaint hardware token.

The USB token demonstrated was Aladdin Knowledge Systems Inc.s eToken NG with One-Time Password, which will be part of VeriSigns April beta of the authentication service. The token combines a PKI store with one-time password functionality.

The OATH initiative will be developing new standards over the next six months as well as adding new partners, from application and infrastructure vendors to hardware makers, Sclavos said.

“It gives the ability to strongly authenticate every user, on every device they have and on every network they transverse,” Sclavos said of OATH. “We need the ability to make the network secure by only letting good people, good content and good devices on board.”

/zimages/3/28571.gifCheck outeWEEK.coms Security Centerat http://security.eweek.com for security news, views and analysis.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.